New Threat Actor Impersonates the Red Cross to Deliver Malware

Sep 28, 2023 9:17:22 AM By Stu Sjouwerman

Researchers at NSFOCUS are tracking a phishing campaign by a new threat actor called “AtlasCross” that’s impersonating the Red Cross in order to deliver malware.

[LIVE DEMO] Are Your Users Making Risky Security Mistakes? Deliver Real-Time Coaching in Response to Risky User Behavior with SecurityCoach

Sep 28, 2023 8:15:00 AM By Stu Sjouwerman

Do you need an easy, automated way to provide real-time feedback the moment your users make risky mistakes to help reinforce the training campaigns you manage today?

Exploring the DORA: Key Takeaways from the New EU Financial Sector Risk Regulation

Sep 28, 2023 8:00:00 AM By Stu Sjouwerman

When asked why he robbed banks, Willie Sutton, one of the first fugitives named to the U.S. FBI’s most wanted list, reportedly replied, “Because that’s where the money is.” As any infosec ...

Why BJ Fogg and Daniel Kahneman Are Big Security Pro Must-Knows

Sep 27, 2023 8:47:40 AM By Stu Sjouwerman

You're no stranger to the complexities of safeguarding your organization's digital assets. But have you considered the human element in your security equation? Behavioral economics, ...

Ukrainian Military Targeted in Sophisticated Phishing Attack Using Drone Manuals

Sep 27, 2023 8:00:00 AM By Stu Sjouwerman

Securonix is tracking a phishing campaign that’s targeting the Ukrainian military with malware-laden attachments posing as drone instruction manuals. The threat actor is using Microsoft ...

Practical Insights To Improve Security Awareness in Higher Education

Sep 26, 2023 9:40:31 AM By Martin Kraemer

I am a strong believer that understanding cybersecurity as part of an organization-wide process is of the utmost importance.

Deepfakes: The Threat to Reality and How To Defend Against It

Sep 26, 2023 9:40:12 AM By Javvad Malik

Deepfakes have emerged as a serious concern in the digital landscape, presenting a significant threat to truth and trust.

CyberheistNews Vol 13 #39 How Chinese Bad Actors Infected Networks With Thumb Stick Malware

Sep 26, 2023 9:00:00 AM By Stu Sjouwerman

New Wave of Hospitality Phishing Attacks: Compromise User Credentials, Then Go Phish

Sep 25, 2023 9:54:21 AM By Stu Sjouwerman

The hospitality sector is seeing a new wave of phishing attacks. These new attacks are more plausible because they begin with compromised credentials and move to fraudulent emails sent ...

Organizations Starting to Understand the Impact of Ransomware, But Their Efforts Not Enough to Overcome Infostealer Malware

Sep 25, 2023 9:53:35 AM By Stu Sjouwerman

Recent findings in a SpyCloud report shows companies are starting to recognize and shift their priorities to defend against ransomware attacks, but the use of infostealer malware still ...

[NEW RELEASE]: Unleash the Power of Cybersecurity Education with KnowBe4’s 'Hack-A-Cat' on Roblox

Sep 25, 2023 8:30:00 AM By Stu Sjouwerman

What do cheese, fish and cybersecurity training have in common? Each of these comes together to help keep kids informed about cyber threats and cybersecurity best practices with KnowBe4’s ...

Cybercriminals Use Google Looker Studio to Host Crypto Scam to Steal Money and Credentials

Sep 25, 2023 8:15:00 AM By Stu Sjouwerman

Security researchers at Check Point have discovered yet another attack that leverages legitimate web applications to host attacks in order to bypass security scanners.

Tools From Cybercrime Software Vendor W3LL Found to be Behind the Compromise of 56K Microsoft 365 Accounts

Sep 25, 2023 8:00:00 AM By Stu Sjouwerman

A new report uncovers the scope and sophistication found in just one cybercrime vendor’s business that has aided credential harvesting and impersonation attacks for the last 6 years.

MFA Defenses Fall Victim to New Phishing-As-A-Service Offerings

Sep 25, 2023 8:00:00 AM By Stu Sjouwerman

ZeroFox warns that phishing-as-a-service (PhaaS) offerings are increasingly including features to bypass multi-factor authentication.

[YIKES] AI Now Enables Subliminal Image "Inception"

Sep 23, 2023 8:45:37 AM By Stu Sjouwerman

Seen Christopher Nolan's movie Inception? If you haven't, it's about a thief who is given the task of planting an idea into the mind of a CEO. The technology of implanting ideas is ...

Chinese Spies Infected Dozens of Networks With Thumb Drive Malware

Sep 21, 2023 3:46:21 PM By Stu Sjouwerman

WIRED just published an article that made me both disappointed and surprised at the same time. Security researchers found USB-based Sogu espionage malware spreading within African ...

New SEC Rules Add Challenges in Uncertain Cyber Insurance Market

Sep 21, 2023 2:54:40 PM By Stu Sjouwerman

[BUDGET AMMO] Jeremy King is a partner at Olshan Frome Wolosky. He wrote an article for Bloomberg where he analyzed cyber risk management issues that companies should prioritize in ...

Vanishing Act: The Secret Weapon Cybercriminals Use in Your Inbox

Sep 21, 2023 11:57:30 AM By Stu Sjouwerman

Researchers at Barracuda describe how attackers use legitimate email inbox rules to control compromised accounts and evade detection.

Scam-as-a-Service Classiscam Expands Impersonation in Attacks to Include Over 250 Brands

Sep 20, 2023 4:40:49 PM By Stu Sjouwerman

Now entering its third year in business, the phishing platform, Classicam, represents the highest evolution of an “as a service” cybercrime, aiding more than 1000 attack groups worldwide.

USPS Customers Become the Latest Target of the Chinese Smishing Group Called “Smishing Triad”

Sep 20, 2023 4:40:46 PM By Stu Sjouwerman

A new SMS-based phishing attack uses a smishing kit-as-a-service to impersonate the U.S. Postal Service.

Security Awareness Training Blog

View Topics