Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

April 8, 2014: WinXPGeddon

If you still run Windows XP April 2014, you've got a timebomb on your hands if that system is still connected to the Internet. Stand-alone systems are a bit less of a risk.
Continue Reading

Electronic ID cards join fight against phishing attacks

Phishing attacks are believed to have hit 37.3 million people last year, escalating online password theft 300%. To fight back against this type of cyberattack, a team of researchers at ...
Continue Reading

New Cybercrime-as-a-Service: Unethical Pen-testing

I have talked about this a few times before, there is a well-developed $3 Billion underground economy specialized in cybercrime. Here is an example of a "promising" new criminal DIY ...
Continue Reading

Cyber risk weighs heavy on minds of execs

Tony Bradley at CSO Mag has a good analysis: " There is good news and bad new stemming from the Lloyd’s of London Risk Index 2013 report. The good news is that cyber risk is gaining more ...
Continue Reading

CyberheistNews Vol 3, 34 Security Awareness Training Newsletter

CyberheistNews Vol 3, # 34
Continue Reading

IT Security Is Broken Bad

With the TV show Breaking Bad in its last season, this seems to be a fun title. However, the topic is not all that much fun. You should realize it's not a question of when you will be ...
Continue Reading

Are Your Email Addresses On A Russian Phishing Site?

We are finding many U.S. commercial email addresses at the Russianemailsworld.boommer.ru website. It is really a 'staging' area for emails to be posted by the criminal underground. They ...
Continue Reading

Spear-phishing attackers vandalize CNN, TIME and Wash Post

You would think that by now journalists and people in media and advertising would be on the alert for social engineering red flags. But no. Syrian hacktivists sent a spear-phishing attack ...
Continue Reading

Forbes: IT Security Industry To Expand Tenfold

Richard Stiennon, Forbes contributor makes a stunning prediction. He claims that most organizations have woefully underspent for IT Security and now that governments around the world have ...
Continue Reading

Hackers put a bull's-eye on small business

Less than 500 employees? You’ve got a 20 percent chance of being hacked, and if it happens there’s a good chance your business is finished.
Continue Reading

CyberheistNews Vol 3, 33

CyberheistNews Vol 3, # 33
Continue Reading

We started trusting bad code from Day One

Vint Cerf – Photo by Charles Haynes
Continue Reading

Scam Of The Week: "Held For Ransom"

You should alert your users that a particularly effective scam is growing by leaps and bounds recently. It's not new, but it's bursting into mainline cybercrime these last few weeks. The ...
Continue Reading

Watching Porn on a Mobile …Risky?

The Internet has its own Red Light District, and it is one of the most unsafe areas you can browse. Online porn is a profitable sideline for the adult industry, but a mainline business ...
Continue Reading

CyberheistNews Vol 3, 32

CyberheistNews Vol 3, # 32
Continue Reading

Debate: Security Training Effective? What's Your Opinion...

In the August issue of SC Magazine yours truly is one of the two experts that discuss whether security training is an effective strategy in the workplace. My counterpart is Dave Aitel, ...
Continue Reading

Liberty and Security - it's not an either/or choice

My good friend Mac Graham just sent me this article that I think is thoughtful, balanced and provides a very interesting solution for this "Liberty versus Security" problem. (Full ...
Continue Reading

U.S. Commercial Banking In Top 10 Riskiest Industries.

Mark Holan at the Tampa Bay Business Journal reported on something remarkable. Commercial Banks are in the #6 slot of the Top 10 Riskiest industries in the U.S. (!) "Industry research ...
Continue Reading

CyberheistNews Vol 3, # 31

CyberheistNews Vol 3, # 31
Continue Reading

Scam Of The Week: Christian Singles

Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews