Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Windows Defender Gets a New Name: Microsoft Defender

Bleepingcomputer reported: "Windows Defender is being rebranded to Microsoft Defender to indicate that it now part of a cross platform family of products. This includes enterprise ...
Continue Reading

[Scam of The Week] New 'US State Police' Phishing Extortion Scam Includes Contact Numbers

Our friend Larry Abrams at Bleeping computer warned: "A new extortion scam is underway that pretends to be from a US State Police detective who is willing to delete child porn evidence if ...
Continue Reading

KnowBe4 Adds Language Localization to Learner's Experience For All Customers

We are excited to announce the availability of KnowBe4’s new localized training interface option for your users! 
Continue Reading

U.S. Coast Guard Warns of Phishing Attacks Designed for Data Theft and Malware Infection

A new Marine Safety Information Bulletin from the U.S. Coast Guard demonstrates that cybercriminals aren’t just after land-based businesses.
Continue Reading

U.K. Sees an Increase in Sophisticated Phishing Attacks Targeting Educational Institutions

Using a mix of identity deception, domain spoofing, credential theft, and bank fraud, scammers are taking advantage of soft targets in the U.K.’s education sector. 
Continue Reading

Deep Fakes Getting Better Every Day With AI / Machine Learning

A recent article in The Next Web showed how AI can magically remove a person or object from a video background as computer algorithms “clips” the person walking across a street out of the ...
Continue Reading

NSO spyware ‘targets Big Tech cloud services’

The Israeli company whose spyware hacked WhatsApp has told buyers its technology can surreptitiously scrape all of an individual’s data from the servers of Apple, Google, Facebook, Amazon ...
Continue Reading

Lateral Phishing Used To Attack Organizations On Global Scale

Warwick Ashford at ComputerWeekly reported: "Lateral phishing is a growing type of account takeover that has enabled attackers to target more than 100,000 people by hijacking just 154 ...
Continue Reading

Whoa Nellie. BEC Scams Average USD 300 Million Per Month In Illegal Transfers

New data compiled by the Financial Crimes Enforcement Network (FinCEN) shows that illegal transactions linked to business email compromise (BEC)—aka CEO Fraud— scams averaged $300 million ...
Continue Reading

CBInsights Welcomes KnowBe4 To The Cybersecurity Unicorn Club

CBInsights wrote: "Cybersecurity unicorns (*)  are being minted at a faster rate than ever before, and $1B+ valuations are coming through even larger funding rounds. Private companies are ...
Continue Reading

Microsoft Notifies 10,000 Customers About Nation-state Cyber Attacks

In an article about cyber security related to voting machines, an interesting snippet of information surfaced: “Microsoft said it has notified almost 10,000 customers in the past year ...
Continue Reading

SANS Security Awareness Report Highlights the Rising Era of Awareness Training

SANS Security Awareness, a division of SANS Institute, announced they have released their new 2019 Security Awareness Report. In its fifth consecutive year, this very useful annual report ...
Continue Reading

[INFOGRAPHIC] Employees receive nearly five phishing emails per work week, according to Avanan

One in every 99 work emails is a phishing attack, according to a recent Avanan report. With employees accustomed to a busy inbox, it's easy to fall victim to a phishing attack disguising ...
Continue Reading

Mimecast Identifies Brand New Phishing Tactic Called "SHTML"

In early April, the Mimecast Threat Center team discovered a rare type of server-parsed HTML (SHTML) based phishing attack emerging from the UK.
Continue Reading

Chinese Hackers Use Island Hopping to Steal Industrial and Commercial Secrets in 5-year Attack on the World’s Largest Technology Service Providers

Dubbed the “Cloud Hopper” campaign, victim companies such as Ericsson, HPE, IBM, and more were targets of exfiltration aimed and helping advance the Chinese economy.
Continue Reading

Microsoft Discovers New Excel-Based Attack to Deliver the FlawedArmmyRAT Malware

A new set of tweets from Microsoft Security Intelligence walks through an attack that uses a number of built-in Windows toolsets to infect machines with the notorious malware.
Continue Reading

Attacker’s Use of OneDrive as a Malicious File Host Jumps Over 3200% in Q1

The need for reputable hosting services to make phishing scams involving malicious files look legitimate has caused a rise in popularity for Microsoft’s cloud-based file sharing service.
Continue Reading

Evite Invites Over 100 Million People to Their Data Breach

Larry at Bleepingcomputer wrote: "The data breach monitoring service Haveibeenpwned.com has added a database dump of almost 101 million Evite users who had their information exposed when ...
Continue Reading

[VIDEO] KnowBe4 Quarterly Platform Update Q2-2019

Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews