Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

Mobile Device Usage Have Led to Security Incidents in Nearly Half of Organizations

Mar 30, 2022 8:15:33 AM By Stu Sjouwerman
The shift in devices used by today’s workforce has resulted in increases in cybersecurity concerns and incidents, despite a majority of orgs with defined BYOD programs in place.
Continue Reading

CyberheistNews Vol 12 #13 [Heads Up] Published Zelenskyy Deepfake Video Demonstrates the Modern War is Online

Mar 29, 2022 9:59:07 AM By Stu Sjouwerman
[Heads Up] Published Zelenskyy Deepfake Video Demonstrates the Modern War is Online   Email not displaying? | View Knowbe4 Blog   CyberheistNews Vol 12 #13  |   Mar. 29th., 2022 [Heads ...
Continue Reading

Email Conversation Hacking to Distribute Malware

Mar 29, 2022 9:03:08 AM By Stu Sjouwerman
Researchers at Intezer warn that attackers are hijacking email conversations to distribute the IcedID banking Trojan. This technique makes the phishing emails appear more legitimate and ...
Continue Reading

KnowBe4 and Okta Update

Mar 28, 2022 3:53:58 PM By Stu Sjouwerman
To start off, we do not use Okta in any of our products.
Continue Reading

Making Better Push-Based MFA

Mar 28, 2022 1:51:20 PM By Roger Grimes
I used to be a huge fan of Push-Based Multifactor Authentication (MFA), but real-world use has shown that most of today’s most popular implementations are not sufficiently protective ...
Continue Reading

Buy Now, Pay Later Scams

Mar 28, 2022 9:31:28 AM By Stu Sjouwerman
Fraudsters are taking advantage of the buy-now, pay-later (BNPL) payment model, according to Jim Ducharme, COO of Outseer. On the CyberWire’s Hacking Humans podcast, Ducharme explained ...
Continue Reading

WIRED: "A Mysterious Satellite Hack Has Victims Far Beyond Ukraine"

Mar 24, 2022 3:20:26 PM By Stu Sjouwerman
WIRED wrote: "More than 22,000 miles above Earth, the KA-SAT is locked in orbit. Traveling at 7,000 miles per hour, in sync with the planet’s rotation, the satellite beams high-speed ...
Continue Reading

Fidelity: "Why cybersecurity is material to all industries"

Mar 24, 2022 3:05:50 PM By Stu Sjouwerman
Fidelity just published an article titled "Cybersecurity: A growing risk". They note that the threat of Russian cyberattacks highlights vulnerabilities across industries. I'm quoting a ...
Continue Reading

Repertoire of Ukraine Charity Phishing Scams

Mar 24, 2022 10:21:32 AM By Stu Sjouwerman
Scammers continue to exploit the crisis in Ukraine, according to researchers at Bitdefender. Over the past week, the researchers believe the fraudsters have adjusted their tactics in ...
Continue Reading

Initial Access Broker Group Relies on Social Engineering

Mar 24, 2022 10:20:53 AM By Stu Sjouwerman
Google’s Threat Analysis Group (TAG) describes a cybercriminal group it calls “EXOTIC LILY” that acts as an initial access broker for numerous financially motivated threat actors, ...
Continue Reading

Try the New Compliance Audit Readiness Assessment Today for the SSAE18 Framework

Mar 24, 2022 8:00:00 AM By Stu Sjouwerman
When it's time to complete a compliance audit, are you thinking, "Ugh, is it that time again?" And, as more organizations demand proof that  their data is protected in the cloud, keeping ...
Continue Reading

Number of Phishing Attacks Hits an All-Time High in 2021, Tripling That of Early 2020

Mar 23, 2022 2:00:34 PM By Stu Sjouwerman
New data from the Anti-Phishing Working Group shows cybercriminals are stepping on the gas, focusing phishing attacks on credential theft and response-based scams.
Continue Reading

Phishing Attack-Turned-Wire Fraud Case Sees a Win for the Policyholder

Mar 23, 2022 2:00:26 PM By Stu Sjouwerman
In an unusual turn of events, a recent court decision sided with the policyholder, despite specific policy language that probably should have favored the insurer.
Continue Reading

QakBot Banking Trojan Evolves and Now Takes Over Email Conversations to Spread Malware

Mar 23, 2022 2:00:06 PM By Stu Sjouwerman
As if stealing all your credentials, cookies, and email wasn’t bad enough, this new version of QakBot inserts itself into your emails, impersonating you to gain access to more victims.
Continue Reading

Phishing Scam with Fraudulent Invoice Costs City of Fresno Over $600,000

Mar 23, 2022 1:59:56 PM By Stu Sjouwerman
This simple invoice scam appears to be a part of a much broader campaign targeting municipalities, posing as existing subcontractors.
Continue Reading

Exploiting Trust in reCAPTCHA

Mar 23, 2022 8:46:14 AM By Stu Sjouwerman
Researchers at Avanan warn that attackers are using reCAPTCHAs on their phishing sites to avoid detection by security scanners.
Continue Reading

Published Zelenskyy Deepfake Video Demonstrates the Modern War is Online

Mar 22, 2022 4:10:05 PM By Stu Sjouwerman
The video uploaded to a hacked Ukrainian news website shows how far the technology has come, how it can be used in social engineering, as well as how the tech still needs to improve.
Continue Reading

SMBs Are 350% More Likely to Experience Social Engineering Attacks Via Phishing

Mar 22, 2022 4:08:43 PM By Stu Sjouwerman
New data shows phishing, social engineering, and impersonation dominate as cybercriminals are becoming more frequent and successful with their attacks.
Continue Reading

CyberheistNews Vol 12 #12 [New White House Alert] Train Your Users Against Threat of Russian Cyberattacks

Mar 22, 2022 11:06:15 AM By Stu Sjouwerman
[New White House Alert] Train Your Users Against Threat of Russian Cyberattacks   Email not displaying? | View Knowbe4 Blog   CyberheistNews Vol 12 #12  |   Mar. 22nd., 2022 [New White ...
Continue Reading

[BREAKING] White House warns Russia is prepping possible cyberattacks against US

Mar 21, 2022 6:16:51 PM By Stu Sjouwerman
With the recent cyber-attacks between Russia and Ukraine and the current intelligence coming from the US Government, organizations want to shore up their defenses to reduce the risk of a ...
Continue Reading
Subscribe

Search Our Blog


Anti-Phishing Guide ebook

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews