NSO spyware ‘targets Big Tech cloud services’

Jul 19, 2019 10:15:28 AM By Stu Sjouwerman

The Israeli company whose spyware hacked WhatsApp has told buyers its technology can surreptitiously scrape all of an individual’s data from the servers of Apple, Google, Facebook, Amazon ...

Lateral Phishing Used To Attack Organizations On Global Scale

Jul 18, 2019 4:55:47 PM By Stu Sjouwerman

Warwick Ashford at ComputerWeekly reported: "Lateral phishing is a growing type of account takeover that has enabled attackers to target more than 100,000 people by hijacking just 154 ...

Whoa Nellie. BEC Scams Average USD 300 Million Per Month In Illegal Transfers

Jul 18, 2019 11:04:26 AM By Stu Sjouwerman

New data compiled by the Financial Crimes Enforcement Network (FinCEN) shows that illegal transactions linked to business email compromise (BEC)—aka CEO Fraud— scams averaged $300 million ...

CBInsights Welcomes KnowBe4 To The Cybersecurity Unicorn Club

Jul 18, 2019 9:51:43 AM By Stu Sjouwerman

CBInsights wrote: "Cybersecurity unicorns (*) are being minted at a faster rate than ever before, and $1B+ valuations are coming through even larger funding rounds. Private companies are ...

Microsoft Notifies 10,000 Customers About Nation-state Cyber Attacks

Jul 18, 2019 9:43:43 AM By Stu Sjouwerman

In an article about cyber security related to voting machines, an interesting snippet of information surfaced: “Microsoft said it has notified almost 10,000 customers in the past year ...

SANS Security Awareness Report Highlights the Rising Era of Awareness Training

Jul 18, 2019 8:40:14 AM By Stu Sjouwerman

SANS Security Awareness, a division of SANS Institute, announced they have released their new 2019 Security Awareness Report. In its fifth consecutive year, this very useful annual report ...

[INFOGRAPHIC] Employees receive nearly five phishing emails per work week, according to Avanan

Jul 18, 2019 7:14:33 AM By Stu Sjouwerman

One in every 99 work emails is a phishing attack, according to a recent Avanan report. With employees accustomed to a busy inbox, it's easy to fall victim to a phishing attack disguising ...

Mimecast Identifies Brand New Phishing Tactic Called "SHTML"

Jul 17, 2019 3:24:15 PM By Stu Sjouwerman

In early April, the Mimecast Threat Center team discovered a rare type of server-parsed HTML (SHTML) based phishing attack emerging from the UK.

Chinese Hackers Use Island Hopping to Steal Industrial and Commercial Secrets in 5-year Attack on the World’s Largest Technology Service Providers

Jul 16, 2019 4:30:07 PM By Stu Sjouwerman

Dubbed the “Cloud Hopper” campaign, victim companies such as Ericsson, HPE, IBM, and more were targets of exfiltration aimed and helping advance the Chinese economy.

Microsoft Discovers New Excel-Based Attack to Deliver the FlawedArmmyRAT Malware

Jul 16, 2019 3:27:14 PM By Stu Sjouwerman

A new set of tweets from Microsoft Security Intelligence walks through an attack that uses a number of built-in Windows toolsets to infect machines with the notorious malware.

Attacker’s Use of OneDrive as a Malicious File Host Jumps Over 3200% in Q1

Jul 16, 2019 3:23:16 PM By Stu Sjouwerman

The need for reputable hosting services to make phishing scams involving malicious files look legitimate has caused a rise in popularity for Microsoft’s cloud-based file sharing service.

Evite Invites Over 100 Million People to Their Data Breach

Jul 16, 2019 3:19:37 PM By Stu Sjouwerman

Larry at Bleepingcomputer wrote: "The data breach monitoring service Haveibeenpwned.com has added a database dump of almost 101 million Evite users who had their information exposed when ...

[VIDEO] KnowBe4 Quarterly Platform Update Q2-2019

Jul 16, 2019 11:25:21 AM By Stu Sjouwerman

CyberheistNews Vol 9 #29 Scam of the Week: Microsoft OneNote Audio Note Phishing Emails

Jul 16, 2019 9:34:25 AM By Stu Sjouwerman

UK Mid-Sized Firms Lost £30bn to CyberAttacks in 2018

Jul 16, 2019 7:24:18 AM By Stu Sjouwerman

Phil Muncaster at InfoSec Mag reported that "Cybersecurity incidents have cost UK mid-market firms a combined £30bn over the past year as automated attacks become the norm, according to ...

Is ‘REvil’ the New GandCrab Ransomware?

Jul 15, 2019 3:20:04 PM By Stu Sjouwerman

Brian Krebs wrote: "The cybercriminals behind the GandCrab ransomware-as-a-service (RaaS) offering recently announced they were closing up shop and retiring after having allegedly earned ...

NEW SANS Whitepaper: Automating Response to Phish Reporting

Jul 15, 2019 8:00:00 AM By Stu Sjouwerman

As part of his SANS Technology Institute Master's degree, Geoffrey Parker recently published a whitepaper called Automating Response to Phish Reporting that got an A, was made a gold ...

An Amazon Phishing Scam Hits Just In Time For Prime Day

Jul 13, 2019 11:25:41 AM By Stu Sjouwerman

Amazon has confirmed that Prime Day 2019 will begin at 12 a.m. PT on Monday, July 15 and conclude at 11:59 p.m. PT on Tuesday, July 16.

TrickBot Malware May Recently Have Hacked 250 Million Email Accounts

Jul 13, 2019 10:52:40 AM By Stu Sjouwerman

Endgadged reported that "TrickBot malware may recently have stolen as many as 250 million email accounts, including some belonging to governments in the US, UK and Canada. The malware ...

[Heads-up] New eCh0raix Ransomware Strain Targets NAS Devices

Jul 12, 2019 9:58:00 AM By Stu Sjouwerman

ITPro Today reported: "The eCh0raix ransomware uses a brute-force credential attack to gain access to data stored in QNAP NAS devices.

Security Awareness Training Blog

View Topics