Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

[Heads-Up] A Hacker Is Selling Access To The Email Accounts Of Hundreds Of C-Level Executives

ZDNet's Zero Day column just reported one of the best reasons why you should step your users through new-school security awareness training yet:
Continue Reading

The Risk of the “To” Line

Micropayments company Coil accidentally exposed at least a thousand of its customers’ email addresses by including their addresses in the “To” field of an email, BleepingComputer reports. ...
Continue Reading

Credential-Stealing VPN Exploits

A hacker has published an exploit for a critical vulnerability in Fortinet VPN devices, along with a list of 49,577 vulnerable devices, BleepingComputer reports. Fortinet released a patch ...
Continue Reading

How Many Phishing Sites? Over 2 Million in 2020 (so far)

Google has flagged 2.02 million phishing sites since the beginning of the year, averaging forty-six thousand sites per week, according to researchers at Atlas VPN. The researchers note ...
Continue Reading

2021 Prediction: Expect Ransomware Attacks Will Increase in Frequency and Variety

A new forward-looking report from security vendor FireEye Mandiant predicts the greatest single cyber threat today is only going to become a greater menace next year.
Continue Reading

Email Sandboxes Are Detected and Rendered Useless in New Office 365 Phishing Attack

A new threat tactic is being used to determine if sandbox environments are being used to gain more information about a potential phishing attack, allowing the bad guys to avoid detection.
Continue Reading

Ransomware Downtime Costs for SMBs Are 50 Times More than the Ransom Itself!

No one has less cash on hand to spend on dealing with a cyberattack than the small business. New data shows ransomware is a challenge for SMBs and they aren’t prepared for the costs.
Continue Reading

The COVID-19 Vaccine: The Next Wave of Coronavirus Phishing Emails & What You Can Do About It

With infection rates once again soaring in the United States and other countries around the world, the race to produce a COVID-19 vaccine has generated welcome news for a population ...
Continue Reading

Beware of Black Friday Deals That Are Too Good To Be True

Black Friday is a great day for anyone looking to nab a retail bargain. And retailers want to see products fly off their physical and virtual shelves by putting out unbelievable offers. ...
Continue Reading

Famous U.K. Soccer Club Becomes the Next Victim of a Cyber Attack

The famous UK soccer club Manchester United recently became the next victim of a cyber attack. The club stated that the personal data from fans have not been stolen.
Continue Reading

You're Fired (Not Really, Just Clicked on a Phishing Email)

The operators of the BazarLoader malware are using phishing emails that inform people they’ve been terminated from their jobs, according to Linn Freedman, a partner at Robinson & Cole ...
Continue Reading

[Scam of the Week] Black Friday & Cyber Monday Top 10 Cybersecurity Tips

The bad guys are at it again with holiday phishing scams, and this time from the comfort of your user's home. Because we are in the middle of a pandemic, retailers have already started ...
Continue Reading

OPSEC, OPSEC, OPSEC...

The BBC reported: "A Dutch journalist managed to gatecrash a confidential video conference of EU defense ministers. Daniel Verlaan of RTL Nieuws joined the meeting after the Dutch defence ...
Continue Reading

[ModStore Release] New 2021 Versions of 3 Flagship Courses Now Live!

Our Courseware team has been hard at work, and we're proud to announce the release of the 2021 Versions of 3 Flagship Courses!
Continue Reading

Remote Workers Continue to Put Organizations Critically at Risk of Cyberattack

The Insecurity of the remote worker, their devices, personal networks, and bad cybersecurity habits create a massive threat surface for cybercriminals to easily take advantage of.
Continue Reading

One-Third of Employees Say Their Company Has No Cybersecurity Measures in Place While Working from Home

At a time when organizations should be implementing additional security measure to ensure the logical perimeter of their network is protected, new research shows companies aren’t prepared.
Continue Reading

Phishing Attacks Rose by 220% At Pandemic Peak Amid Global COVID-Related Fears

At a time when the last thing we need is more phishing attacks, new data shows that cybercriminals have been stepping up their game, taking full advantage of the pandemic.
Continue Reading

Google's Free Services and Phishing Campaigns: A Likely Pair

Cybercriminals are now launching phishing campaigns that abuse Google's free productivity tools while also using social engineering to trick you into installing malware.
Continue Reading

Spotting Retail Scams During the Holiday Season

People need to be particularly vigilant for scams as we approach the holiday shopping season, according to Laura Brooks at Tessian. Scammers always take advantage of seasonal trends, and ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews