Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

It Was Only a Matter of Time: Sodinokibi Hold Dark Web Hacking Competition

Feb 3, 2020 9:43:58 AM By Stu Sjouwerman
Feeling like a page taken out of the SpaceX competitions, the latest shock comes from news of an underworld hacking competition intent on sharing cutting edge malicious code.
Continue Reading

Your Cyber Insurance Policy Just Became Outdated

Feb 3, 2020 8:35:55 AM By Erich Kron
Just when we think we have a handle on our cyber insurance, the ransomware attackers have come and stirred things up again. I’m talking about the new trend in ransomware that you may not ...
Continue Reading

Intelligence Services Get Phishing Licenses

Feb 3, 2020 8:23:46 AM By Stu Sjouwerman
New York Times journalist Ben Hubbard was targeted by a spear phishing attack designed to deliver NSO Group’s Pegasus spyware, researchers at the University of Toronto’s Citizen Lab have ...
Continue Reading

[Heads-up] We Give Notice About The New Criminal Age 'Ransomware 2.0': Extremely Damaging, Dangerous And Plain Evil

Feb 2, 2020 1:38:44 PM By Roger Grimes
Take a look at that screen. Let it sink in a moment. Imagine if it were your company.
Continue Reading

Iranian Hacker Group APT34 Apparently at It Again Targeting U.S. Research Organizations

Jan 31, 2020 4:22:55 PM By Stu Sjouwerman
Continue Reading

U.S. 2020 Election-Themed Ransomware Attacks Are on Their Way – And Local Govt's Aren’t Prepared

Jan 31, 2020 4:20:47 PM By Stu Sjouwerman
New research shows local governments practice a distinct lack of cybersecurity preparedness. And with local, state, and national elections coming up this year, cyberattacks are a concern.
Continue Reading

[Heads-up] Scam Of The Week: Coronavirus Phishing Attacks In The Wild

Jan 31, 2020 1:28:07 PM By Stu Sjouwerman
Yup, you can count on it, when there is a worldwide health scare, the bad guys are on it like flies on $#!+. We are seeing a new malicious phishing campaign that is based on the fear of ...
Continue Reading

Are You Expecting a Special Invitation?

Jan 31, 2020 11:05:22 AM By Jacqueline Jayne
According to MailGuard, a few days ago an email from our Prime Minister Scott Morrison started to do the rounds.
Continue Reading

[Heads-up] It's OK To Just Say No To Phone Scams

Jan 31, 2020 6:40:29 AM By Eric Howes
Earlier this week a credit union located in the Midwest United States alerted its members via email to a pair of phone-and-text-based scams designed to trick unwitting users into coughing ...
Continue Reading

UN Offices Hacked By SharePoint Vulnerability Says Newly Leaked Report

Jan 31, 2020 5:56:17 AM By Stu Sjouwerman
A newly released report said dozens of United Nations servers were compromised by a remote code execution Microsoft SharePoint vulnerability in July of 2019. The offices targeted were ...
Continue Reading

9-Month Compromise of Wawa Results in Data Breach of More Than 30 Million Credit Cards

Jan 30, 2020 10:08:58 AM By Stu Sjouwerman
The breach, discovered in December of last year, is suspected to have led to the theft of and subsequent and sale of one of the largest takes of customer credit card data on the dark web.
Continue Reading

Phishing Attacks Target Telecom Companies and their Tools to Facilitate SIM Swapping Attacks

Jan 30, 2020 8:31:04 AM By Stu Sjouwerman
Hackers are phishing telecom workers and “authorized retailers” to steal credentials and gain access to internal company tools. The end game is to modify SIM settings to help with a ...
Continue Reading

Judge Orders Insurer to Pay on Small Business Ransomware Claim

Jan 30, 2020 8:27:15 AM By Stu Sjouwerman
Despite attempting to deny the claim revolving around a 2016 ransomware attack, a recent court ruling has caused an Ohio insurer to help cover the losses.
Continue Reading

It's the Access, Not the Technology

Jan 30, 2020 8:24:09 AM By Stu Sjouwerman
Exercising a suitable level of operational security is the key to protecting yourself from the consequences of sophisticated cyber attacks, according to Lionel Laurent at Bloomberg. ...
Continue Reading

Phishing Telcos for SIM-Swapping

Jan 29, 2020 8:26:50 AM By Stu Sjouwerman
Motherboard reports that SIM swappers are launching phishing attacks against employees at Verizon, T-Mobile, and Sprint in order to hijack customer service tools. Once they have access to ...
Continue Reading

‘Ryuk Stealer’ Searches for and Steals Confidential Files from Government, Military, and Law Enforcement

Jan 28, 2020 3:14:04 PM By Stu Sjouwerman
The newest strain of Ryuk ransomware has added new keywords and filetypes to expand its ability to find files with content that can be turned into money through sale, extortion, or ransom.
Continue Reading

Latest Ryuk Ransomware Attacks on Oil and Gas Companies Includes Compromising Active Directory

Jan 28, 2020 3:07:49 PM By Stu Sjouwerman
Ransomware has definitely grown up from its infant stages where it simply infected one computer. From spreading through lateral movement, to the use of a victim's email to spread the ...
Continue Reading

CyberheistNews Vol 10 #5

Jan 28, 2020 9:52:37 AM By Stu Sjouwerman
 
Continue Reading

A Look Inside the Phishing Tackle Shop

Jan 28, 2020 8:31:51 AM By Stu Sjouwerman
The sophisticated 16Shop phishing kit can now target PayPal and American Express users, according to researchers from ZeroFOX. The researchers came across a new version of 16Shop that ...
Continue Reading

Is There Still Hope for Privacy?

Jan 28, 2020 8:15:00 AM By Perry Carpenter
January 28 is Data Privacy Day. In honor of that, I’d like to share some random thoughts on privacy that I put together for a recent webcast with StaySafeOnline.org. And when I say, ...
Continue Reading
Subscribe

Search Our Blog


Nuclear Ransomware Webinar

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews