New Study: Phishing Is Still The Top Threat Faced By Organizations

Aug 20, 2017 10:05:19 AM By Stu Sjouwerman

The new 2017 SANS Threat Landscape survey from the well-known research and education specialist finds that security professionals rate phishing at 72 percent, spyware at 50 percent, ...

Ukrainian Coder May Be First Potential Witness of DNC Phishing Attack

Aug 17, 2017 4:53:23 PM By Stu Sjouwerman

A lengthy and fascinating article in the New York Times by Andrew E. Kramer and Andrew Higgens on August 16, 2017 reported that a Ukranian coder known to his friends on the “dark web” as ...

Large Insurance Company Settles for $5.5 Million over "Failed To Patch" Data Breach

Aug 16, 2017 10:06:24 AM By Stu Sjouwerman

A large insurance company (Nationwide) agreed to pay a total of $5.5 Million to settle charges brought by 32 states resulting from the loss of critical consumer information attributable ...

This Is A First: Spear Phishing Attack Uses Compromised PowerPoint Slide Deck

Aug 15, 2017 9:36:32 AM By Stu Sjouwerman

Bad guys are exploiting the CVE-2017-0199 vulnerability to bypass endpoint security software and deliver the Remcos remote access Trojan via Microsoft PowerPoint decks. This particular ...

Survey of 2600 IT Pros: "Password Procedures Still Are A Cyber Security Fail"

Aug 15, 2017 8:30:00 AM By Stu Sjouwerman

After the NIST passwords bombshell, we surveyed 2,600 IT professionals to find out how they were managing passwords. The answers show that IT Pros are generally receptive to the proposed ...

The Cyber Security Of Our Electricity Grid

Aug 14, 2017 6:12:46 PM By Stu Sjouwerman

Guest Blogger Craig Reeds commented on the safety of our Electricity Grid. "Over the last couple of years, there has been a lot of discussion about the security of the electric grid. We ...

CyberheistNews Vol 7 #32 [ALERT] A Big Locky Ransomware Phishing Attack Infects With the New Diablo6 Strain

Aug 14, 2017 9:36:05 AM By Stu Sjouwerman

OK, Who -Is- This Stu Guy Anyway? [VIDEO]

Aug 13, 2017 11:03:41 AM By Stu Sjouwerman

I had a freelance video PR crew follow me one day at Black Hat, and here are two short clips that will give you an idea of who the heck I am.

APT28 Uses Spear Phishing and NSA EternalBlue Exploit To Attack Hotel Wi-Fi

Aug 13, 2017 10:28:43 AM By Stu Sjouwerman

Russian APT28 (aka the Fancy Bear hacking group) is harnessing EternalBlue; NSA's Windows SMB exploit which made the WannaCry ransomware and Petya so effective — and are using it to ...

Tripwire Black Hat Survey: "68% of Pros Felt Cyber Security Lacking After WannaCry & Petya Attacks"

Aug 13, 2017 8:21:38 AM By Stu Sjouwerman

Over two-thirds of Infosec Pros who were asked at Black Hat if they felt their organizations had made the necessary cyber security improvements since the WannaCry and Petya attacks ...

New Report: Ransomware Attack Downtime, Not Ransom Demand, is the Business Killer

Aug 12, 2017 10:58:49 AM By Stu Sjouwerman

I have been saying this here for the last few years, and I am encouraged to see it now confirmed by a new survey from our friends at Malwarebytes. They released their “Second Annual State ...

Cyber-Attacks Soar by a Quarter as Phishing Dominates

Aug 12, 2017 10:24:28 AM By Stu Sjouwerman

Cyber-attacks were up by a quarter in Q2 2017, with a surprising twist: global manufacturing is now the top target. The report from NTT Security also shows that phishing is the most ...

Locky Ransomware Returns with Phishing Campaign Pushing The Diablo6 Variant

Aug 12, 2017 9:39:28 AM By Stu Sjouwerman

Our friend Larry Abrams at Bleepingcomputer wrote August 9th: "Through a large malspam campaign, Locky is back and currently being heavily distributed worldwide. While Locky was at one ...

HealthCare Industry Needs Prescription For Next Wave of Ransomware Threats

Aug 12, 2017 9:05:45 AM By Stu Sjouwerman

According to a recent article in HealthCare IT News, "Ransomware 2.0: It's Coming, and Healthcare Needs to get Prepared", the next wave of ransomware may be much harder to spot, -- and ...

We Love The PhishMe Free Idea!

Aug 11, 2017 7:40:15 AM By Stu Sjouwerman

Yesterday, PhishMe's CEO Rohyt Belani came out with a great new initiative. They have created a "lite" version of their platform — they call it simplified — and they are giving it away ...

Top White House officials fall for prankster social engineering tricks

Aug 10, 2017 7:25:48 AM By Stu Sjouwerman

A UK-based email prankster used social engineering tactics to fool several top White House officials into responding to his messages, including the Trump administration’s cybersecurity ...

Key Ransomware Money Laundering Operation Taken Down and Owner Arrested in Greece

Aug 8, 2017 1:56:53 PM By Stu Sjouwerman

More than 4 Billion Dollars May Have Been Laundered If you’ve been the victim of a ransomware attack you know cybercrooks almost always demand payment in Bitcoin. Now we know that the US ...

Lessons from Social Engineering Disasters to Improve Security

Aug 8, 2017 12:35:01 PM By Stu Sjouwerman

Michele Fincher from the excellent team at www.social-engineer.com wrote: "In my fantasy life, I’m Ruby Rose from John Wick: Chapter 2, Gina Carano from Haywire, with possibly some ...

CyberheistNews Vol 7 #31 How Not to Fall for Phishing as an IT Pro

Aug 8, 2017 9:43:00 AM By Stu Sjouwerman

This password bombshell will make you scratch your head...

Aug 7, 2017 6:37:07 PM By Stu Sjouwerman

OK, this is a headscratcher. This is why we were surprised. I found it in a Wall Street Journal article today (paywall). Bill Burr, the author of “NIST Special Publication 800-63. ...

Security Awareness Training Blog

View Topics