Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

Threat Group DeathStalker Uses PowerShell-based Implant Powersing to Hack into Financial Services Firms

Sep 2, 2020 8:23:15 AM By Stu Sjouwerman
Apparently focused on more intelligence gathering than taking direct malicious action against the organizations they compromise, this attack is filled with ingenuity.
Continue Reading

August Fresh Content Updates from KnowBe4: Including New Disinformation Training Content for Your Users

Sep 2, 2020 8:16:50 AM By Stu Sjouwerman
Here are a few important feature and fresh content updates to share with you for the month of August.
Continue Reading

CEO Fraud Wire Transfer Losses Soar 48% in Q2 2020

Sep 1, 2020 10:39:48 AM By Stu Sjouwerman
Business email compromise attacks—aka CEO Fraud— have taken shape this year, and according to Agari wire transfer losses have significantly increased by 48% in Q2 2020. The average losses ...
Continue Reading

CyberheistNews Vol 10 #36 [FUN] What (Really) Happens When You Type in a URL in an Address Bar in a Browser?

Sep 1, 2020 9:44:18 AM By Stu Sjouwerman
CyberheistNews Vol 10 #36 [FUN] What (Really) Happens When You Type in a URL in an Address Bar in a Browser? I saw this post on Twitter with a fun and educational infographic that shows ...
Continue Reading

The Heart has Its Reasons, but Those Shouldn't Become an Enterprise Risk

Sep 1, 2020 8:26:15 AM By Stu Sjouwerman
The FBI has warned that victims of romance scams lost $475 million in 2019, BleepingComputer reports. In Idaho alone, nearly one hundred of these victims lost more than $1 million each. ...
Continue Reading

How to Defend Against Phishes Coming from Trusted Partners

Aug 31, 2020 9:54:51 AM By Roger Grimes
One of the most frequent concerns I hear from IT security practitioners and CISOs is the rise of phishing attacks coming from compromised trusted partners and contractors. The attackers ...
Continue Reading

Phishing with Slack-Files.com: Bad Guys Find Yet Another Free Host for Malicious Files

Aug 31, 2020 9:44:00 AM By Eric Howes
Slack, the ubiquitous communication and collaboration platform, has been getting more and more attention over the past few months as a potential phishing platform and target for malicious ...
Continue Reading

QBot is Back With New Phishing Tricks

Aug 31, 2020 8:22:24 AM By Stu Sjouwerman
Researchers at Check Point warn that the QBot banking Trojan now has the ability to hijack email threads on infected devices and send malicious emails to the victim’s contacts. The ...
Continue Reading

The U.K. is Under Massive Cyberattack and They Are Nowhere Near Prepared

Aug 28, 2020 4:26:35 PM By Stu Sjouwerman
New insights into the cybersecurity readiness of U.K. organizations shows cyberattacks are plentiful and costly, and there aren’t enough cybersecurity pros to help.
Continue Reading

Funding for startup U.K. Cybersecurity Firms has Increased by 940% Since Lockdown

Aug 28, 2020 4:22:11 PM By Stu Sjouwerman
Yes, 940%. The demand for cybersecurity has risen so much since COVID, that the U.K. is seeing a new cybersecurity business registered every week and massive job vacancies.
Continue Reading

Australian Financial Services Company is Sued for Repeatedly Being Hacked… and Doing Zero About It

Aug 27, 2020 2:12:10 PM By Stu Sjouwerman
The Australian Securities and Investments Commission (ASIC) is suing RI Advice Group for being hacked multiple times over a year’s time that includes 155 hours of undetected hacker ...
Continue Reading

One-Fifth of Organizations Have Experienced a Security Breach Due to Their Remote Workforce

Aug 27, 2020 2:07:40 PM By Stu Sjouwerman
Having a remote workforce has been keeping organizations running, but new data puts a spotlight on the realities of what preparations were taken and whether organizations are truly secure.
Continue Reading

New Lazarus Spearphishing Attack on Crypto Organizations Uses a LinkedIn Job Posting as its Front

Aug 27, 2020 2:03:45 PM By Stu Sjouwerman
What better way to gain complete control over a crypto organization’s network that to target their sysadmin with a Job Posting and then spear phish them?
Continue Reading

Tesla and the FBI just prevented a $1 million ransomware hack at the Nevada Gigafactory

Aug 27, 2020 10:01:34 AM By Stu Sjouwerman
Fred Lambert at Electrek just reported on a story we published Aug 26th, and he reveals who was targeted: "Tesla and the FBI worked together to prevent a group of ransomware hackers from ...
Continue Reading

The Bureau Explains How Tech Support Scams Work

Aug 27, 2020 8:51:03 AM By Stu Sjouwerman
Tech support scams function like organized businesses and consist of various criminals fulfilling different roles, according to court documents obtained by ZDNet. The documents contain ...
Continue Reading

Russian Charged With Trying to Recruit Employee to Plant Ransomware in US Company

Aug 26, 2020 4:03:17 PM By Stu Sjouwerman
Michael Kan at PC Mag reported: "According to the FBI, Egor Igorevich Kriuchkov promised to pay as much as $1 million to the employee to help his shadowy group steal data from a ...
Continue Reading

Recent Phishing Scam Sends Uncertain Employment and Bogus Layoff Notices

Aug 26, 2020 8:29:00 AM By Stu Sjouwerman
Scammers have been exploiting people’s fears by posing as HR employees and sending emails informing recipients that they’ve been laid off, according to Kaspersky’s spam and phishing ...
Continue Reading

What happens when you type in a URL in an address bar in a browser?

Aug 25, 2020 11:20:38 AM By Stu Sjouwerman
I saw this post on twitter with a fun and educational infographic that shows it's quite a complicated affair where lots of things can go wrong. Here is the infographic, and if you click ...
Continue Reading

Watch Out! Cybersecurity and Infrastructure Security Agency Warn of New VBA Attack Designed to Deploy KONNI Remote Administration Tool

Aug 25, 2020 10:42:10 AM By Stu Sjouwerman
A new alert from CISA outlines just how dangerous and intrusive the KONNI malware is in organizations that fall for phishing attacks using Word attachments with malicious VBA code.
Continue Reading

[Heads Up] Weaponized Disinformation Campaigns Skyrocket; KnowBe4 Releases New Spot & Stop DisInfo Training Module

Aug 25, 2020 10:40:29 AM By Stu Sjouwerman
Disinformation is a potent weapon in the current cold cyberwar arsenal. DisInfo attacks are skyrocketing and the number of countries using organized social media manipulation is going up ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews