Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Anyone Can Be Scammed and Phished, With Examples

I recently read an article about a bright, sophisticated woman who fell victim to an unbelievable scam. By unbelievable, I mean most people reading or hearing about it could not believe ...
Continue Reading

Malware Delivered Through Phishing Surges 276%

Researchers at VIPRE Security observed a 276% increase in malware delivered by phishing between Q1 and Q4 of 2023.
Continue Reading

[INFOGRAPHIC] KnowBe4’s Learner App by the Numbers

The KnowBe4 Learner App enables your users to complete their security awareness and compliance training conveniently from their smartphones and tablets.
Continue Reading

The Unsettling Leap of AI in Video Creation: A Glimpse Into Sora

In the rapidly evolving landscape of artificial intelligence (AI), the launch of Sora by OpenAI marks an unnerving milestone in video synthesis.
Continue Reading

IBM Tests Audio-Based Large Language Model to Hijack Live Conversations

With the idea in mind to “audio-jack” a live call-based banking transaction, security researchers were successful in inserting cybercriminal-controlled account details.
Continue Reading

Malvertising Campaign Spreads Phony Utility Bills

A widespread malvertising campaign is attempting to trick users into paying phony utility bills, according to researchers at Malwarebytes.
Continue Reading

[On-Demand Webinar] Making The Return on Investment (ROI) Case For Security Awareness Training

As an InfoSec professional, one of your many important responsibilities is to minimize expensive downtime and prevent data breaches.
Continue Reading

State-Sponsored Threat Actors Targeting European Union Entities With Spear Phishing Campaigns

Numerous state-sponsored threat actors frequently launched spear phishing attacks against European Union entities last year, according to a new report from the EU’s Emergency Response ...
Continue Reading

Only 7% of Organizations Can Restore Data Processes within 1-3 Days After a Ransomware Attack

New data on how organizations are able to respond to ransomware attacks also shows that paying a ransom is highly likely, despite having a policy of “Do Not Pay.”
Continue Reading

[On-Demand Webinar] The IT Pro's How-to Guide to Building a Strong Security Culture

The thought of building and improving your organization’s security culture can seem like a daunting task. How can you influence an entire culture? With the right plan, buy-in and content, ...
Continue Reading

Augmented Security: The Impact of AR on Cybersecurity

Recently, Apple launched its Apple Vision Pro to much fanfare and has pushed the discussion of Augmented Reality (AR) beyond the realms of gaming and entertainment. From healthcare ...
Continue Reading

Messaging Platform Telegram Sprouts Cyber Crime “Marketplaces” of Tools, Insights and Data

Cybercriminals are taking advantage of the messaging platform Telegram by creating channels and groups where learning and commerce all can take place freely.
Continue Reading

Iran-Aligned Threat Actor "CharmingCypress" Launches Spear Phishing Attacks

Researchers at Volexity warn that the suspected Iranian threat actor CharmingCypress (also known as “Charming Kitten” or “APT42”) has been launching spear phishing attacks against Middle ...
Continue Reading

Over Half of Malware Downloads Originate from SaaS Apps

As the popularity of SaaS apps continues to grow, security analysts expect the misuse of such apps as the host for malware downloads to continue to rise through 2024.
Continue Reading

Phishing Campaign Exploits Remote Desktop Software

A phishing campaign is attempting to trick users into downloading remote monitoring and management (RMM) software like AnyDesk, Atera, and Splashtop, according to researchers at ...
Continue Reading

Number of Data Compromises Affecting U.S. Organizations Rises 77%

New data summarizing the compromises of data in 2023 provides key details on who’s being targeted, what types of data is being compromised, and what attack vectors are being used.
Continue Reading

Cupid’s Arrow of Cyber Scams

Valentine's Day. A time where love is in the air, florists work overtime, and restaurant tables are as scarce as a truthful politician. But as we're busy swiping right in hopes of finding ...
Continue Reading

Another Ransomware-as-a-Service Known as “Wing” Takes Flight on the Dark Web

Analysis of this newly-spotted service makes it clear that the newest entrant into the Ransomware-as-a-Service (RaaS) space has taken note of where predecessors are lacking and launched a ...
Continue Reading

AI in Cyberspace: A Double-Edged Sword

The UK's National Cyber Security Centre (NCSC), recently shared its findings on how AI might reshape the cyber landscape. In two separate posts, the NCSC is warning that the global ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews