Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.

Mandiant M-Trends 2017: "Cybercrime Skills Now On Par With Nation States"

There was some good news reported in Mandiant's M-Trends 2017 report, but this was heavily outweighed by a lot of very bad news.

Mandiant, which is a Fireye company, found that in 2016 companies are becoming a little better at identifying breaches with the average number of days between being compromised and discovery now at 99 days, down from 146 days in 2015. However more than 3 months is an eternity on the internet, and cybercrime bad guys can make off with the crown jewels in just a few days.

Former NSA Director Michael Hayden: "We have a Russia Problem"

I have been saying this here for the last few years, but if you get it confirmed by a former NSA director, that's nice to hear. The Wall Street Journal just reported that President Barack Obama has instructed U.S.  intelligence agencies to investigate hacking activity aimed at meddling in the 2016 election.

The same article shows a video with an interview at WSJ's Future of Cybersecurity breakfast, Former NSA Director Michael Hayden says the Russians "weaponized" information gleaned from hacking DNC emails to erode America's confidence in our political process. And he tells WSJ's John Bussey how the U.S. should retaliate.

Russian Central Bank Loses 2 Billion Rubles in Cyberheist

Reuters reported that hackers stole more than 2 billion rubles ($31 million) from correspondent accounts at the Russian central bank, the bank said on Friday. 

“We can’t say exactly when, but we can say today it was stolen,”Ekaterina Glebova, an official in the central bank’s press office, told The Wall Street Journal.

Central bank official Artyom Sychyov discussed the losses at a briefing, saying that the hackers had attempted a cyberheist of about 5 billion rubles.

The Top Five Names In Cybersecurity

Looking for the top names in cybersecurity? Look no further than the Cybersecurity 500 list of the world’s hottest and most innovative cybersecurity companies:

The Q4 2016 edition was just published by Cybersecurity Ventures. Going down the list, we take a look at the top five names from a branding and marketing perspective. 

10 Ways To Avoid Holiday Scams

With the biggest cybercriminal hacking holidays of the year upon us, it's time for a reminder of red flags to pay attention to when shopping either online or in brick-and-mortar stores. 

New Version of iSpy Trojan Steals Your Software Licenses

Earlier this year we posted about Jsocket, a highly malicious Trojan that we spotted being delivered through phishing emails shared with us via the Phish Alert Button (PAB).  

Although ransomware has been grabbing the majority of security-related headlines, malicious RATs and Trojans like Jsocket (and its evil cousins Adwind and AlienSpy) remain an important part of the online threat landscape, allowing malicious actors to monetize compromised systems and networks in a variety of ways.

Coming Soon to an Inbox Near You: A New Type Of Tech Support Scam

By Eric Howes,  KnowBe4 Principal Lab Researcher.

Yesterday we spotted an unusual phishing email that we'd like to share with readers. If nothing else, it tells us that the increased security-related customer messaging adopted by many online service providers has paradoxically provided malicious parties of all kinds with new material to exploit when social engineering users.

First, a bit of background, though.

Cyber Attack Maps...Accurate Or Just Eye Candy?

Here are the top 5 Cyber Attack Maps found in Google. They all seem to show the cyber attacks in a slightly different perspective. This is the Norse attack map as an example:

14 Ways A Cyberheist Hits Your Bottom Line: Total Cost Of A Hack

What is the true cost of a data breach? After analyzing a health plan breach, research firm Deloitte says the toll of a cyberheist is significantly underestimated. The firm in a report cites 14 factors that could have a significant impact on your organization and affect its financial stability. This is excellent ammo to get more InfoSec budget that breaks out above the surface and below the surface costs. This is the link to the slideshow:

Scam Of The Week: Orlando Nightclub Phishing Attacks

Just when you think they cannot sink any lower, criminal internet scum is now exploiting the tragedy in Orlando. Unfortunately, from this spot I have been warning about these lowlifes before when earlier similar incidents like this happened. You need to alert your employees, friends and family... again.

Subscribe To Our Blog

Phish Your Users

Get the latest about social engineering

Subscribe to CyberheistNews