Social Engineering, Money Mules, and Job Seekers

Dec 19, 2022 10:32:37 AM By Stu Sjouwerman

A small town in Manitoba, WestLake-Gladstone (population about 3300), fell victim to a social engineering campaign. The municipal government seems to have been a target of opportunity, ...

Hospitals Warned of Royal Ransomware Attacks by U.S. Department of Health

Dec 16, 2022 8:15:38 AM By Stu Sjouwerman

This brand new ransomware gang is on the attack and, despite them being new to the game, are coming out of the gate attacking the healthcare sector and asking for millions in ransom.

Less Than One-Third of Organizations Leverage Multiple Authentication Factors to Secure Their Environment

Dec 16, 2022 8:15:35 AM By Stu Sjouwerman

Demonstrating a complete lack of focus on the need for additional authentication factors, surprising new data highlights a material security gap that enables cybercrime.

Ten Charged with BEC Healthcare Scheme That Took More than $11 Million

Dec 14, 2022 2:03:59 PM By Stu Sjouwerman

Tricking five state Medicaid programs, two Medicare Administrative Contractors, and two private health insurers, the scammers posed as hospitals to alter payment details.

Cybersecurity Experts Weigh in on Modern Email Attacks

Dec 14, 2022 2:03:19 PM By Stu Sjouwerman

Abnormal Security’s CISO, Mike Britton consolidates some of the best advice from a three-part webinar series on the current state of risk found in email-based cyberattacks

Interest in Infostealer Malware Within Cyberattacks Spikes as MFA Fatigue Attacks Increase

Dec 14, 2022 2:02:41 PM By Stu Sjouwerman

New analysis of dark web forums shows an increase in discussions around the use of infostealer malware as part of both the first attack within a campaign or as part of an initial access ...

October and November Have Been the Two Busiest Months for Ransomware

Dec 14, 2022 2:01:13 PM By Stu Sjouwerman

Trending data going back to January of 2020 shows that ransomware attacks are continually increasing in number with unusual highs in the 4th quarter.

Utility Bill is the New Phishbait for Cybercriminals

Dec 14, 2022 9:12:45 AM By Stu Sjouwerman

An SMS phishing (smishing) campaign is impersonating utility providers in the US, Cybernews reports. Researchers at Enea AdaptiveMobile Security spotted the campaign, which informs ...

Look Out For Scammers This Holiday Season on Social Media

Dec 14, 2022 9:12:39 AM By Erich Kron

You know how some gifts are insanely sought after each year, selling out in mere minutes? Well, these are great tools for scammers, especially on social media.

Ughh. FBI’s Vetted Threat Sharing Network ‘InfraGard’ Hacked

Dec 14, 2022 6:12:35 AM By Stu Sjouwerman

Investigative reporter Brian Krebs reported December 13, 2022 that "InfraGard, a program run by the U.S. Federal Bureau of Investigation (FBI) to build cyber and physical threat ...

CyberheistNews Vol 12 #50 [EYE OPENER] How ChatGPT Can Be Used for Social Engineering

Dec 13, 2022 9:30:00 AM By Stu Sjouwerman

CISA Phishing Infographic Contains a Lot of Good Information

Dec 13, 2022 8:54:06 AM By Roger Grimes

On December 8th, the Cybersecurity & Infrastructure Security Agency (CISA) released a great phishing infographic about data collected, lessons learned and recommendations learned from ...

[CASE STUDY] New-school Approach to Training and Simulated Phishing Shines Over Traditional LMS

Dec 12, 2022 1:49:34 PM By Stu Sjouwerman

A U.S.-based enterprise manufacturing organization cut their Phish-prone Percentage™ (PPP) by more than 80% after five months using the KnowBe4 security awareness training and simulated ...

[EYE OPENER] How ChatGPT Can Be Used For Social Engineering

Dec 10, 2022 10:12:36 AM By Stu Sjouwerman

ChatGPT could give Google a serious run for its money. We are not quite there yet, but the capabilities are rapidly improving. Just have a look at the command I gave it. In 5 seconds the ...

Incident Response Actions are Systematically Reversed by Hackers to Maintain Persistence

Dec 8, 2022 4:33:52 PM By Stu Sjouwerman

Analysis of attacks on two cellular carriers have resulted in the identification of threat actions designed to undo mitigations taken by security teams mid-attack.

New Modular Attack Chain Found That Allows Attackers to Change Payloads Mid-Breach

Dec 8, 2022 4:33:45 PM By Stu Sjouwerman

We’ve long known developers of cyberattacks to be crafty and focus a lot of energy on obfuscation, but a new attack can shift gears midstream, delivering just the right malware.

Scammer Group Uses Business Email Compromise to Impersonate European Investment Portals

Dec 8, 2022 8:58:00 AM By Stu Sjouwerman

A sophisticated scammer group has stolen at least €480 million from victims in France, Belgium, and Luxembourg since 2018, according to researchers at Group-IB. The gang uses a highly ...

[Eye Opener] Cybersecurity Resilience Emerges as Top Priority as 62% of Companies Say Security Incidents Impacted Business Operations

Dec 8, 2022 6:51:35 AM By Stu Sjouwerman

Cisco's annual Security Outcomes Report shows executive support for a security culture is growing. The report identifies the top seven success factors that boost enterprise security ...

Cyber Insurers Focus on Catastrophic Attacks and Required Minimum Defenses as Premiums Double

Dec 7, 2022 10:44:35 AM By Stu Sjouwerman

Recent attacks are helping cyber insurers better understand what security strategies need to be in place and how to price policies based on the risk those policies cover.

Archives Overtake Office Documents as the Most Popular File Type to Deliver Malware

Dec 7, 2022 10:44:32 AM By Stu Sjouwerman

Taking the lead over the use of Word, Excel, PDF, and other office-type documents in attacks, new data shows that files like ZIP and RAR have grown in popularity by 11% last quarter.

Security Awareness Training Blog

View Topics