Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

LockBit Ransomware Group Steps Up Their Game with Triple Extortion as the Next Evolution

Aug 31, 2022 9:30:12 AM By Stu Sjouwerman
After suffering a taste of their own medicine as part of a response effort from victim organization Entrust, LockBit appears to have bounced back even stronger than before.
Continue Reading

Lost in Translation? New Cryptomining Malware Attacks Based in Turkey Cause Suspicion

Aug 31, 2022 9:30:07 AM By Stu Sjouwerman
Researchers at Check Point warn that attackers based in Turkey are distributing cryptomining malware via free software distribution websites, including Softpedia and uptodown. The ...
Continue Reading

[KREBS ON SECURITY] How 1-Time Passcodes Became a Corporate Liability

Aug 30, 2022 11:45:43 AM By Stu Sjouwerman
[The following article is at it appears at Krebs on Security here.] Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes ...
Continue Reading

The Extent of Social Engineering

Aug 30, 2022 10:25:14 AM By Stu Sjouwerman
Researchers at NordVPN have published the results of a survey that found that 84% of Americans have experienced some form of social engineering, although only 54% have heard of the term ...
Continue Reading

CyberheistNews Vol 12 #35 [Heads Up] Check This Highly Sophisticated LinkedIn Job Offer Scam

Aug 30, 2022 9:18:32 AM By Stu Sjouwerman
Continue Reading

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

Aug 29, 2022 9:54:50 AM By Stu Sjouwerman
Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.
Continue Reading

Researchers warn of darkverse emerging from the metaverse

Aug 26, 2022 8:03:03 AM By Stu Sjouwerman
ARN just reported: "The metaverse is seen by many companies as a great business opportunity and for new ways of working. Security provider Trend Micro, however, warns in a ...
Continue Reading

State-Based Cyberattacks to be Excluded from Lloyd’s of London Cyber Insurance Policies

Aug 25, 2022 9:14:31 AM By Stu Sjouwerman
As cyber insurers evolve their understanding of the cyber attack landscape, who’s responsible, and what’s at stake, a logical next step is taken by Lloyd’s to better isolate what is ...
Continue Reading

The Crypto Collapse Will Only Add Fuel to the Cyberattack Fire

Aug 25, 2022 9:14:22 AM By Stu Sjouwerman
Despite the crypto market’s loss of over $1 trillion in value since the beginning of the year, the value of the digital currency isn’t what makes it a popular choice for cybercriminals.
Continue Reading

BlackByte Ransomware Gang Comes Back to Life with a New Extortion Strategy

Aug 25, 2022 9:14:14 AM By Stu Sjouwerman
First debuted in July 2021, this ransomware gang that engages in their own attacks and offers a RWaaS model, has come back into the limelight offering victims several extortion payment ...
Continue Reading

Phishing Remains the Initial Infection Vector in 78% of Attacks Against OT-Heavy Industries

Aug 25, 2022 9:14:05 AM By Stu Sjouwerman
Companies heavily reliant on operational technology (OT) to function are just as much a target as businesses relying in traditional IT and are facing some of the same challenges to stop ...
Continue Reading

Report: Deepfakes Used in Scams

Aug 25, 2022 9:13:56 AM By Stu Sjouwerman
Scammers created a deepfake video of Patrick Hillmann, Chief Communications Officer at cryptocurrency exchange Binance, in order to scam people. Hillmann explained in a blog post that he ...
Continue Reading

[HEADS UP] Highly Sophisticated Job Offer Scam

Aug 25, 2022 8:55:44 AM By Stu Sjouwerman
If you've been approached by recruiters on LinkedIn for a potential job opportunity, you may want to pay attention to this recent scam.
Continue Reading

Dueling Clauses, or, not all Fraud is the Same

Aug 24, 2022 10:47:04 AM By Stu Sjouwerman
There are, famously, three things you can do with risk: accept it, mitigate it, or transfer it. And you transfer risk by buying insurance against it.
Continue Reading

[BUDGET AMMO] Companies Are Ditching Cybersecurity Insurance as Premiums Rise, Coverage Shrinks

Aug 24, 2022 8:45:22 AM By Stu Sjouwerman
As the CEO of a public InfoSec company I have a variety of news sources. One of these is called '"The Information" which covers in-depth tech stories usually earlier than anywhere else.  ...
Continue Reading

Teach Two Things to Decrease Phishing Attack Success

Aug 24, 2022 8:25:03 AM By Roger Grimes
We know everyone is busy. Everyone already has too much on their plate and is trying to learn as much as they can every day.
Continue Reading

Vishing is a Rising Threat to the Enterprise

Aug 23, 2022 10:05:48 AM By Stu Sjouwerman
Most of us are all too familiar with vishing, the scam voice calls that offer to erase your credit card debt, to extend your automobile warranty, to get you to donate to that worthy cause ...
Continue Reading

CyberheistNews Vol 12 #34 [Eye Opener] The Cisco Hack Was Caused by Initial Access Broker Phishing

Aug 23, 2022 9:30:00 AM By Stu Sjouwerman
Continue Reading

On this Carousell Ride, the Crooks Take the Brass Ring.

Aug 22, 2022 9:14:37 AM By Stu Sjouwerman
In a variation on a recently seen theme in which scammers pose as buyers on e-commerce platforms, victims in Singapore are being taken in by people offering to buy goods from them.
Continue Reading

[FREE RESOURCE KIT] Cybersecurity Awareness Month 2022 Now Available

Aug 22, 2022 7:30:00 AM By Stu Sjouwerman
Cybersecurity Awareness Month is right around the corner, and we’ve got you covered! Your complimentary resource kit for 2022 is now available.
Continue Reading
Subscribe

Search Our Blog


Cybersecurity Awareness Month 2022 Free Resource Kit

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews