Security Awareness Training Blog

Cybercrime Blog

We report on the latest trends in cybercrime to help you stay informed and aware of what the current threat landscape looks like.

Strange Chinese APT Interest in Buying Batches of AV Products

The Chinese military unit was recently accused of carrying out a years-long cyber espionage. The accusation from Japanese authorities was due to China's People Liberation Army buying ...
Continue Reading

Genesis Market: a Study in the C2C Economy

Researchers at Digital Shadows describe Genesis Market, a criminal-to-criminal marketplace that aggregates and sells digital fingerprints to facilitate cyberattacks. The researchers say ...
Continue Reading

FBI's Newly Release Internet Crime Report Shows Cybercrime has Ramped Up in 2020

The FBI's Internet Crime Complaint Center (IC3) released their annual report, and the number of complaints have skyrocketed in 2020.
Continue Reading

Not Your Father's Tech Support Scam

Over the past month or so customers using the Phish Alert Button (PAB) have been reporting a curious wave of what initially appeared to be run-of-the-mill tech support scam emails. As it ...
Continue Reading

Cybercrime Officially Has Its Own Global Ecosystem

From Services, to Distribution, to Monetization, cybercriminals are getting so organized, cybersecurity experts are now beginning to see how vast the relationships and connections really ...
Continue Reading

[THIS IS UGLY] A Hacker Got All My Texts for $16

VICE just revealed a 2FA hole you can drive a truck through. A gaping flaw in SMS lets hackers take over phone numbers in minutes by simply paying a company to reroute text messages. This ...
Continue Reading

The Evolving Cybercriminal Market Has Given Birth to Impersonation-as-a-Service as Attackers Seek to Impersonate at Scale

New research documents Impersonation-as-a-Service (IMPaaS) as an emerging threat where profiles of victim users are available to be used in campaigns where impersonation is critical.
Continue Reading

Microsoft Exchange Server hacks ‘doubling’ every two hours | ZDNet

Cyberattackers are taking full advantage of slow patch or mitigation processes on Microsoft Exchange Server with attack rates doubling every few hours.   According to Check Point ...
Continue Reading

Someone Hacked The Four Top Russian Cybercrime Forums In One Month

Intrepid investigative cyber security reporter Brian Krebs has some interesting news. He said: "Over the past few weeks, three of the longest running and most venerated Russian-language ...
Continue Reading

Dutch Intelligence Agencies Warn About Chinese and Russian Cyber Espionage

Chinese and Russian state hackers threaten the Dutch economy. Three Dutch intelligence agencies jointly sound the alarm about digital espionage in financial newspaper Het Financieele ...
Continue Reading

Why Small Businesses Often Say ‘Why Bother?’ When Dealing With Cybercrime

Well, it happened again. As a security professional, I hear a lot of things being said that are exaggerated or just plain untrue. I’ve become used to that, however, there is one phrase ...
Continue Reading

Ransomware Gangs Are Now Cold-Calling Victims If They Restore From Backups Without Paying

Catalin Cimpanu at ZDNet reported on another evil escalation in ransomware extortion tactics.  In attempts to put pressure on victims, some ransomware gangs are now cold-calling victims ...
Continue Reading

Conman in the Secret World

Last week, Garrison Courtney, a former spokesman for the US Drug Enforcement Administration, was sentenced to seven years in prison for running a massive Ponzi scheme involving dozens of ...
Continue Reading

An Autopsy of a $15 Million Heist

A company in the US lost $15 million in a two-month-long business email compromise scam, BleepingComputer reports. Researchers at Mitiga who investigated the attack told BleepingComputer ...
Continue Reading

[On-Demand] Your Organization Through the Eyes of an Attacker

The bad guys are out there, watching and waiting for an opportunity to strike. They are gathering information about your organization and users, devising the perfect plan to infiltrate ...
Continue Reading

The U.N. counterterrorism chief says a 350% increase in phishing websites was reported in Q1 2020

UNITED NATIONS -- A 350% increase in phishing websites was reported in the first quarter of the year, many targeting hospitals and health care systems and hindering their work responding ...
Continue Reading

6000% Increase in Phishing Attacks Leveraging COVID-19, Healthcare Industry Often The Target

On July 3rd just before the holiday weekend, Mount Auburn Hospital's IT team identified suspicious activity. Alarmed, they quickly took steps to disconnect the Cambridge hospital's ...
Continue Reading

[On-Demand Webinar] Hackers Exposed: Kevin Mitnick Shares His Tradecraft and Tools to Help You Hack Proof Your Network

Months of quarantine, transitioning to work from home, economic uncertainty, social and political turmoil… it’s easy to see why your employees are amped up, tense and distracted. And the ...
Continue Reading

It's the Best of 2020! Cyber CSI: Learn How to Forensically Examine Phishing Emails to Better  Protect Your Organization

Roger Grimes' lesson on how to forensically examine phishing emails received the highest viewer rating of any webinar so far this year. In case you missed it, make sure to watch this ...
Continue Reading

The Face of APT Actors

If I were to ask you to picture in your mind a shady criminal organisation consisting of cyber mercenaries, ones that took money from clients, asked no questions, and over the period of ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews