[Scam Of The Week] Don't Fall For This Tricky: “Start your 2020 with a gift from us”

Jan 13, 2020 7:00:00 AM By Stu Sjouwerman

Paul Ducklin at Naked Security warned us about a scam that just surfaced and promises a gift by courier from overseas where the other person hasn’t told you what they’re sending – the ...

REvil Ransomware: "Pay Us One Way Or The Other!"

Jan 10, 2020 12:36:42 PM By Stu Sjouwerman

The Wall Street Journal and Bleeping Computer reported that Travelex, a foreign-currency exchange company, was hit by the ReVil/Sodinokibi actors on New Year's Eve and that its network ...

Cybercriminal Offers a “How To” Guide for Robbing Banks; Uses Cayman National Bank as the Example

Jan 10, 2020 10:05:49 AM By Stu Sjouwerman

This latest document from notorious hacker Phineas Phisher, along with a leaked report from PwC, shows how easy it is for a bank to be hacked and defrauded.

Phishing Attacks Impersonating Canadian Banks Work So Well, the Campaign Has Been Running for Two Years

Jan 10, 2020 9:56:20 AM By Stu Sjouwerman

As part of a massive ongoing phishing campaign, the same group of attackers leverage hundreds of lookalike phishing websites to steal from unsuspecting banking customers. Security ...

The Top 5 Eyeopener Strategies To Improve Your IT Defenses And Keep Bad Guys Out Of Your Network

Jan 9, 2020 4:16:06 PM By Roger Grimes

Last year, in 2019 according to CVEdetails, there were 12,174 new, publicly announced vulnerabilities. If that sounds like a high number, it’s a lot less than the previous two years. We ...

Bahrain’s National Oil Company Hit by Iranian "DustMan" Data Wiper

Jan 9, 2020 2:43:30 PM By Stu Sjouwerman

The Bahrain National Oil Company was attacked by Iranian state-sponsored hackers implanting a destructive data wiper nicknamed "DustMan."

New Office 365 Phishing Attack Targets OAuth Apps Instead of Credentials

Jan 9, 2020 8:43:14 AM By Stu Sjouwerman

Trying to steal your username and password is so “yesterday.” The 2020 Hacker is now leveraging Office 365 OAuth APIs to gain control over user mailboxes with phishing tactics.

The Better the Phishing Protection Gets, the More Sophisticated Phishing Attacks Are Getting

Jan 9, 2020 8:34:29 AM By Stu Sjouwerman

Microsoft’s review of how phishing has evolved over the last year highlights some of the great lengths attackers will go to in order to avoid being detected as a phishing campaign.

Scammer Who Tricked Facebook and Google Out of $120 Million Gets 5 Years in Jail

Jan 9, 2020 8:29:01 AM By Stu Sjouwerman

The Lithuanian hacker who ran the most notorious, simplest, and most lucrative email-based social engineering fraud scam has been brought to justice and will be serving time and paying ...

Of Course, Scammers Exploit Fears of Iranian Hacking

Jan 9, 2020 8:23:29 AM By Stu Sjouwerman

A new phishing campaign is attempting to frighten people into handing over their credentials by claiming Microsoft was hacked by Iran, BleepingComputer reports. The campaign is ...

JudicialWatch: "Epidemic of Government Employees Watching Porn on Taxpayer Time"

Jan 9, 2020 7:55:43 AM By Stu Sjouwerman

I'd like to point at a type of security behavior that is enormously risky. Judicial Watch just released a post that's a major heads-up for anyone: "An epidemic of federal employees ...

Articles and updates from the KnowBe4 Technical Content Team Q4 2019

Jan 9, 2020 7:00:00 AM By Stu Sjouwerman

December Content Update: Includes New Versions of Email Exposure Check Pro and Phishing Security Test Tools

Jan 8, 2020 5:36:43 PM By Stu Sjouwerman

Here are a few important updates to share with you from the month of December.

Texas Government Agencies Are Seeing 10,000 Attempted Cyber Attacks Per Minute From Iran. But Is That News?

Jan 8, 2020 10:05:33 AM By Stu Sjouwerman

The Texas Trib wrote yesterday: "Gov. Greg Abbott is warning Texans to be “particularly vigilant” regarding potential cyberterrorism from Iran, suggesting that heightened tensions with ...

Smishing Examples & Defenses

Jan 8, 2020 10:04:15 AM By Roger Grimes

Smishing is phishing via Short Message Service (SMS) on a participating device, usually a cell phone. Long neglected by phishers and spammers, smishing has recently become a very common ...

Mobile Threats Shouldn't be Overlooked

Jan 8, 2020 8:31:11 AM By Stu Sjouwerman

Phishing attacks against mobile devices can be just as damaging to an organization as attacks targeting workstations and laptops, according to a market report by Cyber Security Hub. ...

Encryption Isn’t Your Only Ransomware Problem - There Are Some Other Nasty Issues

Jan 7, 2020 12:05:54 PM By Roger Grimes

Ransomware has become one of the most dreaded problems in the cyber world and it’s only getting worse. Much worse!

Phishing Emails on the Rise as Spear Phishing Continues to Return Bigger Payouts

Jan 7, 2020 8:59:42 AM By Stu Sjouwerman

New data from Microsoft Security Insights sheds some needed light on exactly what the bad guys are doing and how they’re shifting tactics. Sometimes it feels like the bad guys are ...

Smishing and Deepfakes Top the List of Cyber Attack Methods Expected in 2020

Jan 7, 2020 8:54:30 AM By Stu Sjouwerman

You want to know what to expect from data breaches, phishing attacks, and other calculated methods in 2020? There’s no better source than Experian’s seventh-annual Data Breach Industry ...

Business Email Compromise Attack Uses a “Man-in-the-Middle” Email Attack to Steal $1M

Jan 7, 2020 8:49:03 AM By Stu Sjouwerman

Dubbed the “ultimate” Man-in-the-Middle attack by security researchers at Checkpoint, this CEO fraud attack shows how brazen cybercriminals can be – and how organizations need to be ...

Security Awareness Training Blog

View Topics