Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

Windows Defender Gets a New Name: Microsoft Defender

Jul 22, 2019 7:24:20 AM By Stu Sjouwerman
Bleepingcomputer reported: "Windows Defender is being rebranded to Microsoft Defender to indicate that it now part of a cross platform family of products. This includes enterprise ...
Continue Reading

[Scam of The Week] New 'US State Police' Phishing Extortion Scam Includes Contact Numbers

Jul 20, 2019 11:26:21 AM By Stu Sjouwerman
Our friend Larry Abrams at Bleeping computer warned: "A new extortion scam is underway that pretends to be from a US State Police detective who is willing to delete child porn evidence if ...
Continue Reading

KnowBe4 Adds Language Localization to Learner's Experience For All Customers

Jul 20, 2019 10:02:24 AM By Stu Sjouwerman
We are excited to announce the availability of KnowBe4’s new localized training interface option for your users! 
Continue Reading

U.S. Coast Guard Warns of Phishing Attacks Designed for Data Theft and Malware Infection

Jul 19, 2019 3:15:52 PM By Stu Sjouwerman
A new Marine Safety Information Bulletin from the U.S. Coast Guard demonstrates that cybercriminals aren’t just after land-based businesses.
Continue Reading

U.K. Sees an Increase in Sophisticated Phishing Attacks Targeting Educational Institutions

Jul 19, 2019 3:12:23 PM By Stu Sjouwerman
Using a mix of identity deception, domain spoofing, credential theft, and bank fraud, scammers are taking advantage of soft targets in the U.K.’s education sector. 
Continue Reading

Deep Fakes Getting Better Every Day With AI / Machine Learning

Jul 19, 2019 11:51:36 AM By Stu Sjouwerman
A recent article in The Next Web showed how AI can magically remove a person or object from a video background as computer algorithms “clips” the person walking across a street out of the ...
Continue Reading

NSO spyware ‘targets Big Tech cloud services’

Jul 19, 2019 10:15:28 AM By Stu Sjouwerman
The Israeli company whose spyware hacked WhatsApp has told buyers its technology can surreptitiously scrape all of an individual’s data from the servers of Apple, Google, Facebook, Amazon ...
Continue Reading

Lateral Phishing Used To Attack Organizations On Global Scale

Jul 18, 2019 4:55:47 PM By Stu Sjouwerman
Warwick Ashford at ComputerWeekly reported: "Lateral phishing is a growing type of account takeover that has enabled attackers to target more than 100,000 people by hijacking just 154 ...
Continue Reading

Whoa Nellie. BEC Scams Average USD 300 Million Per Month In Illegal Transfers

Jul 18, 2019 11:04:26 AM By Stu Sjouwerman
New data compiled by the Financial Crimes Enforcement Network (FinCEN) shows that illegal transactions linked to business email compromise (BEC)—aka CEO Fraud— scams averaged $300 million ...
Continue Reading

CBInsights Welcomes KnowBe4 To The Cybersecurity Unicorn Club

Jul 18, 2019 9:51:43 AM By Stu Sjouwerman
CBInsights wrote: "Cybersecurity unicorns (*)  are being minted at a faster rate than ever before, and $1B+ valuations are coming through even larger funding rounds. Private companies are ...
Continue Reading

Microsoft Notifies 10,000 Customers About Nation-state Cyber Attacks

Jul 18, 2019 9:43:43 AM By Stu Sjouwerman
In an article about cyber security related to voting machines, an interesting snippet of information surfaced: “Microsoft said it has notified almost 10,000 customers in the past year ...
Continue Reading

SANS Security Awareness Report Highlights the Rising Era of Awareness Training

Jul 18, 2019 8:40:14 AM By Stu Sjouwerman
SANS Security Awareness, a division of SANS Institute, announced they have released their new 2019 Security Awareness Report. In its fifth consecutive year, this very useful annual report ...
Continue Reading

[INFOGRAPHIC] Employees receive nearly five phishing emails per work week, according to Avanan

Jul 18, 2019 7:14:33 AM By Stu Sjouwerman
One in every 99 work emails is a phishing attack, according to a recent Avanan report. With employees accustomed to a busy inbox, it's easy to fall victim to a phishing attack disguising ...
Continue Reading

Mimecast Identifies Brand New Phishing Tactic Called "SHTML"

Jul 17, 2019 3:24:15 PM By Stu Sjouwerman
In early April, the Mimecast Threat Center team discovered a rare type of server-parsed HTML (SHTML) based phishing attack emerging from the UK.
Continue Reading

Chinese Hackers Use Island Hopping to Steal Industrial and Commercial Secrets in 5-year Attack on the World’s Largest Technology Service Providers

Jul 16, 2019 4:30:07 PM By Stu Sjouwerman
Dubbed the “Cloud Hopper” campaign, victim companies such as Ericsson, HPE, IBM, and more were targets of exfiltration aimed and helping advance the Chinese economy.
Continue Reading

Microsoft Discovers New Excel-Based Attack to Deliver the FlawedArmmyRAT Malware

Jul 16, 2019 3:27:14 PM By Stu Sjouwerman
A new set of tweets from Microsoft Security Intelligence walks through an attack that uses a number of built-in Windows toolsets to infect machines with the notorious malware.
Continue Reading

Attacker’s Use of OneDrive as a Malicious File Host Jumps Over 3200% in Q1

Jul 16, 2019 3:23:16 PM By Stu Sjouwerman
The need for reputable hosting services to make phishing scams involving malicious files look legitimate has caused a rise in popularity for Microsoft’s cloud-based file sharing service.
Continue Reading

Evite Invites Over 100 Million People to Their Data Breach

Jul 16, 2019 3:19:37 PM By Stu Sjouwerman
Larry at Bleepingcomputer wrote: "The data breach monitoring service Haveibeenpwned.com has added a database dump of almost 101 million Evite users who had their information exposed when ...
Continue Reading

[VIDEO] KnowBe4 Quarterly Platform Update Q2-2019

Jul 16, 2019 11:25:21 AM By Stu Sjouwerman
Continue Reading

CyberheistNews Vol 9 #29 Scam of the Week: Microsoft OneNote Audio Note Phishing Emails

Jul 16, 2019 9:34:25 AM By Stu Sjouwerman
Continue Reading
Subscribe

Search Our Blog


New call-to-action

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews