Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Ransomware Still Plagues Organizations Despite Feeling Prepared for an Attack

New data from security vendor AlienVault shines a light on the real state of ransomware, and how concerned IT organizations are with preparing for and dealing with an attack.
Continue Reading

Cybercriminals Leverage the U.K.’s Strong Customer Authentication Requirement in a New String of Phishing Attacks

Attackers are taking advantage of the requirement to secure online shopping and banking transactions processed within the U.K. to gather personal details of consumers and users alike.
Continue Reading

Brand-New: Multi-Factor Authentication Security Assessment Tool Helps Assess Your Organization's MFA Vulnerabilities

You already know that using multi-factor authentication (MFA) can decrease your cybersecurity risk, and certainly is a much stronger defense compared to using traditional passwords alone. ...
Continue Reading

Chinese State-Sponsored Phishing

A sophisticated threat group is going after a variety of industries using spearphishing and an arsenal of malware, according to Nalani Fraser and Fred Plan from FireEye. Fraser and Plan ...
Continue Reading

Is Cyberinsurance a Reason for the Rise in Ransomware Attacks?

Are cybercriminals counting on the victim’s simple cost-to-benefit decision to have their cyber-insurer pay the ransom? And, if so, are they targeting companies with cyberinsurance?
Continue Reading

Now *here* is something new! What The Heck Is War Shipping?

Our friends at Malwarebytes have a great article about this written by Pieter Arntz. This is a cross-post with grateful acknowledgement!  :-D
Continue Reading

Casbaneiro is the Hook in Alt-Coin Phishing

The Casbaneiro banking Trojan is going after Latin American victims’ cryptocurrency, Verdict reports. It’s being distributed via phishing emails which trick victims into downloading a ...
Continue Reading

Fall LinkedIn Job Postings Are a Prime Vehicle for Job Scams, Cyber Attacks

LinkedIn says the Fall hiring season is very hot right now. With more than 20 million jobs posted, LinkedIn is the perfect way for scammers to trick users into becoming victims.
Continue Reading

[Heads up] FBI Warns About Attacks That Bypass Your Multi-factor Authentication (MFA)

Last month, the FBI sent a special alert called a Private Industry Notification (PIN) to industry partners about the rising threat of attacks that bypass their multi-factor authentication ...
Continue Reading

Ransomware is Having Its Best Year Ever

The recent rash of successful ransomware attacks against municipalities, state and local government, and school districts is bad for organizations and great for cybercriminals.
Continue Reading

The Cost of a Data Breach is Expected to Rise by Two-Thirds Over the Next Five Years

The increase in attack effectiveness and remediation costs, along with new compliance fines are causing the cost of a data breach to rise significantly.
Continue Reading

77% Of UK Workers Admit That They Have Never Received Any Form Of Cyber Security Training

77 per cent of UK workers admit that they have never received any form of training cyber skills training from their employer, according to a new study from Centrify, a leading provider of ...
Continue Reading

So What Happens When Kevin Mitnick Meets Joe Perry?

So, Kevin Mitnick Meets Joe Perry from Aerosmith in Australia and someone asks him:
Continue Reading

Disruption of Production Due To Malware at Rheinmetall Automotive Costs $4 Million Per Week

In a press release the very large EU company revealed: "The IT infrastructure of Rheinmetall Automotive plants in Brazil, Mexico and the USA has been affected by malware attacks since ...
Continue Reading

Phishing Awareness: Considerations for Schools

Educating students and staff about phishing attacks is essential to protecting schools, according to Matt Britland, Director of IT and digital strategy at Alleyn’s School in London. In an ...
Continue Reading

Amazon, Paypal, and Gmail Users are the Latest Target in a Sophisticated Multistage Phishing Attack

The latest attack, dubbed “Heatstroke” uses new target-specific phishing kits that may be sold as a “phishing-as-a-service” using new techniques to avoid leaving a trail.
Continue Reading

More Than 2.2 Billion Stolen Account Credentials Have Been Made Available on the Dark Web

2019 is looking to be the year of the “data dump”, with more exposed records than any other year, empowering further credential stuffing attacks, according to McAfee.
Continue Reading

Crime Sometimes Pays: $1.1M Recovered from U.K. Phishing Scammer 2 Years After Being Caught

We don’t often hear enough stories of cybercriminals being caught and paying back what they’ve stolen, but in the case of scammer Grant West, that’s exactly what has happened. 
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews