Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

More Phishing Attacks Going After Financial Data

Kaspersky recently reported that 28.8 percent of phishing attacks in 2014 tried to steal financial data from consumers. The results show how cybercrime has shifted its focus to payment ...
Continue Reading

CyberheistNews Vol 5 #4 Chinese Phish All Identities of NSA, CIA, FBI and more...

Chinese Phish All Identities of NSA, CIA, FBI and more... For a day or so I was puzzled that the Anthem hack trail led to China. This would normally be a Russian operation. Then an ...
Continue Reading

Kaspersky: NSA has pwned all hard drives firmware

Reuters just broke news that's pretty astounding. I\m copying just a few paragraphs and I recommend you read the release yourself.
Continue Reading

Billion Dollar Carbanak Cyberheist

As promised, here is more data about the Carbanak cyberheist in addition to the original post First of all, a map that shows the IP addresses of the institutions that were hit. Kaspersky ...
Continue Reading

More Than 16 Million Devices Are Infected With Mobile Malware

Pierluigi Paganini blogged about a recent study published by Alcatel-Lucent’s Motive Security Labs which reported that 16 million devices worldwide have been infected by mobile malware.
Continue Reading

World's Biggest Cyberheist Cybergang Phished $900 Million Out Of Banks

More than 100 financial institutions in 30 countries have been the victim of a cyberheist that lasted in some cases almost 2 years. This was not a smash-and-grab but a highly ...
Continue Reading

New KnowBe4 Console V4.0 Released

We are excited to announce Version 4.0 of the KnowBe4 console with some exciting new phishing features! Here are the two main highlights and the rest of the list is below. - Random ...
Continue Reading

Anthem Hack Caused By A Phished System Admin?

The foreign hackers who stole up to 80 million records from Anthem social engineered their way into the company's network by obtaining the credentials of five tech workers. Thomas Miller, ...
Continue Reading

Antivirus Products Are Slow at Making Malware Signatures

The traditional malicious software detection approach is far from being sufficient, especially in corporate environments. More and more it's found that antivirus products can take months ...
Continue Reading

Ransomware We Have Not Seen The Worst Yet

The massive success of CryptoLocker starting September 2013 has spawned a number of rapidly growing ransomware families. More recent versions of this malware have learned a number of ...
Continue Reading

Anthem Breach Began with Phishing of Employees

Last updated 2/12/2015 - The foreign hackers who stole up to 80 million records from Anthem social engineered their way into the company's network by obtaining the credentials of five ...
Continue Reading

Hacked Lawyers Office Sends Phishing Attack To Customers

An interesting new wrinkle in phishing attacks is in the wild as we speak. A system administrator reported the following on the spiceworks forum:
Continue Reading

Malware Hijacks Microsoft Outlook And Spreads Banking Trojan

I mentioned a few months ago that I expected something like this, but it has materialized faster than I expected. Trend Micro researchers discovered a new version of the Dyre banking ...
Continue Reading

CyberheistNews Vol 5 #6 Feb 10, 2015 New Ransomware Strain Encrypts Files From RAM / Scam Of The Week

New Ransomware Strain Encrypts Files From RAM / Scam Of The Week Security researchers at venture-backed Invincea have discovered a new Russian ransomware strain they called "Fessleak". It ...
Continue Reading

Spear Phishing Attack Makes $17.2 Million In Three Days

Corporate cybercrime on an international scale has hit one of Omaha’s biggest and oldest companies. CEO Chuck Elsea's email address was spoofed and this cost them millions because their ...
Continue Reading

What KnowBe4 Users Say About The Service

Feb 6, 2015 at 3:40 PM: Cyali said: "I'll be redoing our security policy shortly, as well as spearheading a project to put together a real IT orientation as part of our onboarding process.
Continue Reading

Brand new ransomware strain encrypts files from memory

Security researchers at venture-backed Fairfax, Virginia-based Invincea have discovered a new Russian ransomware strain they called "Fessleak" which delivers its malicious code straight ...
Continue Reading

Slideshow: The Worst Of The Worst Phishing Scams

www.CSOonline.com provides news, analysis and research on a broad range of security and risk management topics. Areas of focus include information security, physical security, business ...
Continue Reading

Data Breach at Health Insurer Anthem 80 million records

Last updated Feb 7, 2015 - Both the Wall Street Journal and cyber security blogger Brian Krebs reported that Anthem Inc., the nation’s second largest health insurer disclosed that hackers ...
Continue Reading

CyberheistNews Vol 5 #5 Scam Of The Week: Child Predator Phishing Email

Scam Of The Week: Child Predator Phishing Email Just when you think phishing criminals cannot sink any further, you get confronted with a "new low". This phishing scam preys a on parent's ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews