New Defray Ransomware Demands $5,000 In Customized Spear Phishing Attacks

Aug 26, 2017 10:42:45 AM By Stu Sjouwerman

This newly discovered ransomware strain is targeting healthcare, education, manufacturing and tech sectors in the US and UK, using customized spear phishing emails. Defray is demanding a ...

The RopeMaker Exploit Can CHANGE An Already Delivered Email

Aug 25, 2017 5:55:44 PM By Stu Sjouwerman

Our friends at Mimecast are warning against something scary! This is a sobering example of why scanners and filters will always be behind in the security arms race... They wrote: "Most ...

Health Care Systems Remain Targets of Ransomware And Phishing Attacks in 2017

Aug 25, 2017 4:41:25 PM By Stu Sjouwerman

Health care networks and providers are squarely in the cross hairs of ransomware cyber criminals and if the current rate of attacks continue it will likely exceed last years' events ...

Microsoft Wakes Up To The Fact That Cyber Security Risk Is A Business Risk [VIDEO]

Aug 24, 2017 4:57:31 PM By Stu Sjouwerman

The 800-pound Redmond Gorilla asks: "Should your security focus be on systems or people?" They wrote: "In the latest Modern Workplace episode, “Cyber Intelligence—The Human Element,” we ...

Enigma Hacked Before ICO Date -- CEO Had Not Changed A Compromised Password

Aug 23, 2017 1:32:16 PM By Stu Sjouwerman

Wherever there’s a lot of money to be made cyber thieves are not far behind. Think sharks surrounding a bait ball. Enigma is a financial data marketplace founded by a team from MIT which ...

Inside The New York Hospital That Was Down For 6 Weeks Due To Ransomware

Aug 22, 2017 10:00:00 AM By Stu Sjouwerman

If you ever needed ammo to convince budget holders that you need more IT security resources, this is the link to send them. It is a great discussion-starter how an attack like this would ...

CyberheistNews Vol 7 #33 New Study: Phishing Is Still the Top Threat Faced by Organizations

Aug 22, 2017 9:43:21 AM By Stu Sjouwerman

[On-Demand Webinar] How To Phish Like the Bad Guys

Aug 21, 2017 2:35:29 PM By Stu Sjouwerman

Despite all the spectacular news stories about advanced persistent threats and targeted hacks from nation-states, the most common security challenge facing enterprises today continues to ...

SyncCrypt Uses Graphic File to Cloak Ransomware in ZIP Phishing Payload

Aug 21, 2017 1:22:54 PM By Stu Sjouwerman

Emisoft Security researcher xXToffeeXx discovered another new phishing threat adept at bypassing Antivirus using a variation of the game played by PowerPoint PPSX attachment phishing ...

Criminals Use Social Engineering To Make Victims Install Malicious Chrome Extensions

Aug 21, 2017 7:30:08 AM By Stu Sjouwerman

The attackers did reconnaissance on their targets, using social networks which people inside the organization were involved in making financial transactions. These victims were then ...

Here Is A Cool And Useful INFOGRAPHIC About Social Engineering

Aug 20, 2017 11:33:56 AM By Stu Sjouwerman

Kevin Mitnick, KnowBe4's Chief Hacking Officer retweeted a link to well-executed infographic about Social Engineering, and here it is, courtesy of the team at Smartfile.com

New Study: Phishing Is Still The Top Threat Faced By Organizations

Aug 20, 2017 10:05:19 AM By Stu Sjouwerman

The new 2017 SANS Threat Landscape survey from the well-known research and education specialist finds that security professionals rate phishing at 72 percent, spyware at 50 percent, ...

Ukrainian Coder May Be First Potential Witness of DNC Phishing Attack

Aug 17, 2017 4:53:23 PM By Stu Sjouwerman

A lengthy and fascinating article in the New York Times by Andrew E. Kramer and Andrew Higgens on August 16, 2017 reported that a Ukranian coder known to his friends on the “dark web” as ...

Large Insurance Company Settles for $5.5 Million over "Failed To Patch" Data Breach

Aug 16, 2017 10:06:24 AM By Stu Sjouwerman

A large insurance company (Nationwide) agreed to pay a total of $5.5 Million to settle charges brought by 32 states resulting from the loss of critical consumer information attributable ...

This Is A First: Spear Phishing Attack Uses Compromised PowerPoint Slide Deck

Aug 15, 2017 9:36:32 AM By Stu Sjouwerman

Bad guys are exploiting the CVE-2017-0199 vulnerability to bypass endpoint security software and deliver the Remcos remote access Trojan via Microsoft PowerPoint decks. This particular ...

Survey of 2600 IT Pros: "Password Procedures Still Are A Cyber Security Fail"

Aug 15, 2017 8:30:00 AM By Stu Sjouwerman

After the NIST passwords bombshell, we surveyed 2,600 IT professionals to find out how they were managing passwords. The answers show that IT Pros are generally receptive to the proposed ...

The Cyber Security Of Our Electricity Grid

Aug 14, 2017 6:12:46 PM By Stu Sjouwerman

Guest Blogger Craig Reeds commented on the safety of our Electricity Grid. "Over the last couple of years, there has been a lot of discussion about the security of the electric grid. We ...

CyberheistNews Vol 7 #32 [ALERT] A Big Locky Ransomware Phishing Attack Infects With the New Diablo6 Strain

Aug 14, 2017 9:36:05 AM By Stu Sjouwerman

OK, Who -Is- This Stu Guy Anyway? [VIDEO]

Aug 13, 2017 11:03:41 AM By Stu Sjouwerman

I had a freelance video PR crew follow me one day at Black Hat, and here are two short clips that will give you an idea of who the heck I am.

APT28 Uses Spear Phishing and NSA EternalBlue Exploit To Attack Hotel Wi-Fi

Aug 13, 2017 10:28:43 AM By Stu Sjouwerman

Russian APT28 (aka the Fancy Bear hacking group) is harnessing EternalBlue; NSA's Windows SMB exploit which made the WannaCry ransomware and Petya so effective — and are using it to ...

Security Awareness Training Blog

View Topics