Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

CyberheistNews Vol 13 #26 [Eyes Open] The FTC Reveals the Latest Top Five Text Message Scams

Jun 27, 2023 9:00:00 AM By Stu Sjouwerman
CyberheistNews Vol 13 #26 | June 27th, 2023 [Eyes Open] The FTC Reveals the Latest Top Five Text Message Scams The U.S. Federal Trade Commission (FTC) has published a data spotlight ...
Continue Reading

Russian Threat Actor Targets Ukraine Government And Military With Spear Phishing Emails

Jun 27, 2023 8:54:25 AM By Stu Sjouwerman
Russia’s APT28 (also known as “Fancy Bear” or “BlueDelta”) is using spear phishing to compromise Ukrainian government and military entities, according to researchers at Recorded Future. ...
Continue Reading

New Singapore Cyber Landscape 2022 Report Shows Russia-Ukraine Conflict, Phishing and Ransomware Attack Increases, and Much More

Jun 27, 2023 8:54:20 AM By Stu Sjouwerman
The “Singapore Cyber Landscape (SCL) 2022” reviews Singapore’s cybersecurity situation in 2022 against the backdrop of global trends and events, and highlights Singapore’s efforts in ...
Continue Reading

Unleashing the Power of Incident Reporting: Strengthening Security and Compliance

Jun 27, 2023 8:00:00 AM By John Just
Whether it is reporting a phishing email or something that might be illegal that a coworker is doing, your employees should be a strong last line of defense for security and compliance.
Continue Reading

New Cryptocurrency Coinbase Phishing Campaign Uses Social Engineering

Jun 26, 2023 9:12:26 AM By Stu Sjouwerman
A phishing campaign is impersonating cryptocurrency trading platform Coinbase, Tech.co reports. Crypto trader Jacob Canfield described the campaign in a Twitter thread, stating that the ...
Continue Reading

SolarWinds' Head Refuses to Back Down Amid Potential US Regulatory Action over Russian hack. CISO Gets Wells Notice

Jun 24, 2023 10:43:00 AM By Stu Sjouwerman
According to an internal email obtained by CNN, the CEO of SolarWinds informed employees on Friday that the company plans to vigorously defend itself against potential legal action from ...
Continue Reading

Want To Stop All Scams? Here Is How!

Jun 23, 2023 2:25:52 PM By Roger Grimes
There are many ways to be socially engineered and phished, including email, websites, social media, SMS texts, chat services, phone calls and in-person. These days, it is hard to sell ...
Continue Reading

“Picture in Picture” Phishing Attack Technique Is So Simple, It Works

Jun 23, 2023 11:35:38 AM By Stu Sjouwerman
Using credibility-building imagery and creating a need for the user to click what may or may not be perceived as an image is apparently all it takes to engage potential phishing victims.
Continue Reading

Banking and Retail Top the List of Industries Targeted by Social Media Phishing Attacks

Jun 23, 2023 11:35:31 AM By Stu Sjouwerman
Using an external platform trusted by potential victims is proving to be a vital tool in the cybercriminal’s arsenal. New data shows the state of the threat and who’s at risk.
Continue Reading

Half of Business Leaders Believe Users Aren’t Security Aware, Despite Most Having a Program in Place

Jun 23, 2023 11:35:18 AM By Stu Sjouwerman
New data shows that even with the majority of organizations experiencing cyber attacks, three hours of security awareness training simply isn’t enough.
Continue Reading

Extremely Persistent Threat Group Demonstrates a Strong Understanding of the Modern Incident Response Frameworks

Jun 22, 2023 9:44:42 AM By Stu Sjouwerman
A threat actor tracked as “Muddled Libra” is using the 0ktapus phishing kit to gain initial access to organizations in the software automation, business process outsourcing, ...
Continue Reading

Is AI-Generated Disinformation on Steroids About To Become a Real Threat for Organizations?

Jun 21, 2023 9:49:39 AM By Martin Kraemer
A researcher was alerted to a fake website containing fake quotes that appeared to be written by himself. The age of generative artificial intelligence (AI) toying with our public ...
Continue Reading

[Eyes Open] The FTC Reveals The Latest Top Five Text Message Scams

Jun 21, 2023 8:53:16 AM By Stu Sjouwerman
The U.S. Federal Trade Commission (FTC) has published a data spotlight outlining the most common text message scams. Phony bank fraud prevention alerts were the most common type of text ...
Continue Reading

KnowBe4’s 2023 Phishing By Industry Benchmarking Report Reveals that 33.2% of Untrained End Users Will Fail a Phishing Test

Jun 20, 2023 9:07:42 AM By Joanna Huisman
Cybercriminals still know that the easiest way to successfully infiltrate an organization is through its people.
Continue Reading

CyberheistNews Vol 13 #25 [Fingerprints All Over] Stolen Credentials Are the No. 1 Root Cause of Data Breaches

Jun 20, 2023 9:00:00 AM By Stu Sjouwerman
CyberheistNews Vol 13 #25 | June 20th, 2023 [Fingerprints All Over] Stolen Credentials Are the No. 1 Root Cause of Data Breaches Verizon's DBIR always has a lot of information to unpack, ...
Continue Reading

New Social Engineering Tactic Uses PDFs in Business Email Compromise Attacks

Jun 20, 2023 8:46:31 AM By Stu Sjouwerman
Legitimate services can be exploited in social engineering, including business email compromise (BEC) attacks.  Researchers at Check Point describe one current BEC campaign that’s using ...
Continue Reading

Breakdown of an Impersonation Attack: Using IPFS and Personalization to Improve Attack Success

Jun 15, 2023 3:20:18 PM By Stu Sjouwerman
Details from a simple impersonation phishing attack show how well thought out these attacks really are in order to heighten their ability to fool victims and harvest credentials.
Continue Reading

UK Attacker Responsible for a Literal “Man-in-the-Middle” Ransomware Attack is Finally Brought to Justice

Jun 15, 2023 3:20:15 PM By Stu Sjouwerman
The recent conviction of a U.K. man for cyber crimes committed in 2018 brings to light a cyber attack where this attacker manually performed the “in-the-middle” part of an attack.
Continue Reading

New Survey Shows 40% of People Searching for a Job Encountered a Scam

Jun 15, 2023 8:47:35 AM By Stu Sjouwerman
A survey by PasswordManager.com has found that one in three job seekers has fallen for, and responded to, fake job scams over the past two years.
Continue Reading

[INFOGRAPHIC] KnowBe4’s SecurityCoach: Top 10 Risky Behaviors

Jun 14, 2023 4:08:25 PM By Stu Sjouwerman
Real-time security coaching helps improve your organization’s security culture by enabling real-time coaching of your users in response to risky security behaviors.
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews