Researchers Warn of EtterSilent Facilitating Risky Malware Delivery

Apr 29, 2021 10:25:23 AM By Stu Sjouwerman

Cybercriminals are using a new malicious document builder dubbed “EtterSilent,” according to researchers at Intel 471. The builder is used to craft Microsoft Office documents with macros ...

Lazarus Group Uses New Technique to Avoid Detection

Apr 29, 2021 10:25:03 AM By Stu Sjouwerman

North Korea’s Lazarus group is using an interesting method to evade security measures, according to researchers at Malwarebytes. The threat actor is sending phishing emails with malicious ...

Evil Corp Tries to Work Around U.S. Treasury Sanctions Using Hades Ransomware

Apr 29, 2021 10:24:44 AM By Stu Sjouwerman

The cybercriminal group linked to over $100 Million in financial damages has pivoted their execution strategy to bypass sanctions that prevent U.S. companies from paying them ransom.

New Ransomware Task Force Shares Actions To Disrupt Ransomware Cyber Crime

Apr 29, 2021 10:09:32 AM By Stu Sjouwerman

The Ransomware Task Force, a public-party coalition of more than 50 experts, has shared a framework of actions to disrupt the ransomware business model.

Phishing Campaign Abuses Contact Forms

Apr 29, 2021 10:00:00 AM By Stu Sjouwerman

Attackers are abusing websites’ contact forms to send malicious emails to the websites’ owners, according to researchers at Microsoft. The emails contain bogus copyright claims with a ...

Mobile is a Problem: 97% of Organizations Experienced Mobile Attacks in 2020

Apr 29, 2021 8:41:17 AM By Stu Sjouwerman

Everything from applications, social apps, OS vulnerabilities and even mobile device management acted as initial attack vectors troubling nearly every single organization globally.

Cybercriminals Use Job-Specific Social Media Platforms to Target UK Citizens With Fake Accounts

Apr 29, 2021 4:55:00 AM By Stu Sjouwerman

At least 10,000 UK citizens have been targeted by nation-state actors via fake LinkedIn accounts over the past five years, the BBC reports. Ken McCallum, Director-General of MI5, said ...

Phishing Tactics Help Legitimate Pension Fund to Secure Meetings with Prospective Customers

Apr 28, 2021 8:57:07 AM By Stu Sjouwerman

Security researchers uncover a marketing campaign that takes a page from the cybercriminal phishing handbook to “trick” pensioners to have an introductory call with their fund expert.

The Darkside Ransomware Group Is the Dangerous Poster Child for Today’s Ransomware-as-a-Service

Apr 28, 2021 8:56:59 AM By Stu Sjouwerman

Looking beyond the “older” RaaS threat groups like Ryuk, DoppelPaymer, and Revil, today’s modern ransomware-as-a-service operator is far more business-like and specific in execution.

A Legitimate Charity Prompts Scam Imitators

Apr 28, 2021 8:00:00 AM By Stu Sjouwerman

Scammers are impersonating philanthropist Mackenzie Scott, the billionaire ex-wife of Jeff Bezos, the New York Times reports. Scott prefers to give money directly and contacts charities ...

FBI Obtains Authorization to Access US Servers to Remove Webshells Due to Exchange Vulnerability

Apr 27, 2021 1:45:00 PM By Stu Sjouwerman

Your server could have been compromised and the FBI was trying to mitigate the issue without you even knowing it yet.

Forrester TEI Study Shows KnowBe4 Can Deliver a Customer ROI of 276% with a Less Than 3-Month Payback

Apr 27, 2021 11:00:00 AM By Stu Sjouwerman

KnowBe4 commissioned Forrester Consulting to conduct a Total Economic Impact™ (TEI) study, examining the potential Return on Investment (ROI) enterprises might realize by implementing the ...

CyberheistNews Vol 11 #16 [Heads Up] COVID-Related Phishing Attacks Return to Mid-Pandemic Heights

Apr 27, 2021 10:25:51 AM By Stu Sjouwerman

Eavesdrop on the Back-and-Forth of Negotiating with a Criminal Ransomware Organization

Apr 27, 2021 10:00:58 AM By Stu Sjouwerman

Details around the recent successful ransomware attack on fashion retailer FatFace provide some insight into what you should expect when you become a victim.

Currently Popular Social Engineering Tactics

Apr 27, 2021 10:00:27 AM By Stu Sjouwerman

Criminals are exploiting new technology to launch updated versions of old attacks, according to Derek Slater at CSO. George Gerchow, CSO at Sumo Logic, told Slater that threat actors are ...

COVID-Related Phishing Attacks Return to Mid-Pandemic Heights

Apr 27, 2021 10:00:00 AM By Stu Sjouwerman

New data from Palo Alto Network’s Unit42 provides a wealth of insight into specifically how cybercriminals have leveraged COVID-related theming to ensure a successful phishing attack.

CyberheistNews Vol 11 #15 [HEADS UP] Recent Phishing Attacks Using PDF Files Have Skyrocketed More Than 1,000%

Apr 13, 2021 9:33:04 AM By Stu Sjouwerman

[INFOGRAPHIC] Q1 2021 Report Shows Users are More Savvy to COVID-19 Phishing Scams

Apr 13, 2021 9:30:36 AM By Stu Sjouwerman

KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. These are broken down into three different categories: social media related subjects, general subjects, ...

[New Benchmarking Feature] Compare Your Organization’s Security Awareness Proficiency with Other Companies in Your Industry

Apr 13, 2021 8:37:33 AM By Stu Sjouwerman

We are excited to announce that the KnowBe4 Industry Benchmarking feature has been expanded to now include industry benchmark comparison data for Security Awareness Proficiency Assessment ...

2021 Phishing Trends Face Alarming Predictions and Will Likely Include Automated Attacks

Apr 13, 2021 8:24:29 AM By Stu Sjouwerman

Researchers at INKY warn that targeted phishing attacks will continue throughout 2021, as some employees return to the office and others continue working from home. They predict that ...

Security Awareness Training Blog

View Topics

Researchers Warn of EtterSilent Facilitating Risky Malware Delivery

Lazarus Group Uses New Technique to Avoid Detection

Evil Corp Tries to Work Around U.S. Treasury Sanctions Using Hades Ransomware

New Ransomware Task Force Shares Actions To Disrupt Ransomware Cyber Crime

Phishing Campaign Abuses Contact Forms

Mobile is a Problem: 97% of Organizations Experienced Mobile Attacks in 2020

Cybercriminals Use Job-Specific Social Media Platforms to Target UK Citizens With Fake Accounts

Phishing Tactics Help Legitimate Pension Fund to Secure Meetings with Prospective Customers

The Darkside Ransomware Group Is the Dangerous Poster Child for Today’s Ransomware-as-a-Service

A Legitimate Charity Prompts Scam Imitators

FBI Obtains Authorization to Access US Servers to Remove Webshells Due to Exchange Vulnerability

Forrester TEI Study Shows KnowBe4 Can Deliver a Customer ROI of 276% with a Less Than 3-Month Payback

CyberheistNews Vol 11 #16 [Heads Up] COVID-Related Phishing Attacks Return to Mid-Pandemic Heights

Eavesdrop on the Back-and-Forth of Negotiating with a Criminal Ransomware Organization

Currently Popular Social Engineering Tactics

COVID-Related Phishing Attacks Return to Mid-Pandemic Heights

CyberheistNews Vol 11 #15 [HEADS UP] Recent Phishing Attacks Using PDF Files Have Skyrocketed More Than 1,000%

[INFOGRAPHIC] Q1 2021 Report Shows Users are More Savvy to COVID-19 Phishing Scams

[New Benchmarking Feature] Compare Your Organization’s Security Awareness Proficiency with Other Companies in Your Industry

2021 Phishing Trends Face Alarming Predictions and Will Likely Include Automated Attacks

Search Our Blog

Subscribe To Our Blog

Posts By Topic

Get the latest about social engineering

Subscribe to CyberheistNews

Get the latest about social engineering

Subscribe to CyberheistNews

Products & Services

About Us

Free Tools

Contact Us

Contact Support

Search