Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

"It can't hurt to open one little attachment, can it?"

May 1, 2018 4:49:48 PM By Stu Sjouwerman
Brad Haan sent me this riot cartoon:
Continue Reading

PhishLabs Reports That Credential Phishing Has Shifted To The Enterprise

May 1, 2018 10:23:34 AM By Stu Sjouwerman
Why is credentials phishing moving from consumers to the enterprise, just like ransomware has done in the last 2 years? The answer might surprise you. Elliot Volkman at the PhishLabs ...
Continue Reading

CyberheistNews Vol 8 #18 Scam of the Week: World's No. 1 Criminal Phishing Botnet Turns Even More Tricky

May 1, 2018 9:51:43 AM By Stu Sjouwerman
Continue Reading

ModStore Update: "2018 Safe Web Browsing" and "Ransomware"  Localized in 20 Languages

Apr 30, 2018 5:10:35 PM By Stu Sjouwerman
We have some good news! The "2018 Safe Web Browsing" and "2018 Ransomware" module's 20 language versions are now better than ever. As of today, the following improvements are now present ...
Continue Reading

Phishing threats still dwarf vulnerabilities and zero-days

Apr 30, 2018 4:13:16 PM By Stu Sjouwerman
Rob Wright at SearchSecurity wrote: "Proofpoint research shows that while phishing attacks now require victims to take more steps, the success rate for such attacks hasn't declined and ...
Continue Reading

Gone Phishing: Employer Faces Liability for Mistakenly Disclosing W-2 Forms to Scammer

Apr 30, 2018 7:05:00 AM By Stu Sjouwerman
Attorneys Zuckerman Spaeder noted on JDSUPRA: "When employers are caught off guard, they can face not only the loss of their own assets, but also liability to their employees. For ...
Continue Reading

Scam Of The Week: World's Largest Phishing Botnet Grows Evasive

Apr 28, 2018 11:01:06 AM By Stu Sjouwerman
The notorious Necurs botnet is one of the oldest and largest spam and phishing delivery systems in existence. It controls millions of machines that the criminal botmasters use to send ...
Continue Reading

PDF Files Can Be Abused to Steal Windows Credentials

Apr 27, 2018 5:51:44 PM By Stu Sjouwerman
PDF files can be weaponized by malicious actors to steal Windows credentials (NTLM hashes) without any user interaction, and only by opening a file, according to Assaf Baharav, a security ...
Continue Reading

Ransomware up 350% says 2018 Global Threat Intelligence Report

Apr 27, 2018 4:27:33 PM By Stu Sjouwerman
NTT Security 2018 Global Threat Intelligence Report (GTIR): Ransomware up 350% and spyware ranks first in volume of malware at 26% reflecting attackers' desire for long-term presence for ...
Continue Reading

Researchers discover next generation phishing kit

Apr 26, 2018 1:22:10 PM By Stu Sjouwerman
Researchers at Check Point and CyberInt, have discovered a new generation of phishing kit that is readily available on the Dark Web. The new kit, compiled and offered by a criminal whose ...
Continue Reading

Center for Orthopaedic Specialists notifies 85,000 patients of ransomware infection

Apr 25, 2018 5:25:21 PM By Stu Sjouwerman
Another indicator that a ransomware infection is seen as a HIPAA data breach and needs to be reported. The Center for Orthopaedic Specialists (COS) in California has three locations in ...
Continue Reading

Yahoo Pays $35 Million Penalty For The Hot Mess Of Their Massive Data Breach

Apr 25, 2018 7:09:20 AM By Stu Sjouwerman
This is the first time that a public company gets fined by regulators for failure to properly investigate their 2014 data breach, and disclose it to shareholders. Technically this is not ...
Continue Reading

Mysterious “double kill” Word/IE zero-day allegedly in the wild as phishing attack

Apr 25, 2018 6:40:16 AM By Stu Sjouwerman
“Double kill” is a bragging term from the world of violent video gaming – it means you finished off two assailants with a single shot. In the world of cybercrime, it’s the name given by ...
Continue Reading

CyberheistNews Vol 8 #17 New Large Email Security Gap Analysis Shows a Massive 15% Failure Rate

Apr 24, 2018 9:47:00 AM By Stu Sjouwerman
Continue Reading

Ransomware Attack Costs Dutch Builder 60,000 Euros

Apr 23, 2018 3:41:31 PM By Stu Sjouwerman
A ransomware infection has cost Dutch builder Almi Machinebouwers at least 60,000 euros. That is what director Frank Landhuis said in an interview with Sprout. Due to the infection, ...
Continue Reading

New Large Email Security Gap Analysis Shows a Massive 15% Failure Rate

Apr 23, 2018 10:00:00 AM By Stu Sjouwerman
We thought it was bad when we saw Cyren's recent analysis that 10.5% of bad emails made it through the filters. It could even be worse than that. "Mimecast's latest ESRA (email security ...
Continue Reading

[On-Demand Webinar] The Science and Methodology Behind Social Engineering

Apr 17, 2018 10:51:55 AM By Stu Sjouwerman
No matter how much security technology we purchase, we still face a fundamental security problem: people. Our CEO Stu Sjouwerman was interviewed by Information Security Media Group at RSA ...
Continue Reading

Poll: What Security Measures Are Most Effective In Fighting Ransomware?

Apr 17, 2018 10:15:00 AM By Stu Sjouwerman
The Spiceworks staff wrote: "Years after CryptoLocker raised its ugly head — setting off an unfortunate security trend — ransomware continues to be a rather painful thorn in the side of ...
Continue Reading

CyberheistNews Vol 8 #16 [Heads-Up] Phishing Scam of the Week

Apr 16, 2018 9:42:00 AM By Stu Sjouwerman
Continue Reading

Many of us will be at the RSA Conference in SanFran this week. Here are some quick tips!

Apr 15, 2018 9:59:50 AM By Stu Sjouwerman
Lance Spitzner said: Eat breakfast, it may be the last meal you get that day. Schedule the most important meetings in the morning. RSA gives you a back-pack. Don't use it at the con, ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews