Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

Cybersecurity Top Risk Consideration In Board Room

Dec 31, 2014 2:23:30 PM By Stu Sjouwerman
The Wall Street Journal polled its readers and asked them to rate the top compliance issues of 2014. The answers were very interesting!
Continue Reading

Schneier: Sony Hackers May Have Had Inside Help

Dec 31, 2014 1:11:22 PM By Stu Sjouwerman
Well-known IT Security guru Bruce Schneier commented on recent discoveries related to the Sony Hack. First of all, an analysis of the timestamps on some of the leaked documents shows that ...
Continue Reading

Defense In Depth: Your Answer To Social Engineering

Dec 31, 2014 1:04:36 PM By Stu Sjouwerman
Organizations defend their networks on each of the six levels in the green graph you see. End-user Internet Security Awareness Training resides in the outer layer: ‘Policies, Procedures, ...
Continue Reading

New ransomware called "extortionware" in 2015? Not so much...

Dec 30, 2014 4:17:00 PM By Stu Sjouwerman
TK Keanini, CTO, Lancope wrote a 2015 Predictions editorial over at SC Magazine. He said he expects more malware like CryptoLocker and CryptoWall over the next 12 months, but also ...
Continue Reading

A new strain of "ransomware" is striking

Dec 30, 2014 3:02:49 PM By Stu Sjouwerman
Mitch Lipka of CBS Moneywatch wrote:
Continue Reading

2015 Crystal Ball / Three Scams To Warn Your Users About

Dec 30, 2014 9:23:00 AM By Stu Sjouwerman
CyberheistNews Vol 4 #51 Dec 30, 2014 2015 Crystal Ball / Three Scams To Warn Your Users About During my 15-year stint as the editor of WServerNews, I always started the year with a ...
Continue Reading

Three Scams To Warn Your Users About

Dec 29, 2014 9:54:00 AM By Stu Sjouwerman
It's the holidays and the bad guys are working overtime. There are three scams you want to warn your users about. Remember the Phil Esterhaus character in Hill Street Blues? To begin ...
Continue Reading

Security Awareness Training in 2015

Dec 25, 2014 10:45:53 AM By Stu Sjouwerman
Lance Spitzner at the SANS Securing The Human program and I have a lot in common; we evangelize effective security awareness training and we both drive a Tesla. In his 22 December 2014 ...
Continue Reading

Cybercrime group steals millions from Russian banks and targets US

Dec 25, 2014 9:26:00 AM By Stu Sjouwerman
This is actually quite interesting, hackers that are successful inside Russia, as normally these guys are shut down by the FSB in a heartbeat. It must be that they are outside of the ...
Continue Reading

Nine Data Breaches That Cost Someone Their Job

Dec 25, 2014 8:44:43 AM By Stu Sjouwerman
Following last year’s big announcement of not just Target’s data breach but executive job loss, CSO lays out 9 data breaches resulting in job loss. They compare Target alongside other ...
Continue Reading

Sony Pictures Cyber Attack TIMELINE

Dec 24, 2014 12:07:39 PM By Stu Sjouwerman
This Sony Pictures Cyber Attack TIMELINE by the www.databreachtoday.com site is quite interesting.
Continue Reading

Announcing InfoSec World 2015

Dec 23, 2014 5:42:00 PM By Stu Sjouwerman
MIS Training Institute (MISTI) and their esteemed Advisory Board are excited to present the InfoSec World 2015 Conference & Expo. KnowBe4's CyberheistNews is a Media Sponsor for the ...
Continue Reading

Phishing Attack on German Steel Factory System Caused Massive Damage

Dec 23, 2014 3:06:00 PM By Stu Sjouwerman
Hackers breached security of a German steel mill's network and caused considerable damage by manipulating the controls of a blast furnace. The attackers gained access to the network ...
Continue Reading

CyberheistNews Vol 4 #49 Dec 23, 2014

Dec 23, 2014 9:18:00 AM By Stu Sjouwerman
Lessons Learned From The Sony Pictures Hack Bruce Schneier reminded me of an old but very relevant concept in IT Security. There are two types of attacks: opportunistic and targeted. And ...
Continue Reading

Scam of The Week: LinkedIn Greeting Cards Carrying Malware

Dec 22, 2014 4:37:00 PM By Stu Sjouwerman
System admins hold the keys to the kingdom. The NSA is actively hunting for system admin credentials. A popular way to get you to click on something that installs zero-day malware on your ...
Continue Reading

Malware Used To Wipe Sony's Drives Was Quick And Dirty

Dec 22, 2014 9:44:20 AM By Stu Sjouwerman
It's still not clear (and it may never be discovered) how the Democratic People's Republic of (North) Korea (DPRK) hackers came in, perhaps they used all available threat vectors since ...
Continue Reading

Staples: 6-Month Malware Breach, 1.16 Million Cards

Dec 20, 2014 11:36:00 AM By Stu Sjouwerman
Office supply chain Staples Inc. today finally acknowledged that a malware intrusion by hackers this year at some of its stores resulted in a credit card breach. The company now says some ...
Continue Reading

Lessons Learned From The Sony Pictures Hack

Dec 20, 2014 10:37:00 AM By Stu Sjouwerman
Bruce Schneier reminded me of an old but very relevant concept in IT Security. There are two types of attacks: opportunistic and targeted. And then you can characterize attackers on two ...
Continue Reading

Malicious links: Spammers change malware delivery tactics

Dec 18, 2014 5:58:56 PM By Stu Sjouwerman
Symantec just put this out and I thought you might be interested. They are seeing a lot of hackers using Upatre and Ponik malware over the last couple of months, delivered by spam email ...
Continue Reading

I simply could not resist this vanity plate

Dec 18, 2014 5:34:05 PM By Stu Sjouwerman
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews