[HEADS UP] Russian Intelligence Officers Charged With Hacking

Oct 20, 2020 10:21:51 AM By Stu Sjouwerman

In a recent article by the Wall Street Journal, U.S. prosecutors charged six Russian intelligence officers who are accused of engaging in the most destructive cyber attacks of recent ...

CyberheistNews Vol 10 #43 There's a Whole War Going On: The New HBO Film Tracing 10 Years of Cyber Attacks

Oct 20, 2020 9:37:33 AM By Stu Sjouwerman

The Geography of Business Email Compromise

Oct 20, 2020 8:35:05 AM By Stu Sjouwerman

Researchers at Agari have released a report on the global distribution of business email compromise (BEC) actors, and determined that 25% of these criminals are operating from within the ...

Threat Actors Take Advantage of Exchange Online and Outlook on the Web with New Levels of Sophistication

Oct 20, 2020 8:29:36 AM By Stu Sjouwerman

New insight from Accenture Security highlights specific ways attackers are changing their tactics to make Microsoft’s email platform a tool rather than an obstacle for phishing attacks.

Another Office 365 OAuth Attack Targets Coinbase Users to Gain Compromised Email Access

Oct 20, 2020 8:25:10 AM By Stu Sjouwerman

The latest attack attempts to trick Office 365 users that use Coinbase into giving access to their mailbox via a Consent app rather than trying to steal their credentials.

The Risk of Redirector Domains in Phishing Attacks

Oct 19, 2020 8:25:03 AM By Stu Sjouwerman

Researchers at GreatHorn warn that a large-scale phishing campaign is using open redirects to evade email security filters. Open redirects allow attackers to take a URL from a ...

Security Awareness Training Compliance and .GOV

Oct 17, 2020 9:55:32 AM By Stu Sjouwerman

A customer sent me the following observation which is something I have been trying to get across for the last 10 years: "I found this interesting – and potentially disconcerting. This ...

5 Cyber Security Awareness Month Tips for Cybersecurity Professionals

Oct 15, 2020 1:39:49 PM By Javvad Malik

It’s Cyber Security Awareness Month which is a great time of year for everyone to dispense security wisdom like Oprah giving away cars.

The Secret to This Email Phishing Campaign is Volume

Oct 15, 2020 8:24:12 AM By Stu Sjouwerman

FireEye says a newly characterized cybercriminal gang, FIN11, has been launching widespread email phishing campaigns for the past four years. The group isn’t particularly sophisticated, ...

Q3 2020 Top-Clicked Phishing Subjects: Coronavirus-Related Attacks Still Prevalent [INFOGRAPHIC]

Oct 15, 2020 8:00:00 AM By Stu Sjouwerman

KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. These are broken down into three different categories: social media related subjects, general subjects, ...

Two-Month Email Compromise and Impersonation Attack Results in a $15M Take

Oct 14, 2020 3:30:05 PM By Stu Sjouwerman

Read how one unnamed company fell victim to a scam that’s been repeated many times over the last few years, but never with such a massive payoff at the end.

Fake Social Media Verification Scams Are the Gateway to Something Much More Sinister

Oct 14, 2020 3:27:01 PM By Stu Sjouwerman

Using copyright violation threats or the lure of obtaining a blue checkmark to verify your account, the latest scams easily trick victims out of their social media credentials.

FINRA Yet Again Becomes the Impersonated Brand at the Center of Phishing Attacks on Brokerage Firms

Oct 14, 2020 3:24:23 PM By Stu Sjouwerman

A mix of domain, phishing emails, a dash of social engineering, and a survey are the recipe for a simple and yet effective campaign targeting the financial sector.

[HEADS UP] Ransomware Attacks Skyrocket During COVID-19

Oct 14, 2020 2:12:55 PM By Stu Sjouwerman

2020 has been no match for organizations worldwide, including the significant increase of ransomware attacks during the COVID-19 pandemic. As organizations continue to work in a remote ...

Trends in Malicious Attachments Used in Phishing Emails

Oct 14, 2020 8:26:32 AM By Stu Sjouwerman

People need to be familiar with the types of malicious attachments used in phishing emails, according to Lawrence Abrams at BleepingComputer. One of the most common methods of installing ...

[eSummit] Your Cybersecurity Awareness Month Action Plan

Oct 13, 2020 10:23:07 AM By Stu Sjouwerman

Cyber threat actors are getting more creative and more skilled at hacking the human. That's why we've created this cybersecurity eSummit to look at evolving attack techniques your end ...

CyberheistNews Vol 10 #42 New Office 365 Phishing Attack Checks Your Stolen Credentials in Real-Time

Oct 13, 2020 9:32:27 AM By Stu Sjouwerman

Sophisticated Mercenary Group Excels at Social Engineering

Oct 13, 2020 8:23:24 AM By Stu Sjouwerman

An extremely skilled group of hackers-for-hire dubbed “Bahamut” is using sophisticated social engineering tactics against a range of targets around the world, researchers at BlackBerry ...

Cybersecurity Awareness Month Weekly Tip: Password Security

Oct 13, 2020 7:00:00 AM By Stu Sjouwerman

Each week during Cybersecurity Awareness Month, we’re going to be sharing in-depth weekly cybersecurity tips from our evangelists to help your users make smarter security decisions and ...

Microsoft 365 vs. Office 365: What’s the difference?

Oct 12, 2020 1:06:05 PM By Stu Sjouwerman

There is a lot to be said for consistency in product names, but when you have dozens of products with multiple versions of each, similar names can get confusing fast. We’re looking at ...

Security Awareness Training Blog

View Topics