New ‘WastedLocker’ Ransomware Released by Evil Corp

Jul 2, 2020 10:45:13 PM By Stu Sjouwerman

The group associated with the Zeus trojan, Locky and BitPaymer looks to have debuted a new ransomware and have already seen massive distribution of it in the wild.

Half of all Remote Employees Aren’t the Slightest Bit Prepared for Cyberattacks

Jul 2, 2020 10:36:53 PM By Stu Sjouwerman

New data from IBM suggests that employees, their devices, training, and organizational policies are all lacking when it comes making sure remote workers don’t become a victim of ...

Microsoft 365 Phishing Attacks Masterfully Use Brand Name Sites to Establish Legitimacy

Jul 2, 2020 10:13:11 PM By Stu Sjouwerman

New voicemail phishing scam uses legitimate branded domains from companies like Samsung and Adobe to facilitate redirects to compromised websites intent on stealing credentials.

Business Email Compromise Attacks Focused on Invoice Fraud Surge by 75%

Jul 2, 2020 9:59:40 PM By Stu Sjouwerman

As attacks on the C-Suite decline, new data shows that employees in finance department roles are critical to the success of shifts in attack campaign strategy.

June Content Update: Including New Roger Grimes Video Series on Data-Driven Defense

Jul 2, 2020 3:41:59 PM By Stu Sjouwerman

Here are a few important content updates to share with you for the month of June.

Looking for Binge-Worthy Viewing Options This Summer?

Jul 2, 2020 1:03:12 PM By Stu Sjouwerman

Looking for some binge-worthy watching this summer? We've got just what you're looking for! Check out this innovative new security awareness video series called ‘The Inside Man’.

Elections In Russia Mean 16 More Years Of Job Security For InfoSec Pros

Jul 2, 2020 8:44:56 AM By Stu Sjouwerman

Russian voters have overwhelmingly backed a ploy by President Vladimir Putin to rule until 2036 in a referendum.

A "Secure DNS" Scam: an Upgrade that's a Downgrade

Jul 1, 2020 8:27:47 AM By Stu Sjouwerman

A phishing campaign is targeting website owners with convincing, personalized emails that purport to come from WordPress, Naked Security reports. The emails claim that WordPress is ...

COVID-19 Related Phishing Scams Target Passport Details

Jun 30, 2020 10:58:28 AM By Stu Sjouwerman

The Coronavirus phishing scams have only gotten more aggressive and targeted now than ever before, InfoSecurity Magazine reports. Now researchers at Griffin Law are tracking self-employed ...

Australia Spending Nearly $1 Billion on Cyberdefense as China Tensions Rise

Jun 30, 2020 10:09:06 AM By Stu Sjouwerman

The NY Times reported some surprising numbers: "Officials promised to recruit at least 500 cyberspies and build on the country’s offensive capabilities to take the online battle overseas. ...

CyberheistNews Vol 10 #27 [Heads Up] How Slack Phishing Works - The Latest Tricky Attack Vector

Jun 30, 2020 9:17:31 AM By Stu Sjouwerman

Phishing in Irish Streams

Jun 30, 2020 8:24:18 AM By Stu Sjouwerman

Netflix is warning users in Ireland to be on the lookout for another phishing campaign that’s impersonating the streaming service, Extra.ie reports. The emails inform recipients that ...

It's the Best of 2020! Cyber CSI: Learn How to Forensically Examine Phishing Emails to Better Protect Your Organization

Jun 29, 2020 3:10:24 PM By Stu Sjouwerman

Roger Grimes' lesson on how to forensically examine phishing emails received the highest viewer rating of any webinar so far this year. In case you missed it, make sure to watch this ...

60% of Organizations are Hit by Cyberattacks Spread by Their Own Employees

Jun 29, 2020 8:37:16 AM By Stu Sjouwerman

The unwitting participant appears to be alive and well, based on new data from security vendor Mimecast. With employees being the source of attack surface expansion, what’s an org to do?

New Sextortion Method Uses Social Engineering and Doxing To Identify and Target Victims

Jun 29, 2020 8:33:43 AM By Stu Sjouwerman

According to the SANS Internet Storm Center, cybercriminals are engaging their victims online, using social engineering tactics to collect needed details to extort money.

New Dropbox-Based Pandemic Relief Payment Scam Targets U.K. Microsoft 365 Users, Bypassing Email Security

Jun 29, 2020 8:30:45 AM By Stu Sjouwerman

Using a Dropbox Transfer page, this new scam presses all the urgency buttons while eluding detection as being malicious in an effort to steal the victim’s online credentials.

Hit Them When They're Down: Two Cyberattacks Leave Operations Halted with a Ransom to Pay

Jun 29, 2020 8:26:48 AM By Stu Sjouwerman

A recent cyberattack on Australian beverage manufacturer Lion demonstrates how even a modicum of precaution after an attack can spell doom for operations.

One Letter Away: Impersonation, Bitcoin, and Phishing Expeditions

Jun 29, 2020 8:21:19 AM By Stu Sjouwerman

KrebsOnSecurity reports that a phishing website has been impersonating the private messaging service Privnote.com in order to steal Bitcoin. The real Privnote is a free site that allows ...

Phishing Attacks Significantly Increase in Singapore During COVID-19 Pandemic

Jun 26, 2020 8:55:57 AM By Stu Sjouwerman

The number of phishing attacks in Singapore to give up personal information has almost tripled in the last year and doubled during the COVID-19 pandemic, according to the Cybersecurity ...

Work From Home in America Sets Major Target for Russian Hackers

Jun 26, 2020 8:55:36 AM By Stu Sjouwerman

A Russian ransomware group named "Evil Corp" who was indicted by the Justice Department in December is now targeting employees working from home during the COVID-19 pandemic and ...

Security Awareness Training Blog

View Topics