Nigerian Phishers Have Gone to School and Gotten Their CEO Fraud Diploma

Aug 29, 2017 5:45:48 PM By Stu Sjouwerman

The FBI calls CEO Fraud "Business Email Compromise" (BEC) and it has become a highly lucrative threat vector for attackers. According to IC3, the FBI's Internet Crime Complaint Center, ...

[ALERT] The IRS Issued An Urgent Warning Against An IRS / FBI-Themed Ransomware Phishing Attack

Aug 29, 2017 7:01:20 AM By Stu Sjouwerman

WASHINGTON, August 28, 2017 — The Internal Revenue Service warned people to avoid a new phishing scheme that impersonates the IRS and the FBI as part of a ransomware scam to take computer ...

CyberheistNews Vol 7 #34

Aug 28, 2017 9:20:29 AM By Stu Sjouwerman

Scam Of The Week: Hurricane Harvey Charity Fraud

Aug 27, 2017 12:43:13 PM By Stu Sjouwerman

Hurricane Harvey hit hard and especially Houston, TX got badly flooded. The death toll is rising and you can also count on low-life cyber-scum exploiting this disaster.

New Defray Ransomware Demands $5,000 In Customized Spear Phishing Attacks

Aug 26, 2017 10:42:45 AM By Stu Sjouwerman

This newly discovered ransomware strain is targeting healthcare, education, manufacturing and tech sectors in the US and UK, using customized spear phishing emails. Defray is demanding a ...

The RopeMaker Exploit Can CHANGE An Already Delivered Email

Aug 25, 2017 5:55:44 PM By Stu Sjouwerman

Our friends at Mimecast are warning against something scary! This is a sobering example of why scanners and filters will always be behind in the security arms race... They wrote: "Most ...

Health Care Systems Remain Targets of Ransomware And Phishing Attacks in 2017

Aug 25, 2017 4:41:25 PM By Stu Sjouwerman

Health care networks and providers are squarely in the cross hairs of ransomware cyber criminals and if the current rate of attacks continue it will likely exceed last years' events ...

Microsoft Wakes Up To The Fact That Cyber Security Risk Is A Business Risk [VIDEO]

Aug 24, 2017 4:57:31 PM By Stu Sjouwerman

The 800-pound Redmond Gorilla asks: "Should your security focus be on systems or people?" They wrote: "In the latest Modern Workplace episode, “Cyber Intelligence—The Human Element,” we ...

Enigma Hacked Before ICO Date -- CEO Had Not Changed A Compromised Password

Aug 23, 2017 1:32:16 PM By Stu Sjouwerman

Wherever there’s a lot of money to be made cyber thieves are not far behind. Think sharks surrounding a bait ball. Enigma is a financial data marketplace founded by a team from MIT which ...

Inside The New York Hospital That Was Down For 6 Weeks Due To Ransomware

Aug 22, 2017 10:00:00 AM By Stu Sjouwerman

If you ever needed ammo to convince budget holders that you need more IT security resources, this is the link to send them. It is a great discussion-starter how an attack like this would ...

CyberheistNews Vol 7 #33 New Study: Phishing Is Still the Top Threat Faced by Organizations

Aug 22, 2017 9:43:21 AM By Stu Sjouwerman

[On-Demand Webinar] How To Phish Like the Bad Guys

Aug 21, 2017 2:35:29 PM By Stu Sjouwerman

Despite all the spectacular news stories about advanced persistent threats and targeted hacks from nation-states, the most common security challenge facing enterprises today continues to ...

SyncCrypt Uses Graphic File to Cloak Ransomware in ZIP Phishing Payload

Aug 21, 2017 1:22:54 PM By Stu Sjouwerman

Emisoft Security researcher xXToffeeXx discovered another new phishing threat adept at bypassing Antivirus using a variation of the game played by PowerPoint PPSX attachment phishing ...

Criminals Use Social Engineering To Make Victims Install Malicious Chrome Extensions

Aug 21, 2017 7:30:08 AM By Stu Sjouwerman

The attackers did reconnaissance on their targets, using social networks which people inside the organization were involved in making financial transactions. These victims were then ...

Here Is A Cool And Useful INFOGRAPHIC About Social Engineering

Aug 20, 2017 11:33:56 AM By Stu Sjouwerman

Kevin Mitnick, KnowBe4's Chief Hacking Officer retweeted a link to well-executed infographic about Social Engineering, and here it is, courtesy of the team at Smartfile.com

New Study: Phishing Is Still The Top Threat Faced By Organizations

Aug 20, 2017 10:05:19 AM By Stu Sjouwerman

The new 2017 SANS Threat Landscape survey from the well-known research and education specialist finds that security professionals rate phishing at 72 percent, spyware at 50 percent, ...

Ukrainian Coder May Be First Potential Witness of DNC Phishing Attack

Aug 17, 2017 4:53:23 PM By Stu Sjouwerman

A lengthy and fascinating article in the New York Times by Andrew E. Kramer and Andrew Higgens on August 16, 2017 reported that a Ukranian coder known to his friends on the “dark web” as ...

Large Insurance Company Settles for $5.5 Million over "Failed To Patch" Data Breach

Aug 16, 2017 10:06:24 AM By Stu Sjouwerman

A large insurance company (Nationwide) agreed to pay a total of $5.5 Million to settle charges brought by 32 states resulting from the loss of critical consumer information attributable ...

This Is A First: Spear Phishing Attack Uses Compromised PowerPoint Slide Deck

Aug 15, 2017 9:36:32 AM By Stu Sjouwerman

Bad guys are exploiting the CVE-2017-0199 vulnerability to bypass endpoint security software and deliver the Remcos remote access Trojan via Microsoft PowerPoint decks. This particular ...

Survey of 2600 IT Pros: "Password Procedures Still Are A Cyber Security Fail"

Aug 15, 2017 8:30:00 AM By Stu Sjouwerman

After the NIST passwords bombshell, we surveyed 2,600 IT professionals to find out how they were managing passwords. The answers show that IT Pros are generally receptive to the proposed ...

Security Awareness Training Blog

View Topics