Bad news: 43% of login attempts 'malicious' Good news: Er, umm...

Feb 21, 2018 11:19:57 AM By Stu Sjouwerman

The Register in the UK reported: "An extraordinary 43 per cent of all attempted online account logins are malicious, Akamai claims in its latest internet security report. "Credential ...

Now HERE Is A Devious Combo pretexting / vishing / SMS Social Engineering Attack!

Feb 21, 2018 11:03:14 AM By Stu Sjouwerman

Someone on Reddit described how he was the victim of a very sophisticated social engineering attack. Wow, this is crafty. This is the story!: "I have different passwords for every website ...

PHISHING SCHEMES NET HACKERS MILLIONS OF DOLLARS FROM FORTUNE 500

Feb 21, 2018 10:39:36 AM By Stu Sjouwerman

IBM has uncovered sophisticated CEO Fraud campaigns—aka Business Email Compromise—which are successfully targeting Fortune 500 companies. On Wednesday, researchers from IBM's X-Force ...

Cryptojacking Scripts And Phishing Pages Could Soon Invade Your Word Documents

Feb 21, 2018 7:19:39 AM By Stu Sjouwerman

Let's open that doc file and watch the Matrix again. Catalin Cimpanu at Bleepingcomputer had the scoop on this concerning news: "Cryptojacking scripts that mine Monero via JavaScript code ...

[Heads-up] The May 2018 GDPR Deadline May Fuel New Extortion Attempts

Feb 20, 2018 11:21:29 AM By Stu Sjouwerman

Trend Micro has released its annual security roundup, and it shows several interesting trends that will likely continue into 2018. There is bad news and worse news, with a little bit of ...

Global Cyber Security Risk Perception: Highest Management Priorities

Feb 19, 2018 10:50:24 AM By Stu Sjouwerman

Few organizations are highly confident in their ability to manage the risk of a cyber-attack, despite viewing cybersecurity as a top risk management priority, according to a survey ...

CyberheistNews Vol 8 #8 Scam of the Week: Lowlife Scum Exploits Recent Florida Parkland School Shooting

Feb 19, 2018 10:17:54 AM By Stu Sjouwerman

Scam Of The Week: Lowlife Scum Exploits Recent Florida Parkland School Shooting

Feb 16, 2018 7:27:24 AM By Stu Sjouwerman

Just when you think they cannot sink any lower, criminal internet scum are now exploiting the Parkland tragedy in Florida. Unfortunately, from this spot I have been warning about these ...

Edward Snowden returns to U.S.! Oops, nope, it's a phishing scam

Feb 15, 2018 2:19:38 PM By Stu Sjouwerman

Bradley Barth at SCMedia nailed it when he wrote: "No, NSA whistleblower and U.S. fugitive Edward Snowden did not just purchase a 2 terabyte storage plan for iCloud, nor has he moved back ...

Trusted Sites Often Deliver Phishing Attacks: Study

Feb 15, 2018 12:56:15 PM By Stu Sjouwerman

Ray Schultz at MediaPost had a great summary of some troublesome news: "Some of the world’s most popular websites are also the most dangerous when in comes to phishing attacks, according ...

New Research: Number of Microsoft vulnerabilities continues to go up over the years

Feb 15, 2018 12:34:37 PM By Stu Sjouwerman

The number of Microsoft vulnerabilities has more than doubled in the last five years, according to the fifth annual Microsoft Vulnerabilities Report from Avecto. The global security ...

New Multi-Stage Word Phishing Attack Infects Users Without Using Macros

Feb 15, 2018 11:06:24 AM By Stu Sjouwerman

Spam distributors are using a new technique to infect users with malware, and while this phishing attack relies on having users open Word documents, it does not involve social engineering ...

Lazarus Hacking Group back with new phishing campaign targeting banks and bitcoin users

Feb 15, 2018 10:50:24 AM By Stu Sjouwerman

The North Korean Lazarus Hacking Group, suspected to be behind the WannaCry ransomware attack last year, has returned with a new crime spree, this time targeting financial institutions ...

Security Awareness Training Top Priority for CISOs: Report [PDF]

Feb 14, 2018 11:07:32 AM By Stu Sjouwerman

SecurityWeek's Kevin Townsend wrote an excellent summary of the brand new FS-ISAC - "CISO Cybersecurity Trends Study": "Thirty-five percent of CISOs in the financial sector consider staff ...

CyberheistNews Vol 8 #7 [Heads-up] 2018 Winter Olympics Phishing Campaign Hides Evil Script in Image

Feb 13, 2018 9:30:54 AM By Stu Sjouwerman

KnowBe4 Attains SOC 2 Type I Compliance For The Hosted Phishing And Training Product Offerings

Feb 11, 2018 1:59:38 PM By Stu Sjouwerman

KnowBe4, Inc, the world's largest security awareness training and simulated phishing platform, this week announced it has successfully completed a Service Organization Controls (SOC) 2 ...

WHAT IS “REASONABLE CYBER SECURITY” AND HOW DO COURTS VIEW IT?

Feb 11, 2018 6:59:53 AM By Stu Sjouwerman

Shawn Tuma is an attorney with an internationally recognized reputation in cybersecurity, computer fraud, and data privacy law. He is a Cybersecurity & Data Privacy Attorney at Scheef ...

New Trend In Phishing: Conversation Hijacking

Feb 10, 2018 9:44:47 AM By Stu Sjouwerman

Researchers see a new trend in phishing. Hackers are inserting themselves into email conversations between parties known to and trusted by one another. Once in, they exploit that trust to ...

2018 Winter Olympics Phishing Campaign Hides Evil PowerShell Script In Image

Feb 9, 2018 7:22:05 AM By Stu Sjouwerman

Jonathan, at our friends at Barkly wrote: "Hi all, according to researchers at McAfee, a new malware campaign is targeting organizations associated with the upcoming 2018 Winter Olympics ...

Tennessee Hospital Hit With Cryptojacking Attack Sends Out Databreach Notification

Feb 9, 2018 7:03:22 AM By Stu Sjouwerman

Decatur County General Hospital is notifying 24,000 patients of cryptomining software on its EMR system. In what may be the first report I’ve seen of a hospital having their EMR server ...

Security Awareness Training Blog

View Topics