Keeping you informed. Keeping you aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.
This morning, Bloomberg News pointed at a brand new article at BusinessWeek, one of their media properties. This is an excellent article that exposes the vulnerabilities when ...
With the average cost of the most expensive successful email attack at over $1 million, it’s necessary to begin to zero in on where the material sources of risk exist to keep these ...
Since phishing attacks need legitimacy to increase their deliverability, this latest twist shows how phishing scammers and hackers are working together to ensure phishing attacks continue.
An international cybercriminal operation responsible for millions of dollars in business email compromise (BEC) scams has finally been dismantled.
BlackBerry has published a report on a threat actor, Blind Eagle, also known as APT-C-36, which has been operating against targets in Ecuador and Colombia since at least 2019. Its most ...
CyberheistNews Vol 13 #09 | February 28th, 2023 [Eye Opener] Should You Click on Unsubscribe? By Roger A. Grimes. Some common questions we get are "Should I click on an unwanted email's ...
Most computer security practitioners have understood for many years the importance of having an aggressive security awareness training program. As social engineering is involved in 70% to ...
Researchers at Checkmarx warn that attackers uploaded more than 15,000 packages to NPM, the open-source repository for JavaScript packages, to distribute phishing links. The packages ...
With nearly 280 million phishing emails detected by just one vendor, and the increase in the number of unique emails, organizations have a lot to be worried about in 2023.
Email scammers can’t pass up a tried and true theme that is almost guaranteed to produce results. And with W-2 forms being sent out, it marks the start of this year’s expected campaigns.
New cyber attack data from 2022 is providing insight into what to expect in 2023, including ransomware campaigns.
New data shows users aren’t scrutinizing emails used in business email compromise (BEC) attacks, allowing critical changes in banking details that would impact the victim's organization ...
We received great feedback from many of you after sharing data about completion percentages last month so much that we thought, “What other things can we share from our vast amount of ...
Coinbase describes a targeted social engineering attack that led to the theft of some employee data. The attacker first sent smishing messages to several Coinbase employees, urging them ...
Some common questions we get are “Should I click on an unwanted email’s ’Unsubscribe’ link? Will that lead to more or less unwanted email?”
When it comes to cybersecurity, ransomware is the rockstar of threats. But taking a peek behind the curtain, business email compromise (BEC) causes huge financial losses.
Cloudflare warns that business email compromise (BEC) phishing has assumed a new form: vendor email compromise (VEC). The classic BEC case involves the impersonation of someone within an ...
CyberheistNews Vol 13 #08 | February 21st, 2023 [Heads Up] Reddit Is the Latest Victim of a Spear Phishing Attack Resulting in a Data Breach There is a lot to learn from Reddit's recent ...
When should organizations be on guard against social engineering? Always, of course, but there are certain times when they should be especially alert. A study of cyberattacks has found ...
The curse of knowledge is a cognitive bias that occurs when someone is trying to communicate information to another person, but falsely assumes that the other person has the same level of ...
