Check Your Email Rules for Maliciousness

Sep 2, 2020 4:07:15 PM By Roger Grimes

Email rules have been used maliciously for decades. Learn about email rules and what you need to do to defend your organization against their malicious misuse.

New Botnet Promising Free Shoes as Phishbait

Sep 2, 2020 8:34:26 AM By Stu Sjouwerman

Researchers at WhiteOps warn that a family of malicious Android apps are spreading a new ad-fraud botnet by promising free shoes and other products to users who install the apps. The ...

Organizations Aren’t Prepared to Recover from Cyberattacks on Active Directory

Sep 2, 2020 8:26:55 AM By Stu Sjouwerman

Cybercriminals are increasingly leveraging Active Directory to spread malware and even hold the organization for ransom. New data suggests you’re nowhere near ready for it.

Threat Group DeathStalker Uses PowerShell-based Implant Powersing to Hack into Financial Services Firms

Sep 2, 2020 8:23:15 AM By Stu Sjouwerman

Apparently focused on more intelligence gathering than taking direct malicious action against the organizations they compromise, this attack is filled with ingenuity.

August Fresh Content Updates from KnowBe4: Including New Disinformation Training Content for Your Users

Sep 2, 2020 8:16:50 AM By Stu Sjouwerman

Here are a few important feature and fresh content updates to share with you for the month of August.

CEO Fraud Wire Transfer Losses Soar 48% in Q2 2020

Sep 1, 2020 10:39:48 AM By Stu Sjouwerman

Business email compromise attacks—aka CEO Fraud— have taken shape this year, and according to Agari wire transfer losses have significantly increased by 48% in Q2 2020. The average losses ...

CyberheistNews Vol 10 #36 [FUN] What (Really) Happens When You Type in a URL in an Address Bar in a Browser?

Sep 1, 2020 9:44:18 AM By Stu Sjouwerman

CyberheistNews Vol 10 #36 [FUN] What (Really) Happens When You Type in a URL in an Address Bar in a Browser? I saw this post on Twitter with a fun and educational infographic that shows ...

The Heart has Its Reasons, but Those Shouldn't Become an Enterprise Risk

Sep 1, 2020 8:26:15 AM By Stu Sjouwerman

The FBI has warned that victims of romance scams lost $475 million in 2019, BleepingComputer reports. In Idaho alone, nearly one hundred of these victims lost more than $1 million each. ...

How to Defend Against Phishes Coming from Trusted Partners

Aug 31, 2020 9:54:51 AM By Roger Grimes

One of the most frequent concerns I hear from IT security practitioners and CISOs is the rise of phishing attacks coming from compromised trusted partners and contractors. The attackers ...

Phishing with Slack-Files.com: Bad Guys Find Yet Another Free Host for Malicious Files

Aug 31, 2020 9:44:00 AM By Eric Howes

Slack, the ubiquitous communication and collaboration platform, has been getting more and more attention over the past few months as a potential phishing platform and target for malicious ...

QBot is Back With New Phishing Tricks

Aug 31, 2020 8:22:24 AM By Stu Sjouwerman

Researchers at Check Point warn that the QBot banking Trojan now has the ability to hijack email threads on infected devices and send malicious emails to the victim’s contacts. The ...

The U.K. is Under Massive Cyberattack and They Are Nowhere Near Prepared

Aug 28, 2020 4:26:35 PM By Stu Sjouwerman

New insights into the cybersecurity readiness of U.K. organizations shows cyberattacks are plentiful and costly, and there aren’t enough cybersecurity pros to help.

Funding for startup U.K. Cybersecurity Firms has Increased by 940% Since Lockdown

Aug 28, 2020 4:22:11 PM By Stu Sjouwerman

Yes, 940%. The demand for cybersecurity has risen so much since COVID, that the U.K. is seeing a new cybersecurity business registered every week and massive job vacancies.

Australian Financial Services Company is Sued for Repeatedly Being Hacked… and Doing Zero About It

Aug 27, 2020 2:12:10 PM By Stu Sjouwerman

The Australian Securities and Investments Commission (ASIC) is suing RI Advice Group for being hacked multiple times over a year’s time that includes 155 hours of undetected hacker ...

One-Fifth of Organizations Have Experienced a Security Breach Due to Their Remote Workforce

Aug 27, 2020 2:07:40 PM By Stu Sjouwerman

Having a remote workforce has been keeping organizations running, but new data puts a spotlight on the realities of what preparations were taken and whether organizations are truly secure.

New Lazarus Spearphishing Attack on Crypto Organizations Uses a LinkedIn Job Posting as its Front

Aug 27, 2020 2:03:45 PM By Stu Sjouwerman

What better way to gain complete control over a crypto organization’s network that to target their sysadmin with a Job Posting and then spear phish them?

Tesla and the FBI just prevented a $1 million ransomware hack at the Nevada Gigafactory

Aug 27, 2020 10:01:34 AM By Stu Sjouwerman

Fred Lambert at Electrek just reported on a story we published Aug 26th, and he reveals who was targeted: "Tesla and the FBI worked together to prevent a group of ransomware hackers from ...

The Bureau Explains How Tech Support Scams Work

Aug 27, 2020 8:51:03 AM By Stu Sjouwerman

Tech support scams function like organized businesses and consist of various criminals fulfilling different roles, according to court documents obtained by ZDNet. The documents contain ...

Russian Charged With Trying to Recruit Employee to Plant Ransomware in US Company

Aug 26, 2020 4:03:17 PM By Stu Sjouwerman

Michael Kan at PC Mag reported: "According to the FBI, Egor Igorevich Kriuchkov promised to pay as much as $1 million to the employee to help his shadowy group steal data from a ...

Recent Phishing Scam Sends Uncertain Employment and Bogus Layoff Notices

Aug 26, 2020 8:29:00 AM By Stu Sjouwerman

Scammers have been exploiting people’s fears by posing as HR employees and sending emails informing recipients that they’ve been laid off, according to Kaspersky’s spam and phishing ...

Security Awareness Training Blog

View Topics