AP Stylebook Data Breach Compromises Customer Personal Information

Sep 12, 2023 2:32:48 PM By Stu Sjouwerman

The Associated Press (AP) has disclosed a data breach affecting the legacy AP Stylebook website that led to phishing attacks against impacted customers, BleepingComputer reports.

CyberheistNews Vol 13 #37 Scary New IT Admin Attack Exposes Your MFA Weakness

Sep 12, 2023 9:00:00 AM By Stu Sjouwerman

Phishing Scammers are Using Artificial Intelligence To Create Perfect Emails

Sep 12, 2023 8:00:00 AM By Stu Sjouwerman

Phishing attacks have always been detected through broken English, but now generative artificial intelligence (AI) tools are eliminating all those red flags. OpenAI ChatGPT, for instance, ...

Cybercriminals Selling "Golden Tickets" to Phish Microsoft 365... $500,000 in Sales in 10 Months

Sep 12, 2023 7:45:00 AM By Stu Sjouwerman

In the movie, "Willy Wonka and the Chocolate Factory," kids unwrap chocolate bars in hopes of winning a golden ticket, giving the holder an inside tour of the sugar factory. The W3LL ...

Microsoft Teams Phishing Campaign Distributes DarkGate Malware

Sep 11, 2023 8:55:42 AM By Stu Sjouwerman

Researchers at Truesec are tracking a phishing campaign that’s distributing the DarkGate Loader malware via external Microsoft Teams messages.

[dot]US Domain Exploited for Phishing

Sep 8, 2023 8:14:23 AM By Stu Sjouwerman

The Interisle Consulting Group has published a paper looking at the phishing landscape in 2023, KrebsOnSecurity reports. Notably, Interisle found that the .us top-level domain is being ...

Organizations Tie Executive Pay to Cybersecurity Performance Hoping To Enhance Protection Against Hackers

Sep 8, 2023 8:13:59 AM By Stu Sjouwerman

Organizations have started to recognize the importance of tying executive pay to cybersecurity metrics. This practice is gaining traction among the largest U.S. companies, with nine ...

New Telekopye Phishing Toolkit Uses Telegram-Based Bots To Turn Novice Scammers into Experts

Sep 8, 2023 8:13:13 AM By Stu Sjouwerman

The Telekopye toolkit allows scammers to create phishing websites, send fraudulent SMS messages and emails, and target popular Russian and non-Russian online marketplaces.

Brand Impersonation Hits a New High with as Many as 73 Lookalike Domains Per Brand

Sep 8, 2023 8:12:44 AM By Stu Sjouwerman

The use of lookalike domains has reached critical mass with not just one counterfeit website, but many.

Ransomware Attacks Speed up 44% Leaving Less Time for Detection and Response

Sep 8, 2023 8:12:00 AM By Stu Sjouwerman

New data suggests that the gangs and toolkits behind current ransomware attacks are materially improving their abilities, resulting in a speeding up of attacks before defenses kick in.

Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication Methods

Sep 8, 2023 8:00:00 AM By Stu Sjouwerman

Inadequate authentication measures leave your digital identity vulnerable to cybercriminals. Tools like multi-factor authentication, biometrics, passwords, PINs and tokens are more ...

Scary New IT Admin Attack Exposes Your MFA Weakness

Sep 7, 2023 8:44:27 AM By Stu Sjouwerman

Identity and authentication management provider Okta has warned of social engineering attacks that are targeting IT workers in an attempt to gain administrative privileges within ...

CISA Says to Exercise Caution For Disaster-Related Malicious Scams

Sep 6, 2023 9:45:36 AM By Stu Sjouwerman

The US Cybersecurity and Infrastructure Security Agency (CISA) has warned that scammers are exploiting the recent hurricanes that have hit the US. Criminals frequently impersonate ...

CyberheistNews Vol 13 #36 [Must Know] Top 10 Trends in Business Email Compromise for 2023

Sep 6, 2023 9:00:00 AM By Stu Sjouwerman

How Secure Is Your Authentication Method?

Sep 6, 2023 8:53:21 AM By Roger Grimes

I frequently write about authentication, including PKI, multi-factor authentication (MFA), password managers, FIDO, Open Authentication, and biometrics. I have written dozens of articles ...

Nearly One-Quarter of Financial-Themed Spam Emails are Phishing Attacks

Sep 1, 2023 10:23:14 AM By Stu Sjouwerman

While spam tends to be dismissed as being more of an annoyance, new research shows that there is a very real and ever-present threat in emails that are marked as “spam”.

Cyberattacks Targeting Government Agencies and Institutions Increases in Q2 by 40%

Sep 1, 2023 10:22:53 AM By Stu Sjouwerman

New data shows a massive uptick in attacks across all industries, but a particularly worrisome growth in interest in targeting the public sector – and the indicators of who’s responsible ...

New “Early Warning” System in the U.K. Tips Off Ransomware Targets

Sep 1, 2023 10:21:59 AM By Stu Sjouwerman

British Intelligence has come up with a potentially very effective means to disrupt ransomware attacks, but there seems to still be a few kinks in the system.

New Adversary in the Middle Platform Circumvents MFA Protections “At Scale”

Sep 1, 2023 10:21:34 AM By Stu Sjouwerman

As Phishing as a Service (PhaaS) kits continue to evolve, news like recent attacks using the Greatness toolkit demonstrate how easy it is for novice attackers to access accounts despite ...

You Asked and Here It Is! KnowBe4's New Content Manager Feature is Unveiled

Sep 1, 2023 8:00:00 AM By Stu Sjouwerman

We heard you, and we're thrilled to tell you about the all-new Content Manager feature for KMSAT!

Security Awareness Training Blog

View Topics