Hive Ransomware-as-a-Service Races to the Top as Affiliates Breach 350 Organizations in Just 4 Months

Jan 6, 2022 2:20:00 PM By Stu Sjouwerman

A mere blip on the ransomware radar a quarter ago, the massive onslaught of attacks using Hive Ransomware demonstrates how dangerous the “as-a-Service” model really is.

Over 1200 Man-in-the-Middle Phishing Toolkits Designed to Intercept 2FA Found in the Wild

Jan 6, 2022 2:19:54 PM By Stu Sjouwerman

An academic partnership between Stony Brook University and Palo Alto Networks uncovered a massive use of tools that will steal authentication cookies mid-stream instead of credentials.

121 Brands Impersonated in Massive 91-Country Survey-Turned-Fraud Scam

Jan 6, 2022 2:19:37 PM By Stu Sjouwerman

With an estimated take of over $80 million a month, this scam uses new evasive tactics designed to make detection and investigation of these attacks difficult at best.

Obvious, but Probably Effective: Konni RAT Screensaver

Jan 6, 2022 1:20:04 PM By Stu Sjouwerman

A North Korean threat actor is targeting users in Russia with a New Year’s Eve-themed phony screensaver file, the Record reports. Researchers at Cluster25 spotted the activity, and say ...

New York State Warns of Credential Stuffing

Jan 6, 2022 1:17:59 PM By Stu Sjouwerman

New York Attorney General Letitia James has released a guide to help businesses defend themselves against credential stuffing attacks. Credential stuffing is a type of brute-force attack ...

CyberheistNews Vol 12 #01 [Heads Up] New Omicron-Themed Phishing Attack is Now Running Rampant

Jan 5, 2022 9:17:59 AM By Stu Sjouwerman

Cryptocurrency Scam Profits Jump 81% in 2021 to $7.7 Billion

Jan 4, 2022 10:04:02 AM By Stu Sjouwerman

Despite a drop in crypto scams in 2020 due to the pandemic, a new report highlights the massive growth in crypto scams… and the profitable results they’re yielding.

Reducing Stress with CBD Is the Latest Theming for Phishing Attacks

Jan 4, 2022 10:03:58 AM By Stu Sjouwerman

Spanning three languages and at least 15,000 unique phishing emails, this latest phishing campaign targets stressed out workers in the U.S. and France, avoiding detection and promising to ...

Copyright Infringement Notice to Instagram Users Serves as Newest Phishbait

Jan 4, 2022 10:03:54 AM By Stu Sjouwerman

Scammers are sending phony accusations of copyright infringement to Instagram users in a new phishing attack, Paul Ducklin writes at Naked Security. The scammers are taking advantage of ...

Shoulder Surfing is Still a Thing for Successful Social Engineering Attacks

Jan 4, 2022 10:03:50 AM By Stu Sjouwerman

Social engineering isn’t concerned with either novelty or elegance. All that matters is whether it works. ESET’s Jake Moore described a case in point for We Live Security: all someone ...

2023 Resolution: "I'll Be A Certified Security Awareness and Culture Professional (SACP)™"

Jan 1, 2022 11:59:12 AM By Stu Sjouwerman

Your organization's cyber threat landscape is changing lightning fast. So, your security awareness skills need to stay razor sharp, and are increasingly viewed as critical to protect your ...

Amazon Token Crypto “Presale” Scam Takes Advantage of News Hype and Steals Your Real Cryptocurrency

Dec 30, 2021 3:58:38 PM By Stu Sjouwerman

The growing interest in new cryptocurrencies and the potential to get in early on Amazon’s supposedly forthcoming crypto has scammers taking victims for thousands of dollars.

New “Karakurt” Threat Group is Gaining Attention Through Multiple and Frequent Extortion Attacks

Dec 30, 2021 3:58:33 PM By Stu Sjouwerman

A new warning from Accenture Security highlights this new cybercriminal group making waves that focuses on a "data breach and extortion” MO rather than relying on ransomware.

Omicron-Themed Phishing Campaign is Running Rampant

Dec 29, 2021 11:01:30 AM By Stu Sjouwerman

A mean-spirited phishing campaign is mocking victims after infecting their devices with Dridex malware, according to Lawrence Abrams at BleepingComputer.

Organizations Worldwide Experience Over 722 Million Attacks in the Last 30 Days!

Dec 29, 2021 11:01:23 AM By Stu Sjouwerman

Analysis of data collected by Internet and security services vendor Akamai shows an unimaginable number of cyberattacks, demonstrating how frequently these attacks are happening.

5 Notable Obscure Phishing Scams

Dec 29, 2021 11:01:12 AM By Roger Grimes

I love that KnowBe4’s customers are among the most knowledgeable and educated people in the world in avoiding phishing scams. KnowBe4’s products help its customers to educate and test ...

Conti Ransomware Affiliate Attacks Australian Utilities Giant's Corporate Network

Dec 29, 2021 11:01:00 AM By Stu Sjouwerman

While news reports indicate no impact to the utilities company’s ability to deliver electricity to its’ customers, this could be the start of attacks on critical infrastructure in ...

Google Takes a Step Towards Reducing the Use of Calendar Invitations as Phishing Tools

Dec 29, 2021 11:00:50 AM By Stu Sjouwerman

Doing their part, Google adds new functionality that defaults to automatically adding Google-based calendar invites to a victim’s calendar to lower the malicious value of an invite.

CyberheistNews Vol 11 #51 [Heads Up] Phishing Attacks Remain the Top Type of Cybersecurity Breach This Year

Dec 29, 2021 9:36:00 AM By Stu Sjouwerman

West Virginia Healthcare Breach Traced to Phishing

Dec 28, 2021 1:28:54 PM By Stu Sjouwerman

Monongalia Health System in West Virginia has disclosed a data breach that exposed sensitive patient and employee information.

Security Awareness Training Blog

View Topics