Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

LockBit Ransomware Group Steps Up Their Game with Triple Extortion as the Next Evolution

After suffering a taste of their own medicine as part of a response effort from victim organization Entrust, LockBit appears to have bounced back even stronger than before.
Continue Reading

Lost in Translation? New Cryptomining Malware Attacks Based in Turkey Cause Suspicion

Researchers at Check Point warn that attackers based in Turkey are distributing cryptomining malware via free software distribution websites, including Softpedia and uptodown. The ...
Continue Reading

[KREBS ON SECURITY] How 1-Time Passcodes Became a Corporate Liability

[The following article is at it appears at Krebs on Security here.] Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes ...
Continue Reading

The Extent of Social Engineering

Researchers at NordVPN have published the results of a survey that found that 84% of Americans have experienced some form of social engineering, although only 54% have heard of the term ...
Continue Reading

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.
Continue Reading

Researchers warn of darkverse emerging from the metaverse

ARN just reported: "The metaverse is seen by many companies as a great business opportunity and for new ways of working. Security provider Trend Micro, however, warns in a ...
Continue Reading

State-Based Cyberattacks to be Excluded from Lloyd’s of London Cyber Insurance Policies

As cyber insurers evolve their understanding of the cyber attack landscape, who’s responsible, and what’s at stake, a logical next step is taken by Lloyd’s to better isolate what is ...
Continue Reading

The Crypto Collapse Will Only Add Fuel to the Cyberattack Fire

Despite the crypto market’s loss of over $1 trillion in value since the beginning of the year, the value of the digital currency isn’t what makes it a popular choice for cybercriminals.
Continue Reading

BlackByte Ransomware Gang Comes Back to Life with a New Extortion Strategy

First debuted in July 2021, this ransomware gang that engages in their own attacks and offers a RWaaS model, has come back into the limelight offering victims several extortion payment ...
Continue Reading

Phishing Remains the Initial Infection Vector in 78% of Attacks Against OT-Heavy Industries

Companies heavily reliant on operational technology (OT) to function are just as much a target as businesses relying in traditional IT and are facing some of the same challenges to stop ...
Continue Reading

Report: Deepfakes Used in Scams

Scammers created a deepfake video of Patrick Hillmann, Chief Communications Officer at cryptocurrency exchange Binance, in order to scam people. Hillmann explained in a blog post that he ...
Continue Reading

[HEADS UP] Highly Sophisticated Job Offer Scam

If you've been approached by recruiters on LinkedIn for a potential job opportunity, you may want to pay attention to this recent scam.
Continue Reading

Dueling Clauses, or, not all Fraud is the Same

There are, famously, three things you can do with risk: accept it, mitigate it, or transfer it. And you transfer risk by buying insurance against it.
Continue Reading

[BUDGET AMMO] Companies Are Ditching Cybersecurity Insurance as Premiums Rise, Coverage Shrinks

As the CEO of a public InfoSec company I have a variety of news sources. One of these is called '"The Information" which covers in-depth tech stories usually earlier than anywhere else.  ...
Continue Reading

Teach Two Things to Decrease Phishing Attack Success

We know everyone is busy. Everyone already has too much on their plate and is trying to learn as much as they can every day.
Continue Reading

Vishing is a Rising Threat to the Enterprise

Most of us are all too familiar with vishing, the scam voice calls that offer to erase your credit card debt, to extend your automobile warranty, to get you to donate to that worthy cause ...
Continue Reading

On this Carousell Ride, the Crooks Take the Brass Ring.

In a variation on a recently seen theme in which scammers pose as buyers on e-commerce platforms, victims in Singapore are being taken in by people offering to buy goods from them.
Continue Reading

[FREE RESOURCE KIT] Cybersecurity Awareness Month 2022 Now Available

Cybersecurity Awareness Month is right around the corner, and we’ve got you covered! Your complimentary resource kit for 2022 is now available.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews