New Ransomware Threat Group Calls Attack Victims to Ensure Payments

Jul 17, 2024 1:50:47 PM By Stu Sjouwerman

Analysis of new ransomware group Volcano Demon provides a detailed look into how and why calling victims ups the chances of ransomware payment.

Malvertising Campaign Impersonates Microsoft Teams

Jul 17, 2024 1:50:43 PM By Stu Sjouwerman

Researchers at Malwarebytes warn that a malvertising campaign is targeting Mac users with phony Microsoft Teams ads. The ads are meant to trick users into installing Atomic Stealer, a ...

[NEW FREE TOOL]: Reveal Your Network's Hidden Weaknesses with KnowBe4's BreachSim Data Exfiltration Simulator

Jul 17, 2024 8:00:00 AM By Stu Sjouwerman

As cyber threats evolve, the target has become crystal clear: your data. A staggering 90% of ransomware attacks now include a data exfiltration component. With this in mind, KnowBe4 has ...

SEC Fines Publicly Traded Company $2.125 Million For Negligence Before, During, and After a Ransomware Attack

Jul 16, 2024 12:26:30 PM By Stu Sjouwerman

According to the filing, the organization in question failed to devise controls to adequately detect, respond to, and disclose an attack that included data exfiltration and service ...

Espionage-Intent Threat Groups Are Now Using Ransomware as a Diversion Tactic in Cyberattacks

Jul 16, 2024 11:40:00 AM By Stu Sjouwerman

A new report focused on cyber espionage actors targeting government and critical infrastructure sectors highlights the strategic use of ransomware for distraction or misattribution.

IRS Warns of Phishing Attacks Targeting Car Dealerships

Jul 16, 2024 11:37:55 AM By Stu Sjouwerman

The US Internal Revenue Service (IRS) has issued an advisory warning of phishing campaigns targeting car dealerships. The IRS says car dealers should be on the lookout for targeted ...

From Reactive to Proactive: Cyber Insurance is Driving Optimal Security Investments for Organizations

Jul 15, 2024 10:54:48 AM By Stu Sjouwerman

New data shows that only 3 percent of organizations are solely relying on their current cyber defenses when adding on cyber insurance, indicating that organizations are beginning to ...

Phishing Continues to Be the Primary Entry to Ransomware Attacks

Jul 15, 2024 10:54:34 AM By Stu Sjouwerman

Phishing remains a top initial access vector for ransomware actors, according to researchers at Cisco Talos. The threat actors often use phishing to steal legitimate credentials so they ...

CyberheistNews Vol 14 #29 [Warn Your Users] High Scam Risk After Failed Trump Assassination

Jul 15, 2024 9:59:19 AM By Stu Sjouwerman

[On-Demand Webinar] Crack the Code on Ransomware: Empowering Your Last Line of Defense

Jul 15, 2024 8:00:00 AM By Stu Sjouwerman

Cybercriminals are maximizing the potential damage to your organization to boost their profits. A staggering 91% of reported ransomware attacks included a data exfiltration effort. Now is ...

[Warn Your Users] High Scam Risk After Failed Trump Assassination

Jul 14, 2024 8:05:51 AM By Stu Sjouwerman

Pictures of Donald Trump rushed from a campaign stage, his cheek brushed with blood from an assassination attempt, are an unsettling shock.

Phishing Attacks Against State and Local Governments Are Surging

Jul 11, 2024 2:01:51 PM By Stu Sjouwerman

Researchers at Abnormal Security have observed a 360% increase in phishing attacks against state and local government entities over the past year.

Ransomware Attacks on Healthcare Is Costing Lives

Jul 11, 2024 2:01:48 PM By Roger Grimes

Ransomware is more prolific and expensive than ever. Depending on the source you read, the average or median ransomware payment was at least several hundred thousand dollars to well over ...

Russian Spear Phishing Campaigns Target NATO Entities

Jul 10, 2024 10:00:52 AM By Stu Sjouwerman

Researchers at Mandiant (part of Google Cloud) warn that Russian government threat actors continue to target NATO member countries with spear phishing attacks. APT29 in particular has ...

From Policy to Practice in Security Culture: What Security Frameworks Recommend

Jul 10, 2024 10:00:48 AM By Anna Collard

Recently I had to prepare for a governance, risk and compliance conference. I promptly realized that although I used to be quite immersed in this field as an ISO 27k implementation ...

Dodgy New Phishing Platform Targets Microsoft 365 Accounts at Financial Firms

Jul 9, 2024 1:59:55 PM By Stu Sjouwerman

Analysis of the latest phishing-as-a-service (PhaaS) platform ONNX Store highlights just how successful these platforms can be.

Amazon-Related Scams Spike Ahead of Prime Day

Jul 9, 2024 1:59:52 PM By Stu Sjouwerman

Researchers at Check Point observed more than a thousand newly registered malicious or suspicious web domains related to Amazon last month. The criminals are likely gearing up to target ...

CyberheistNews Vol 14 #28 [Urgent Alert] 5 Critical Steps to Shield Your Teens from Rising Sextortion

Jul 9, 2024 9:00:00 AM By Stu Sjouwerman

Phishing Attacks Target High Profile YouTube Accounts

Jul 9, 2024 8:32:05 AM By Stu Sjouwerman

Researchers at ESET warn of phishing attacks that are attempting to hack high-profile YouTube channels in order to spread scams or malware.

The Importance of Security Culture: When Telecom Giants Resort to Malware

Jul 9, 2024 8:32:02 AM By Javvad Malik

I recently read a story about a South Korean telecom company that pushed out malware to over 600,000 of its customers who were using torrents to share files, in a bid to limit their ...

Security Awareness Training Blog

View Topics