[ALERT] New Fileless, Code-injecting Ransomware Bypasses Antivirus

Jun 18, 2017 11:59:32 AM By Stu Sjouwerman

Security researchers have discovered a new fileless ransomware in the wild, which injects malicious code into a legitimate system process (svchost.exe) on a targeted system and then ...

See Me On Video At The NYSE Cyber Investing Summit Pitching KnowBe4

Jun 18, 2017 9:52:46 AM By Stu Sjouwerman

The CyberWire wrote: Pitches: "Innovation from Young Companies The Pitch Panel was the Cyber Investing Summit's fast round of innovation pitches, moderated by Allegis's Bob Ackerman and ...

FIN10: Anatomy of a Ransomware Phishing Extortion Operation

Jun 17, 2017 2:39:47 PM By Stu Sjouwerman

Cyber security firm FireEye reported that that a number of Canadian mines and casinos were hacked by a group named FIN10 – FireEye labels FIN10 to be “one of the most disruptive threat ...

CIA Director Brennan: "Russia's Cyber Capability Increasingly Sophisticated And Not Bound By Law"

Jun 17, 2017 10:37:52 AM By Stu Sjouwerman

I was at the Gartner Security & Risk Management Summit at National Harbor, in DC this week. One of the keynotes was by CIA Director George Brennan, who was sworn in as director of the ...

Did WannaCry Ransomware Escape North Korean Containment?

Jun 17, 2017 9:00:08 AM By Stu Sjouwerman

Mike Mimoso at Kaspersky's Threatpost blog raised the theory that the ransomware wasn’t contained properly and spread before it was meant to be unleashed. Malware expert Jake Williams, ...

Southern Oregon University Lost $1.9 Million Due To CEO Fraud

Jun 15, 2017 11:32:31 AM By Stu Sjouwerman

Mail Tribune reported that Southern Oregon University is just the latest victim of CEO fraud (which the FBI calls Business Email Compromise or BEC) after hackers tricked university ...

ICO less likely to issue fines for data breaches if they show staff training

Jun 14, 2017 11:46:57 AM By Stu Sjouwerman

The UK's Information Commissioner's Office has said that in the event of a data breach it would be less likely to issue a monetary penalty to charities which had taken “reasonable steps” ...

CyberheistNews Vol 7 #24

Jun 12, 2017 9:42:13 AM By Stu Sjouwerman

This Ransomware Targets HR Departments With Fake Job Applications

Jun 10, 2017 2:51:40 PM By Stu Sjouwerman

I missed this one a few months ago, but it's a great example how focused the bad guys are getting with their attacks, and you need to watch out for this social engineering attack vector ...

Windows 10 Stops Ransomware Cold... Or Does It?

Jun 10, 2017 10:54:47 AM By Stu Sjouwerman

OK, finally there is some good news in the fight against ransomware!

New PowerPoint Social Engineering Attack Installs Malware Without Requiring Macros

Jun 9, 2017 6:38:08 AM By Stu Sjouwerman

Researchers at Security firm SentinelOne reported that a group of hackers is using malicious PowerPoint files to distribute 'Zusy,' a banking Trojan, also known as 'Tinba' (Tiny Banker). ...

Federal Contractor? Insider Threat Training Deadline June 1- Don't Lose Your Clearance

Jun 7, 2017 4:38:21 PM By Stu Sjouwerman

Insider Threat Training Requirement for US Gov't Contractors (Deadline May 31, 2017) SANS just alerted US federal contractors that wish to maintain their clearances must have completed an ...

ITIC / CyberheistNews Top 10 IT Security Recommendations May 2017

Jun 7, 2017 11:06:37 AM By Stu Sjouwerman

By Laura DiDio There is no such thing as a 100% fully secure environment. And there never will be. Security is not static; it is an ongoing work in progress. Organizations must be ...

Netflix, ABC Hacker Promises More Phishing: "Hollywood Is Under Attack"

Jun 7, 2017 7:29:36 AM By Stu Sjouwerman

The Hollywood Reporter (THR) talked directly to TheDarkOverlord hacking collective that claims to have studio films. They said: "We're in the business of earning vast amounts of internet ...

Top Secret NSA Doc Shows Russians Spear-Phishing Election Officials

Jun 6, 2017 8:00:18 AM By Stu Sjouwerman

The Intercept reported that the GRU (Russian Military Intelligence, the FSB's counterpart) executed a cyberattack on at least one U.S. voting software supplier and sent spear-phishing ...

CyberheistNews Vol 7 #23

Jun 5, 2017 9:55:13 AM By Stu Sjouwerman

Have We Reached "Peak Ransomware"?

Jun 3, 2017 11:34:36 AM By Stu Sjouwerman

There was an article with the title: "Don’t panic: We’ve reached ‘peak ransomware’" in a publication called The Memo. They decided to ask an expert: Rik Ferguson, VP of security research ...

Scam Of The Week: DMV Warns Drivers About Traffic Ticket Phishing

Jun 3, 2017 9:24:31 AM By Stu Sjouwerman

Online reporter Doug Olenick at SC Media was the first to point to a press release from the NY State Department of Motor Vehicles warning about a phishing scam where New York drivers are ...

Did you know how the word Phishing came to be?

Jun 2, 2017 2:50:15 PM By Stu Sjouwerman

I found this at ComputerWorld: "The word phishing was coined around 1996 by hackers stealing America Online accounts and passwords. By analogy with the sport of angling, these Internet ...

Powerful New KnowBe4 Feature: Training Notifications Are Here!

Jun 2, 2017 1:00:01 PM By Stu Sjouwerman

We have a powerful new feature that you can use now. Here is the data about the training notifications and how they work. This feature is for all subscription levels that have training, ...

Security Awareness Training Blog

View Topics