Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

3 Ways To Protect Your Identity Online

Apr 13, 2021 8:00:00 AM By James McQuiggan
Within security awareness training programs, cybersecurity experts promote various tactics and best practices to implement within personal and work environments to protect your identities ...
Continue Reading

[HEADS UP] DocuSign Issues Alert of Malicious New Hacking Tool

Apr 9, 2021 3:45:57 PM By Stu Sjouwerman
Earlier this week, DocuSign issued an alert that notified users of a new hacking tool. This tool is imitating DocuSign so then the bad guys can drop malware into victims' systems.
Continue Reading

H Layer Credentialing Announces Security Awareness and Culture Professional (SACP)® Certification

Apr 9, 2021 8:49:45 AM By Stu Sjouwerman
This is a very exciting development for the Cyber Security industry as a whole and particularly those of us that believe that Security Awareness Training is a critical step in a complete ...
Continue Reading

Australian Organizations Increase Cyber Security Spend to Nearly A$5B in 2021

Apr 9, 2021 8:34:08 AM By Stu Sjouwerman
The rise in cyberattacks in Australia is seeing its natural result – organisations realizing the need to put more budget focused on cybersecurity, with the largest portion going towards ...
Continue Reading

The Digital Workplace is a Cybersecurity Disaster!

Apr 9, 2021 8:34:06 AM By Stu Sjouwerman
New data reviewing how the 2020 shift to a remote workforce impacted organizational security shows all too well that since the pandemic onset, cybersecurity has become critically worse.
Continue Reading

APT Group Use Voice-Changing Software to Impersonate Women as Part of Espionage Attacks

Apr 9, 2021 8:34:02 AM By Stu Sjouwerman
The middle eastern threat group known as APT-C-23 are targeting male soldiers in the Israel Defense Forces in an attempt to get their victims to download and install malware.
Continue Reading

New Phishing Attacks Bypass Secure Email Gateways Using Some Very Creative Methods

Apr 9, 2021 8:33:56 AM By Stu Sjouwerman
Microsoft Security Intelligence warns of phishing attacks being sent from legitimate email addresses and IP ranges, taking advantage of gateway configuration settings to ensure delivery.
Continue Reading

LinkedIn Data of 500 Million Users Hacked, Up For Sale: Report

Apr 9, 2021 8:07:48 AM By Stu Sjouwerman
Microsoft-owned social network LinkedIn is reportedly the latest victim of a massive data breach where data of 500 million user profiles has been allegedly leaked by cybercriminals. The ...
Continue Reading

Phishing Attacks Using PDF Files Have Skyrocketed

Apr 8, 2021 8:54:33 AM By Stu Sjouwerman
Phishing attacks using PDF files have spiked over the past year, according to researchers at Palo Alto Networks’ Unit 42.
Continue Reading

The Clop #Ransomware gang is now pressuring  customers of victims threatening that their personal, confidential data will be exposed unless a ransom is paid

Apr 7, 2021 8:29:14 AM By Stu Sjouwerman
Brian Krebs just reported: "Some of the top ransomware gangs are deploying a new pressure tactic to push more victim organizations into paying an extortion demand: Emailing the victim’s ...
Continue Reading

The Growing WeTransfer Phishing Campaign Can Put Your Users at Risk

Apr 7, 2021 8:28:36 AM By Stu Sjouwerman
Researchers at Avanan have observed a phishing campaign that’s impersonating the WeTransfer file-sharing app in an attempt to steal users’ credentials. The email’s subject line states, ...
Continue Reading

[HEADS UP] New Phishing Attack With .TXT Attachment Can Steal All Your Secrets

Apr 6, 2021 10:28:13 AM By Stu Sjouwerman
The 360 security blog just came up with an eye opener. Recently, 360 Security Center’s threat monitoring platform has detected a new email phishing attack. This attack uses a ...
Continue Reading

CyberheistNews Vol 11 #14 [Heads Up] Phishing Remains the Most Common Form of Attack

Apr 6, 2021 9:42:24 AM By Stu Sjouwerman
Continue Reading

[Security Culture Report 2021] A Global Security Culture Perspective During a Pandemic

Apr 6, 2021 9:35:21 AM By Stu Sjouwerman
The 2021 KnowBe4 Security Culture Report is the largest study of its kind, measuring organizations' security cultures and surveying more than 320,000 employees across 1,872 ...
Continue Reading

Key Findings From the 2021 SANS Security Awareness Report

Apr 6, 2021 8:57:57 AM By Perry Carpenter
Like most security professionals, there are a few industry reports that I really look forward to reading each year. Pretty high on that list is the SANS Security Awareness report. SANS ...
Continue Reading

UK Users Should Be Aware of Census-Themed Phishing Attacks

Apr 6, 2021 8:20:03 AM By Stu Sjouwerman
Users in the UK should be on the lookout for census-themed phishing attacks, according to Paul Ducklin at Naked Security. Participating in the census is mandatory in the UK, and people ...
Continue Reading

The Inside Man Season 1 Is Now Available on Amazon Prime Video

Apr 5, 2021 9:34:30 AM By Stu Sjouwerman
We're pleased to announce that season one of the award-winning security awareness training series 'The Inside Man' is now available on Amazon Prime.
Continue Reading

[HEADS UP] Millions of Facebook Users' Personal Information Has Been Leaked Online

Apr 5, 2021 9:18:20 AM By Stu Sjouwerman
A hacking forum recently published over 553 million personal data of Facebook users. The type of exposed data ranged from phone numbers, Facebook ID's, full names, locations, birthdates, ...
Continue Reading

Expect More Travel-Related Phishing as the Pandemic Subsides

Apr 5, 2021 8:36:08 AM By Stu Sjouwerman
People need to be wary of travel-related phishing as the pandemic draws to a close, according to Fleming Shi, Chief Technology Officer at Barracuda Networks. On the CyberWire’s Hacking ...
Continue Reading

Office 365 Phishing Kits Are Being Used in a New Attack Targeting Execs and Finance

Apr 2, 2021 10:09:14 AM By Stu Sjouwerman
A new highly-targeted phishing campaign is seeking to compromise the online credentials of those with influence within an organization using an Office 365-themed update attack.
Continue Reading
Subscribe

Search Our Blog


Ransomware Hostage Rescue Manual

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews