Cybersecurity incidents cost organizations $1,197 per employee, per year

Nov 25, 2022 3:39:41 PM By Stu Sjouwerman

This statistic is alarming and underscores the importance of having a robust cybersecurity program in place. According to the Ponemon Institute, the average cost of a data breach is $3.8 ...

A Recent, Complex, Ransomware Campaign

Nov 22, 2022 9:39:48 AM By Stu Sjouwerman

Microsoft has observed a threat actor that’s been running a phishing campaign since August 2022. The threat actor, which Microsoft tracks as “DEV-0569,” is using phishing emails to ...

New Instagram Support Phishing Attack Fakes “Unusual Logon” Experience Well Enough to Fool Victims

Nov 22, 2022 9:36:16 AM By Stu Sjouwerman

Long gone are the days of tacky landing pages that barely impersonate a brand; threat actors are improving their social engineering game well enough to make anyone believe it’s the real ...

Image-Based Phishing and Phone Scams Continue to Get Past Security Scanners

Nov 22, 2022 9:34:34 AM By Stu Sjouwerman

Using the simplest tactic of not including a single piece of content that can be considered malicious, these types of scams are making their way to inboxes every single time.

CyberheistNews Vol 12 #47 [Heads Up] Watch Out for This Tricky New Tactic Called Clone Phishing

Nov 22, 2022 9:17:29 AM By Stu Sjouwerman

World Cup Phishing Attacks Doubled And Will Increase

Nov 21, 2022 4:17:16 PM By Stu Sjouwerman

Researchers at Trellix revealed that phishing email attacks targeting users in the Middle East doubled in October 2022 ahead of the World Cup in Qatar, as reported by The Record. The end ...

MFA Fatigue Attacks

Nov 21, 2022 4:00:55 PM By Stu Sjouwerman

Researchers at Specops Software describe a technique attackers are using to bypass multi-factor authentication (MFA). In an article for BleepingComputer, the researchers explain that ...

4 out of 10 Emails are Unwanted as nearly 40% of all Attacks Start with Phishing

Nov 21, 2022 3:59:17 PM By Stu Sjouwerman

New data focused on emails sent through Microsoft 365 highlights the methods used to ensure a successful attack beginning with a malicious email.

10 Million Health Records from Australian Insurer Medibank are Leaked After Refusing to Pay the Ransom

Nov 21, 2022 1:33:41 PM By Stu Sjouwerman

The aftermath of a ransomware attack last month demonstrates just how bad an attack can get when the cybercriminals don’t get what they want.

2022 Black Friday and Cyber Monday Scams

Nov 21, 2022 11:57:45 AM By Jacqueline Jayne

In years gone by, Black Friday was a 24-hour rush to the shops (you remember those places with actual people and merchandise that you could touch) where there was a set time for you to ...

Over One-Third of Companies Who Pay the Ransom are Targeted for a Second Time

Nov 21, 2022 11:33:06 AM By Stu Sjouwerman

Despite the somewhat logical notion that once you’ve paid the ransom, the attack is over, new data shows that paying the ransom doesn’t help you anywhere near how much you think it does.

Retailers: Credential Harvesting Attacks Are the “Big Thing” This Year for the Holiday Season

Nov 21, 2022 11:31:25 AM By Stu Sjouwerman

New data polled from analysts and members of the retail industry about their security focus is this holiday season reveals the kinds of attacks every organization should be preparing for.

This New Phishing Kit Flies Under the Radar of Antivirus Software

Nov 21, 2022 11:29:44 AM By Stu Sjouwerman

Akamai researchers have discovered a new phishing campaign that targets United States consumers with fake holiday offers, TechRadar reports. Fake landing pages created by threat actors ...

Phishing Attacks Misuse Microsoft Dynamics 365 Customer Voice Functionality to Hide Malicious Links

Nov 17, 2022 1:41:23 PM By Stu Sjouwerman

Leveraging a legitimate feature of Dynamics 365, threat actors are able to obfuscate the malicious nature of the email within content that naturally requires user interaction.

Valid Accounts Rank as the Top Initial Access Infection Vector, Putting a Spotlight on Credentials

Nov 17, 2022 1:41:19 PM By Stu Sjouwerman

As ransomware, business email compromise, and phishing attacks continue to escalate, new data sheds light on where organizations need to focus to help put a stop to attack success.

Ransomware Attacks on UK Organizations are Not Being Reported Enough, Clouding Impact

Nov 17, 2022 1:41:16 PM By Stu Sjouwerman

A new report from the UK’s National Cyber Security Center highlights the current state of threats in the UK, with particular focus on ransomware attacks and their impact.

Cyber Insurance Rates Begin to Stabilize as Insurers Gain Better Insight into Cyberattacks

Nov 17, 2022 1:41:12 PM By Stu Sjouwerman

The latest data shows that historically massive rate increases seen over the last few years are beginning to come down, primarily due to insurers having a solid understanding of the risk.

Holiday Package or Scam Message? Clickers Beware

Nov 17, 2022 9:02:23 AM By Javvad Malik

As we enter the holiday season, we start getting bombarded with amazing offers and often take advantage of not only grabbing ourselves a bargain, but also stockpiling gifts for friends ...

Watch Out For This Tricky New Tactic Called Clone Phishing

Nov 17, 2022 8:49:53 AM By Stu Sjouwerman

Researchers at Vade Secure describe a type of phishing attack dubbed “clone phishing,” in which attackers follow up a legitimate email from a trusted sender with a replica, claiming that ...

FBI director says he's 'extremely concerned' about China's ability to weaponize TikTok

Nov 16, 2022 3:29:36 PM By Stu Sjouwerman

Suzanne Smalley at Cyberscoop reported: "FBI Director Christopher Wray told Congress on Tuesday he is “extremely concerned” that Beijing could weaponize data collected through TikTok, the ...

Security Awareness Training Blog

View Topics