New Vishing Attacks Pretend to Be Internal IT to Scam Users from Financial Firms Out of Their Credentials

Aug 25, 2020 10:34:04 AM By Stu Sjouwerman

Dozens of banks, cryptocurrency exchanges, and web hosting firms have experienced vishing attacks aimed at eventually stealing cryptocurrency from high net-worth customers.

CyberheistNews Vol 10 #35 [Heads Up] Watch Out for OAuth Phishing Attacks and How You Can Stay Safe

Aug 25, 2020 9:39:49 AM By Stu Sjouwerman

[HEADS UP] There's No Beta for Cyberpunk 2077

Aug 25, 2020 8:26:54 AM By Stu Sjouwerman

Scammers are sending phishing emails purporting to offer beta access to the highly anticipated video game Cyberpunk 2077, Eurogamer reports. These scams have been occurring for at least a ...

Phishing Summit - Mitigation, Forensics and Eye-opening Phishing Research

Aug 25, 2020 7:00:00 AM By Stu Sjouwerman

Looks like things are getting crazier by the month, right? The recent Twitter attack shows that all organizations are susceptible to social engineering attacks. Unfortunately, very few ...

An Embarrassment of Riches: Malicious Actors Target AWS Accounts

Aug 24, 2020 8:26:26 AM By Eric Howes

Amazon is an obvious target for malicious actors looking to leverage the trust and authority enjoyed by a widely known online service or brand in malicious emails and social engineering ...

Conversations with a Phisher

Aug 24, 2020 8:20:51 AM By Stu Sjouwerman

Phishing campaigns display varying levels of sophistication depending on how much time and effort the attackers are willing to invest in a particular target, according to Steven Murdoch, ...

[Heads Up] DarkSide: Sophisticated New Customized Ransomware Strain Demands Millions Of Dollars

Aug 23, 2020 9:07:16 AM By Stu Sjouwerman

Breaking News: A new ransomware operation named DarkSide began attacking organizations earlier this month with customized attacks that have already earned them million-dollar payouts. But ...

Ukrainian Gang Responsible for Laundering More Than $42 Million Arrested as Part of Operation “Bulletproof Exchanger”

Aug 20, 2020 5:30:11 PM By Stu Sjouwerman

A group of cybercriminals responsible for helping ransomware gangs convert their cryptocurrency into cash were arrested in June, according to new details released this week.

New Vishing Scam Targets Diners at London’s Prestigious Ritz Hotel

Aug 20, 2020 5:23:47 PM By Stu Sjouwerman

Aimed at stealing credit card details from restaurant patrons, this new scam feels like it’s something we’re going to hear about a lot more.

The Seven Dimensions of Security Culture: Attitudes

Aug 20, 2020 5:15:35 PM By Javvad Malik

KnowBe4’s Security Culture Report is the result of data collected from 120,000 global employees in the following industries: Banking, Financial Services, Insurance, Consulting, Business ...

The Most Effective Attacks Are Often the Simplest

Aug 20, 2020 8:26:53 AM By Stu Sjouwerman

The recent Twitter hack shows that devastating security breaches don’t always involve sophisticated actors or methods, according to Rachel Tobac, CEO of SocialProof Security. On the ...

Watch Out for OAuth Phishing Attacks and How You Can Stay Safe

Aug 19, 2020 3:53:03 PM By Roger Grimes

A steadily growing phishing trend involves phishing emails which attempt to modify your OAuth permissions. Simply clicking on one Allow button or hitting ENTER by mistake can ...

Your Vishing Attack Surface Has Exploded And Voice Phishers Now Target Your Corporate VPN

Aug 19, 2020 10:34:50 AM By Stu Sjouwerman

Brian Krebs wrote: "The COVID-19 epidemic has brought a wave of email phishing attacks that try to trick work-at-home employees into giving away credentials needed to remotely access ...

KnowBe4 Launches New Research Arm With Its First Report on Security Culture

Aug 19, 2020 8:50:52 AM By Stu Sjouwerman

At KnowBe4, we’ve had some exciting news on the horizon for some time now that we’re thrilled to share with you – we’ve created a new research arm called KnowBe4 Research. When we ...

Social Media Doppelgangers Strike Again

Aug 19, 2020 8:27:24 AM By Stu Sjouwerman

Most people would be surprised by how easy it is to scam people online using duplicate versions of public accounts, according to Jake Moore, a security specialist at ESET. Moore describes ...

U.K. National Health Service Targeted with Over 40,000 Email Scams Aimed at Stealing Patient Data

Aug 18, 2020 4:49:59 PM By Stu Sjouwerman

The last few months have been very busy for cyber attackers targeting the NHS, as the number of phishing emails reported within the NHS shows a continual barrage of attacks.

Phishing Site Takes Brand Impersonation to a Whole New Level Pretending to be FINRA

Aug 18, 2020 4:47:31 PM By Stu Sjouwerman

Most scammers simply grab a company logo, or perhaps a logon page to make it appear like the website used as part of a scam is legitimate. But how about an entire website?

[HEADS UP] Carnival Corp. is the Next Victim of a Ransomware Attack

Aug 18, 2020 2:19:05 PM By Stu Sjouwerman

Carnival Corporation said it detected a ransomware attack that accessed and encrypted a portion of one brand’s information technology systems over this past weekend, according to Cruise ...

Credential Stuffing Attacks Shut Down Canada's Revenues Service

Aug 18, 2020 12:47:25 PM By Stu Sjouwerman

The Canada Revenue Agency is investigating two online hacking incidents affecting the personal information of thousands of Canadians, according to CBC News.

U.K. Firms Have Dismissed Employees for Breaching Cybersecurity Policy Since COVID-19 Pandemic

Aug 18, 2020 11:23:11 AM By Stu Sjouwerman

Almost two-fifths of business decision-makers have fired employees because of a cybersecurity policy breach since the pandemic began, a survey has found.

Security Awareness Training Blog

View Topics