Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

U.S. Department of Health Alert: Hackers are Targeting IT Help Desks at Healthcare Organizations

A new sector alert published by the U.S. Department of Health and Human Services outlines new attacks in which social engineering is used to obtain credentials for online fraud.
Continue Reading

Cyber Attacks Could Cause Global Bank Runs

The International Monetary Fund (IMF) has warned that severe cyber attacks against financial institutions could lead to major bank runs and market selloffs. While this hasn’t happened ...
Continue Reading

UK Councils Under Cyber Attack: The Urgent Need for a Culture of Cybersecurity and Resilience

The very fabric that stitches our society together — our councils and local governing bodies — is under a silent siege from cyber attacks. The recent ransomware assault on Leicester ...
Continue Reading

Yesterday, in DC, I was given the Holland on the Hill Freddy Heineken Award

The Holland on the Hill Freddy Heineken Award honors an entrepreneur who has made a substantial and positive contribution to the US-Dutch economic relationship, exemplifying the best of ...
Continue Reading

Water Facilities Compromised By Iranian Threat Actors

In December 2023, a joint alert was issued by the FBI, CISA, NSA, EPA, and INCD regarding Iranian cyber actors known as "CyberAv3ngers" linked to Iran's Islamic Revolutionary Guard Corps ...
Continue Reading

Top Tax Scams of 2024 Your Organization Should Watch Out For

As the April 15, 2024 filing deadline approaches, tax scammers are working overtime to take advantage of rushed or stressed taxpayers.
Continue Reading

Malvertising Campaigns Surged in 2023

Researchers at BlueVoyant observed a 50% increase in large-scale malvertising campaigns in 2023 compared to 2022.
Continue Reading

Critical Improvements To The Seven Most Common Pieces of Cybersecurity Advice

I have been in the cybersecurity industry for over 35 years and I am the author of 14 books and over 1,400 articles on cybersecurity.
Continue Reading

New Phishing-as-a-Service (PhaaS) platform, 'Tycoon 2FA', Targets Microsoft 365 and Gmail Accounts

A new PhaaS service brings the power of bypassing multi-factor authentication (MFA) to the world’s most-used email platforms.
Continue Reading

All The Ways the Internet is Surveilling You

Your personal information is continuously harvested and analyzed by countless data brokers eager to sell to the highest bidder. From your name to your online activities, to your ...
Continue Reading

Australian Government Commits to Become a World-Leader in Cybersecurity by 2030

The Australian Government has leveraged insight from cybersecurity experts to create a new six-part plan to combat cybersecurity over the coming decade.
Continue Reading

Tokyo Police Department Warns of Phishing Scam That Uses Phony Arrest Warrants

The Tokyo Metropolitan Police Department has warned of a phishing scam that’s attempting to trick individuals with phony arrest warrants, the Japan Times reports.
Continue Reading

Large-Scale StrelaStealer Campaign Impacts Over 100 Organizations Within the E.U. and U.S.

A new campaign of StrelaStealer attacks identified by security analysts at Unit42 has been spotted targeting E.U. and U.S. organizations. This somewhat new infostealer has evolved to be ...
Continue Reading

The Cyber Achilles' Heel: Why World Leaders and High-Profile Individuals Must Prioritise Cybersecurity

Social media has become an indispensable tool for communication, outreach, and engagement. From world leaders to high-profile individuals, these platforms offer an unparalleled ...
Continue Reading

Catfishing Campaign Targets Members of the UK Government

At least twelve men working in the UK parliament have recently been targeted by WhatsApp spear phishing messages, POLITICO reports. The targeted individuals include “a senior Labour MP, ...
Continue Reading

Apple Users Become the Latest Targets of MFA Attacks

A new string of multi-factor authentication (MFA) attacks targeting the reset of Apple IDs seem to be popping up in a likely attempt to steal the victim’s digital identity and more.
Continue Reading

IT Leaders Can’t Stop AI and Deepfake Scams as They Top the List of Most Frequent Attacks

New data shows that the attacks IT feels most inadequate to stop are the ones they’re experiencing the most.
Continue Reading

Malicious App Impersonates McAfee to Distribute Malware Via Text and Phone Calls

A trojanized version of the McAfee Security app is installing the Android banking Trojan “Vultur,” according to researchers at Fox-IT. The attackers are spreading links to the malicious ...
Continue Reading

New Report Shows Phishing Links and Malicious Attachments Are The Top Entry Points of Cyber Attacks

New TTP attack data covering 2023 sheds much needed light on the threat actor and user actions that are putting organizations at the most risk.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews