[New FBI and CISA Alert] This ransomware strain uses RDP flaws to hack into your network

Jul 1, 2022 6:47:10 AM By Stu Sjouwerman

As of May 2022, MedusaLocker has been observed predominantly exploiting vulnerable Remote Desktop Protocol (RDP) configurations to access victims' networks, according to a new joint ...

Celebrity Crypto Scams Just Keep on Getting Worse

Jun 30, 2022 2:43:50 PM By Roger Grimes

Bloomberg News recently reported that fake celebrity-endorsed crypto scams have doubled in the UK this year, and on average scammed victims out of $14,540 in stolen value before they ...

[Heads Up] Online Fraud Now Sky-high With 'Tinder Swindler' Romance Scams Costing Hundreds of Millions

Jun 30, 2022 10:19:27 AM By Stu Sjouwerman

A new article in Bloomberg focused on new sky-high online fraud numbers, they are horrendous. Here is a short summary and I recommend you read the whole article.

Wars and Lechery, Nothing Else Holds Fashion for Phishing Attacks

Jun 29, 2022 10:03:52 AM By Stu Sjouwerman

Shakespeare said it first, and things haven’t changed: suffering and desire continue to drive victims to the social engineers. Researchers at Bitdefender have observed a phishing campaign ...

Bad News to Ransom Payers: 80% of You Will Face a Second Attack Within 30 Days

Jun 29, 2022 9:27:04 AM By Stu Sjouwerman

New insight into what happens during and after a ransomware attack paints a rather dismal picture of what to expect from attackers, your executives, and your operations.

80% of Organizations Await “Inevitable” Negative Consequences From Email-Born Cyberattacks

Jun 29, 2022 9:26:57 AM By Stu Sjouwerman

With nearly every organization experiencing some form of phishing attack, new data suggests these attacks are improving in sophistication, effectiveness, and impact.

New Evasive Phishing Techniques Help Cybercriminals Launch “Untraceable” Campaigns

Jun 29, 2022 9:26:51 AM By Stu Sjouwerman

Scary new details emerge of cybercriminals using reverse tunneling and URL shorteners to evade detection by security solutions, allowing them to take victims for their credentials and ...

Innovative Way to Bypass MFA Using Microsoft WebView2 Is Familiar Nevertheless

Jun 29, 2022 9:15:45 AM By Roger Grimes

An interesting way to bypass multi-factor authentication (MFA) was recently announced by Bleeping Computer. This particular attack method requires a potential victim to be tricked into ...

FBI Warns of Deepfakes Used to Apply for Remote Jobs

Jun 29, 2022 9:15:30 AM By Stu Sjouwerman

If you're looking for your company's next remote IT position, you may want to think twice before doing so. The FBI recently reported to the Internet Complaint Center today that there are ...

CyberheistNews Vol 12 #26 [Heads Up] The FBI Warns That LinkedIn Fraudsters Are Now a Significant Threat

Jun 28, 2022 9:04:02 AM By Stu Sjouwerman

MetaMask Crypto Wallet Phishing

Jun 27, 2022 9:56:17 AM By Stu Sjouwerman

A phishing campaign is attempting to steal credentials for MetaMask cryptocurrency wallets, according to Lauryn Cash at Armorblox.

Amazon Prime Day 2022 is Coming: Here are Quick Cybersecurity Tips to Help You Stay Safe

Jun 23, 2022 1:56:47 PM By Erich Kron

Amazon Prime Days this year are July 12 - 13th 2022. As a result, cybercriminals are taking every step to capitalize on the holiday with new phishing attacks. I have been getting asked ...

Technology, Microlearning, and its Impact on Users and Cybersecurity

Jun 23, 2022 1:30:50 PM By James McQuiggan

Technology is everywhere in society these days from our communication, shopping, and commerce capabilities. Whether email, online purchases, or using the blockchain, it amounts to large ...

Pre-Hijacking of Online Accounts are the Latest Method for Attackers to Impersonate and Target

Jun 23, 2022 11:21:31 AM By Stu Sjouwerman

Rather than run a complex credential harvesting phishing scam, attackers use existing information about their victim and hijack a popular web service account *before* it’s created.

“Failure to Authenticate” Wire Transaction at the Heart of a Cyber Insurance Appeal Case

Jun 23, 2022 11:21:24 AM By Stu Sjouwerman

Lawsuits over denied cyber insurance claims provide insight into what you should and shouldn’t expect from your policy – and that actions by your own users may make the difference.

Phishing Scammers Leverage Telegraph’s Loose Governance to Host Crypto and Credential Scams

Jun 23, 2022 11:21:18 AM By Stu Sjouwerman

The free and unmonitored webpage publishing platform has been identified as being used in phishing scams dating back as early as mid-2019, as a key part to bypass security solutions.

Vendor Impersonation Competing with CEO Fraud

Jun 23, 2022 9:09:21 AM By Stu Sjouwerman

Researchers at Abnormal Security have observed an increase in vendor impersonation in business email compromise (BEC) attacks.

[Heads Up] Russia has increased the cyber attacks against countries that help Ukraine

Jun 23, 2022 7:05:35 AM By Stu Sjouwerman

The Wall Street Journal just reported that Russian intelligence agencies have increased the pace of cyberattacks against nations that have provided aid to Ukraine, according to new ...

Spear Phishing Campaign Targets the US Military

Jun 22, 2022 8:59:46 AM By Stu Sjouwerman

Researchers at Zscaler warn that a spear phishing campaign is targeting the US military and other sectors with phishing emails that purport to be voicemail notifications. The emails ...

FBI Warns of Fraudsters on LinkedIn

Jun 21, 2022 9:15:06 AM By Stu Sjouwerman

The US FBI has warned that scammers on LinkedIn are a “significant threat,” CNBC reports. Sean Ragan, the FBI’s special agent in charge of the San Francisco and Sacramento field offices, ...

Security Awareness Training Blog

View Topics