Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

CyberheistNews Vol 2, #23

Continue Reading

CyberheistNews Vol 2, #22

Continue Reading

Norton Protects Against Flame?

[caption id="" align="alignleft" width="260" caption="Norton Protects Against Flame?"][/caption] The antivirus industry is making hay with the new Flame malware, but Symantec marketing is ...
Continue Reading

Chinese hacker brings grief to Calgary’s Catholic school system

Hackers will find any mail server that is not protected and/or configured correctly and use it to send out as much spam as possible. This gets the unsuspecting organization blacklisted ...
Continue Reading

New Cyberweapon 'Flame': CIA and Mossad Coproduction

'Flame', the most sophisticated piece of malware to date, was discovered by the International Telecommunication Union (ITU) and Kaspersky Lab. This code is more complex and has more ...
Continue Reading

Banks warned of sophisticated new online scam

Antone Gonsalves at NetworkWorld got this story first. Here is how the scam works, so do not fall for it. You can recognize it by the grammar and spelling mistakes. "The cyber-criminals ...
Continue Reading

Ten years of Windows malware

Ed Bott wrote a truly excellent article over at ZDNet where he describes the history of Windows Malware, which shows on the very first slide that most malware is installed via social ...
Continue Reading

VIDEO The Top 5 Online Security Traps And How To Avoid Them

GFI is one of the few antivirus vendors that understands the importance of prevention and end-user training. They produced this useful video that in two minutes illustrates the top 5 ...
Continue Reading

Gmail Security Hole Allows Hackers To Automate Social Engineering Trick

Christopher Mims over at Technology Review was the first one to report on this. A large Gmail security hole could lead to mass harvesting of accounts, as hackers can automate this social ...
Continue Reading

Fake Facebook “Account Cancelation Requests” Lead to Malware

Softpedia reported: "A shady-looking email, apparently originating from Facebook, has been seen in inboxes, informing users that the social media network has received an account ...
Continue Reading

Hackers Target the Weakest Link: The End User

I was interviewed by Jeremy Quittner yesterday. Here is how he started his article in American Banker today: "It took Stu Sjouwerman, the founder and chief executive of security firm ...
Continue Reading

Guessable Passwords: The Unpatchable Exploit

Monday morning, I found a tweet by @INFOSECSchool with the above title. I admit, it's a catchy phrase and sure enough, IF you allow easy passwords, it's an invitation to get hacked. This ...
Continue Reading

Fake Amex ID Verification

[caption id="" align="alignleft" width="260" caption="Fake Amex ID Verification"][/caption] OK, here is another one to warn everyone about, especially the employees that have a ...
Continue Reading

Spot the security "no-no"

[caption id="" align="alignleft" width="260" caption="Spot the security "no-no""][/caption] Wow, talk about a TV interview that contains a massive vulnerability. We think this is a press ...
Continue Reading

Russia's most effective cybercriminals

Rod Rasmussen over at SecurityWeek has a really interesting article about a Russian cyber gang driving a massive wave of fraud: "Tucked away in a small town outside Moscow, Russia one of ...
Continue Reading

Spear-phishing attacks hit gas pipeline networks

A Homeland Security Department cyber response team focusing on industrial control systems has issued a warning to the natural gas pipeline industry of targeted cyberattacks that have ...
Continue Reading

Gartner considers security awareness training an essential tool for all companies

Linda Musthaler, at NetworkWorld just wrote an excellent article about training workers to be cyber safe. One paragraph was especially noteworthy: “In 2012 we’re already seeing a sharp ...
Continue Reading

I am a malware coder and botnet operator

This is a discussion on Reddit, where a (presumably Polish) malware coder and botnet operator very candidly answers questions from people. This is a fascinating but rather technical read, ...
Continue Reading

CyberheistNews Vol 2, #21

Continue Reading

News - FBI warns against malware installed via hotel networks

The Internet Crime Complaint Center had this 'Intelligence Note': "Recent analysis from the FBI and other government agencies demonstrates that malicious actors are targeting travelers ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews