Credential Harvesting Attacks Targeting the U.S. Federal Government Nearly Double as Malware Declines

Mar 11, 2021 9:07:03 AM By Stu Sjouwerman

Shifts to a remote workforce in 2020 gave cybercriminals an opportunity to change tactics, focusing on credentialed access to systems accessed from outside government networks.

FINRA Warns of Phishing Attacks

Mar 11, 2021 8:16:40 AM By Stu Sjouwerman

The Financial Industry Regulatory Authority (FINRA) has warned of a phishing campaign that’s trying to trick users into responding to a phony regulatory non-compliance issue. The emails ...

See what happened when we "Zoom bombed" a customer with the cast of The Inside Man

Mar 11, 2021 7:00:00 AM By Stu Sjouwerman

Yes, this actually happened. The employees at Tennessee Aquarium were massive fans of The Inside Man, were not aware of this gag, and you can see their reactions when they see who the ...

Video Verification and Deepfakes

Mar 10, 2021 2:00:22 PM By Javvad Malik

Technology has introduced greater convenience for consumers around the world. With each new technological advancement, we have benefited from better, faster, and more accurate ...

[Heads Up] Has Your Exchange Been Hacked And Is Now A Ticking Time Bomb?

Mar 10, 2021 9:37:31 AM By Stu Sjouwerman

Brian Krebs wrote: "Globally, hundreds of thousand of organizations running Exchange email servers from Microsoft just got mass-hacked, including at least 30,000 victims in the United ...

Fake reCAPTCHA Found in Phishbait

Mar 10, 2021 8:21:18 AM By Stu Sjouwerman

Researchers at Zscaler warn of an ongoing phishing campaign targeting executives with fake voicemail notifications. More than half of the phishing emails have targeted organizations’ vice ...

Recognizing Elder Scams

Mar 9, 2021 8:30:54 AM By Stu Sjouwerman

People need to ensure that their elderly relatives are aware of scams that target older people, according to Emma McGowan at Avast. McGowan says it’s best to avoid being condescending, ...

The Good, the Bad, and the Ugly About MFA

Mar 8, 2021 11:48:24 AM By Roger Grimes

I have been in computer security for over 34 years now. Yeah, even I cannot believe how long it has been. I have been a penetration tester over 20 of those years and worked on dozens of ...

CyberheistNews Vol 11 #10 [Heads Up] The Bad Guys Now Likely Own Your Exchange OWA Server

Mar 8, 2021 10:06:52 AM By Stu Sjouwerman

The Different Scenarios How Backups are Vulnerable to Ransomware Attacks

Mar 8, 2021 8:25:16 AM By Stu Sjouwerman

Organizations need to ensure that their data backups aren’t tampered with by attackers, according to security firm Datto. In an article for Channel Futures, Datto explained that backups ...

WSJ: Russian Disinformation Campaign Aims to Undermine Confidence in Covid-19 Vaccines

Mar 8, 2021 7:00:00 AM By Stu Sjouwerman

The Wall Street Journal reports: " Russian intelligence agencies have mounted a campaign to undermine confidence in Pfizer Inc.’s and other Western vaccines, using online publications ...

[Heads Up] The Bad Guys Have Likely Hacked Your Exchange Email Server

Mar 6, 2021 9:48:40 AM By Stu Sjouwerman

What if Chinese state-sponsored hackers have owned your OWA using several brand-new zero-day vulns? Or Eastern Europe ransomware gangs? On March 2, Microsoft released emergency security ...

Think Your Cyber Insurance is Going to Cover that $6 Million in Cyber Fraud? Think Again.

Mar 5, 2021 4:05:06 PM By Stu Sjouwerman

The latest tale of an organization falling victim to a business email compromise attack on their credit card processor highlights how very specific the scenario needs to be to see a ...

1 in 4 Business Email Compromise Attacks Use Lookalike Domains to Trick Victims

Mar 5, 2021 4:02:18 PM By Stu Sjouwerman

The latest Data on BEC scams shows how the bad guys are using a mix of gmail accounts, increases in stolen wire transfers, and a shift to payroll diversions to trick you out of your money.

Phishing Attacks Continue to Impersonate Trusted Brands to Deceive Potential Victims

Mar 5, 2021 4:00:12 PM By Stu Sjouwerman

The use of impersonation in phishing attacks helps to establish credibility and a sense of ease. New data shows exactly how the bad guys are using this tactic to their advantage.

Vendor Email Compromise is Officially A Big (Seven-Figure) Problem

Mar 5, 2021 3:57:51 PM By Stu Sjouwerman

While the Solarwinds “sunburst” attack brought to light the compromising of a vendor, VEC has been around for some time and now seems to be going mainstream.

Phishing Scammers Send a Fake “Private Shared Document” as the Initial Attack Vector for Stealing LinkedIn Credentials

Mar 5, 2021 3:55:42 PM By Stu Sjouwerman

A new social engineering scam demonstrates how cybercriminals are both evolving their tactics while still using tried and true methods that just work to attain their goals.

Someone Hacked The Four Top Russian Cybercrime Forums In One Month

Mar 5, 2021 10:52:44 AM By Stu Sjouwerman

Intrepid investigative cyber security reporter Brian Krebs has some interesting news. He said: "Over the past few weeks, three of the longest running and most venerated Russian-language ...

KnowBe4 Fresh Content Updates from February: Including New Season 3 of 'The Inside Man' Now Available

Mar 5, 2021 9:31:10 AM By Stu Sjouwerman

Here are important fresh content updates and new features to share with you that happened in the month of February.

[ALERT] New Stanford Research: 88% Of Data Breaches Are Caused By Human Error

Mar 4, 2021 6:43:06 PM By Stu Sjouwerman

A recent 2020 report we just discovered confirms what we have been saying for many years now. About 9 out 10 data breaches are caused by your users. We are pleased that the somewhat older ...

Security Awareness Training Blog

View Topics

Credential Harvesting Attacks Targeting the U.S. Federal Government Nearly Double as Malware Declines

FINRA Warns of Phishing Attacks

See what happened when we "Zoom bombed" a customer with the cast of The Inside Man

Video Verification and Deepfakes

[Heads Up] Has Your Exchange Been Hacked And Is Now A Ticking Time Bomb?

Fake reCAPTCHA Found in Phishbait

Recognizing Elder Scams

The Good, the Bad, and the Ugly About MFA

CyberheistNews Vol 11 #10 [Heads Up] The Bad Guys Now Likely Own Your Exchange OWA Server

The Different Scenarios How Backups are Vulnerable to Ransomware Attacks

WSJ: Russian Disinformation Campaign Aims to Undermine Confidence in Covid-19 Vaccines

[Heads Up] The Bad Guys Have Likely Hacked Your Exchange Email Server

Think Your Cyber Insurance is Going to Cover that $6 Million in Cyber Fraud? Think Again.

1 in 4 Business Email Compromise Attacks Use Lookalike Domains to Trick Victims

Phishing Attacks Continue to Impersonate Trusted Brands to Deceive Potential Victims

Vendor Email Compromise is Officially A Big (Seven-Figure) Problem

Phishing Scammers Send a Fake “Private Shared Document” as the Initial Attack Vector for Stealing LinkedIn Credentials

Someone Hacked The Four Top Russian Cybercrime Forums In One Month

KnowBe4 Fresh Content Updates from February: Including New Season 3 of 'The Inside Man' Now Available

[ALERT] New Stanford Research: 88% Of Data Breaches Are Caused By Human Error

Search Our Blog

Subscribe To Our Blog

Posts By Topic

Get the latest about social engineering

Subscribe to CyberheistNews

Get the latest about social engineering

Subscribe to CyberheistNews

Products & Services

About Us

Free Tools

Contact Us

Contact Support

Search