Security Teams Spend 71 Hours Responding to Every One Hour in a Cyber Attack

Feb 12, 2024 10:31:53 AM By Stu Sjouwerman

New data sheds light on what kinds of cyber attacks are targeting your cybersecurity team, what it’s costing them, why it’s taking so much time to fix, and where you should focus ...

Americans Lose a Record $10 Billion to Fraud in 2023; Mostly Due To Investment Scams

Feb 12, 2024 10:31:50 AM By Stu Sjouwerman

The US Federal Trade Commission (FTC) has disclosed that people in the United States lost a record $10 billion to fraud in 2023, a 14% increase from 2022. Nearly half of the losses were ...

Browser-Based Phishing Attacks Increase 198%, With Evasive Attacks Increasing 206%

Feb 9, 2024 12:03:26 PM By Stu Sjouwerman

A new report shows massive increases in browser attacks in the second half of 2023, with over 31,000 threats specifically designed to bypass security solution detection.

Calculating Materiality for SEC Rule 1.05

Feb 9, 2024 12:03:21 PM By Roger Grimes

The U.S. Securities and Exchange Commission (SEC), through a new requirement of Item 1.05 of the 8-K, requires that all regulated companies report significant cybersecurity breaches ...

Cybersecurity Resiliency and Your Board of Directors

Feb 8, 2024 2:41:03 PM By Roger Grimes

Growing cybersecurity threats, especially ransomware attacks, and the Securities and Exchange Commission’s (SEC) recent rules have made having a cybersecurity-aware Board of Directors ...

Watch Out For Valentine’s Day Romance Scams

Feb 8, 2024 2:40:58 PM By Stu Sjouwerman

Users should be wary of online romance scams ahead of Valentine’s Day, according to Imogen Byers at ESET. While in the past these scams could often be thwarted by using reverse image ...

Unprecedented Rise of Malvertising as a Precursor to Ransomware

Feb 8, 2024 8:00:00 AM By Stu Sjouwerman

Cybercriminals increasingly used malvertising to gain initial access to victims’ networks in 2023, according to Malwarebytes’s latest State of Malware report.

81% of Organizations Cite Phishing as the Top Security Risk

Feb 8, 2024 8:00:00 AM By Stu Sjouwerman

Organizations are finally dialing in on where they need to focus their cybersecurity strategies, starting with phishing. But the top four cited security risks all have one element in ...

Chinese Hackers Spy on Dutch Ministry of Defense: A Story of Alarming Cyber Espionage

Feb 7, 2024 8:00:00 AM By Stu Sjouwerman

In a revelation that adds yet another chapter to the ongoing saga of international cybersecurity threats, the Dutch Ministry of Defense recently shed light on a significant security ...

[On-Demand Webinar] How to Fight Long-Game Social Engineering Attacks

Feb 7, 2024 8:00:00 AM By Stu Sjouwerman

Sophisticated cybercriminals are playing the long game. Unlike the typical hit-and-run cyber attacks, they build trust before laying their traps. They create a story so believable and ...

Synthetic Data: The New Frontier in Cyber Extortion

Feb 6, 2024 1:38:57 PM By Martin Kraemer

Organizations are increasingly facing cyber attacks resulting in data breaches, and part of their post-incident responsibilities includes adhering to mandatory reporting requirements.

Generative AI Used to Launch Phishing Attacks

Feb 6, 2024 1:38:52 PM By Stu Sjouwerman

Criminal threat actors are increasingly utilizing generative AI tools like ChatGPT to launch social engineering attacks, according to researchers at Check Point.

CyberheistNews Vol 14 #06 [New Threat] Attackers Are Now Using MS Teams to Phish Your Users

Feb 6, 2024 9:32:26 AM By Stu Sjouwerman

Fake “I Can’t Believe He’s Gone” Posts Seek to Steal Facebook Credentials

Feb 5, 2024 4:58:17 PM By Stu Sjouwerman

A new scam relies on a victim's sense of curiosity, brand impersonation, and the hopes of a new login to compromise Facebook credentials.

New Phishing-As-A-Service Kit with Ability to Bypass MFA Targets Microsoft 365 Accounts

Feb 5, 2024 4:57:58 PM By Stu Sjouwerman

A phishing-as-a-service platform called “Greatness” is facilitating phishing attacks against Microsoft 365 accounts, according to researchers at Sucuri.

Social Engineering Masterstroke: How Deepfake CFO Duped a Firm out of $25 Million

Feb 5, 2024 8:47:01 AM By Stu Sjouwerman

Check out this one line for a moment...“duped into attending a video call with what he thought were several other members of staff, but all of whom were in fact deepfake recreations.”

Vendor Email Compromise Attacks Against Financial Services Surge 137% Last Year

Feb 2, 2024 1:27:13 PM By Stu Sjouwerman

Analysis of 2023 attacks shows how the financial services industry had a very bad year, with increases in both vendor email compromise (VEC) and business email compromise (BEC) attacks, ...

Microsoft Teams: The New Phishing Battlefront - How Attackers Are Exploiting Trusted Platforms

Feb 1, 2024 1:43:34 PM By Stu Sjouwerman

Attackers are abusing Microsoft Teams to send phishing messages, according to researchers at AT&T Cybersecurity.

81% of Underwriters Expect Cyber Insurance Premiums to Increase as Risk is Expected to Soar

Feb 1, 2024 1:43:29 PM By Stu Sjouwerman

New data from cyber insurance underwriters shows what they think the biggest threats will be in 2024 and what organizations should do about it.

Associated Press: "Grave peril of digital conspiracy theories."

Feb 1, 2024 12:30:27 PM By Stu Sjouwerman

The AP published a great article. This is your executive summary: Conspiracy theories have always been part of American culture, but advanced technology is making them more persuasive and ...

Security Awareness Training Blog

View Topics