Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Strange Chinese APT Interest in Buying Batches of AV Products

The Chinese military unit was recently accused of carrying out a years-long cyber espionage. The accusation from Japanese authorities was due to China's People Liberation Army buying ...
Continue Reading

New IceID Phishing Attack Targets Website Owners Using Image Copyright Infringement as The Hook

Spotted by the Microsoft 365 Defender Threat Intelligence Team, this new phishing attack threatens legal action to trick victims into installing information-stealing malware.
Continue Reading

W-2 Form Office 365 Credential Scam Creatively Uses Typeform Service to Bypass Security Checks

By creating phishing site pages using an online service for building surveys and forms, scammers figured out an original way to trick users out of their Office 365 credentials.
Continue Reading

Cybersecurity Spend Is Now More Than 20% of the Average IT Budget As 91% of Organizations Suffering an Attack had Operations Impacted

The latest data from the Hiscox Cyber Readiness Report highlights how organizations are experiencing cyber threats and how they are responding to increase their readiness for next time.
Continue Reading

[HEADS UP] New Malware Families Found in Phishing Campaign

Researchers from FireEye's security team found new malware families in a financial phishing campaign. The Malware strains are dubbed Doubledrag, Doubledrop, and Doubleback and have been ...
Continue Reading

Genesis Market: a Study in the C2C Economy

Researchers at Digital Shadows describe Genesis Market, a criminal-to-criminal marketplace that aggregates and sells digital fingerprints to facilitate cyberattacks. The researchers say ...
Continue Reading

A Snapshot of the Ransomware Landscape

Organizations need to take steps to disrupt the ransomware industry by making these attacks more expensive to carry out, according to Jen Miller-Osborn from Palo Alto Networks' Unit 42. ...
Continue Reading

UK IT Decision Makers Fear Their Remote Workers Put Company Data at Risk for Data Breach

According to an annual survey from Apricorn, UK IT decision makers are fearing the worst as their staff continues to work in a remote environment.
Continue Reading

Do Ransomware Gangs Restore Data, Even After They're Paid?

Only 8% of ransomware victims get all of their data back after paying the ransom, according to researchers at Sophos. The researchers found that, on average, victims who pay the ransom ...
Continue Reading

May the 4th Be With You and Your Users!

May the force be with you, May the fourth be with you, may the phish not attack you. Okay, so it does not quite rhyme, but you get the idea. We reach the fourth day of the fifth month of ...
Continue Reading

The Cost of Remediating a Ransomware Attack More than Doubles and is Quickly Approaching $2 Million

With 54% of organizations unable to stop a ransomware attack before data is encrypted and operations are impacted, the increasing cost of ransomware remediation is troubling.
Continue Reading

U.K. Royal Mail-related Phishing Scams Are Up 645%

New data from CheckPoint highlights how scammers are using simple shipping-related social engineering scams to trick victims into giving up personal information and credit card details.
Continue Reading

Ransomware Operators Threaten to Short Victims’ Stocks

The Darkside ransomware operators are now offering to tip off unscrupulous stock traders before they post the names of publicly traded victim companies, the Record reports. The criminals ...
Continue Reading

Why Should We Care About Personal Smishing Attacks?

I am not sure what is going on these days, but for several weeks, I have received far more SMS-based phishing (i.e., smishing) attacks than usual.
Continue Reading

Ransomware Demands Spike by 43% Already in 2021

Cybercriminal groups are increasing their automated and tactical ransomware attacks. Unfortunately, that also means they have an increase in greed.
Continue Reading

[HEADS UP] Ransomware Gangs are Creating Ransomware Cartels

Analysis by threat intelligence group Analyst1 recently uncovered that the bad guys are responsible for forming a ransomware cartel.
Continue Reading

Scammers Target Rogers Customers With SMS Messages

Scammers are targeting Rogers customers with text messages offering $50 refunds, according to BleepingComputer. The Canadian telecommunications provider suffered a widespread outage last ...
Continue Reading

Federal Reserve Chairman Jerome Powell Cites Cyberthreats as Current “Biggest Concern” to Financial Institutions

Fears of a resurgence of COVID-19 and increased cyberattacks are mentioned as top risks that can materially impact the finance sector and the economy, by Jerome Powell in a recent ...
Continue Reading

Security Culture Influenced by the Global Effects of COVID-19

In the Industry Benchmark section of the 2021 Security Culture Report, we describe the security culture scores of each industry sector in detail. This section of the report can be used to ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews