Security Awareness Training Blog

Cybersecurity Blog

Get the latest news in cybersecurity with in-depth coverage and analysis of current statiistics, developments and how to stay ahead of current threats.

The European Union's Unified Approach to Cybersecurity: The Cyber Solidarity Act

The construction of a more cyber resilient European Union (EU) took a remarkable step forward this past week as negotiators from the European Parliament and the European Council reached a ...
Continue Reading

Security Teams Spend 71 Hours Responding to Every One Hour in a Cyber Attack

New data sheds light on what kinds of cyber attacks are targeting your cybersecurity team, what it’s costing them, why it’s taking so much time to fix, and where you should focus ...
Continue Reading

Chinese Hackers Spy on Dutch Ministry of Defense: A Story of Alarming Cyber Espionage

In a revelation that adds yet another chapter to the ongoing saga of international cybersecurity threats, the Dutch Ministry of Defense recently shed light on a significant security ...
Continue Reading

Roblox Game 'Hack-A-Cat' Now Part of the Free KnowBe4 Children’s Interactive Cybersecurity Activity Kit

If you haven’t heard of Roblox, you probably don’t have kids like me. Roblox is an online virtual world/metaverse that has been around since 2006 that allows people to play with others ...
Continue Reading

Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them

Navigating the cloud security landscape is no walk in the park. It requires IT professionals like you to not only tackle traditional security threats, such as managing data access and ...
Continue Reading

Missing the Lock Icon in Chrome’s Address Bar? It’s a Move to Make You More Secure

In response to what Google calls “over trust” in the web address lock icon to indicate that a site is authentic and its’ communications are secure, they’ve swapped the lock out in an ...
Continue Reading

Interest in AI-Generated ‘Undressing’ Increases 2000% as it Becomes a Mainstream Online Business

The advent of non-consensual intimate imagery (NCII) as a monetized business on the Internet has shifted pornography into the realm of undressing anyone you like.
Continue Reading

New SEC Rules Will Do More Than Result in Quick Breach Reporting

On July 26, the U.S. Security & Exchange Commission (SEC) announced several new cybersecurity rules, taking affect mid-December 2023, that will significantly impact all U.S. ...
Continue Reading

What Do the Latest SEC Charges Against Solarwinds’ CISO Mean for CISOs Everywhere?

In this blog, we'll take a look at the well-known Sunburst attack of 2018 and how the specific charges stemming from this attack will impact Chief Information Security Officers (CISOs) ...
Continue Reading

Get Ready: International Fraud Awareness Week

November 12-18, 2023 is International Fraud Awareness Week and I know what you are thinking: “Didn’t we just have an entire month dedicated to cyber fraud and cybersecurity in general?” ...
Continue Reading

74% of CEOs Concerned About Their Organization's Ability to Protect Against Cyber Attacks, Despite Seeing Cybersecurity as Critical

According to the recent The Cyber-Resilient CEO report released by IT services and consulting agency Accenture, a staggering 74% of CEOs have expressed concerns about their organizations' ...
Continue Reading

New Gartner Forecast Shows Global Security and Risk Management Spending to Increase by 14% in 2024

Gartner issued a press release that forecasted global security and risk management end-user spending to reach $188.1 billion, along with worldwide end-user spending on security and risk ...
Continue Reading

Generative AI and the Automation of Social Engineering Increasingly Used By Threat Actors

Threat actors continue to use generative AI tools to craft convincing social engineering attacks, according to Glory Kaburu at Cryptopolitan.
Continue Reading

Lazarus Attack on Spanish Aerospace Company Started with Messages from Phony Meta Recruiters

A recent attack on an undisclosed Spanish aerospace company all started with messages to the company's employees that appeared to be coming from Meta recruiters, via LinkedIn Messaging. ...
Continue Reading

Security Awareness Is Dead. Long Live Security Awareness

Our actions determine outcomes, not our thoughts, our knowledge, or our intentions.
Continue Reading

Threat Group UNC3944 Continues to See Success Using Text-Based Social Engineering

A new update on UNC3944 group's activities shows how they are evolving their focus squarely on SMiShing credential harvesting attacks that result in data theft/extortion attacks.
Continue Reading

Facebook Messenger Becomes the Delivery Mechanism for Infostealer Malware Attack

Millions of business accounts on Facebook are the target of a new malware attack, which is seeing a success rate of 1 out of 70, causing concern for the security of corporate credentials.
Continue Reading

New Threat Actor Impersonates the Red Cross to Deliver Malware

Researchers at NSFOCUS are tracking a phishing campaign by a new threat actor called “AtlasCross” that’s impersonating the Red Cross in order to deliver malware.
Continue Reading

Exploring the DORA: Key Takeaways from the New EU Financial Sector Risk Regulation

When asked why he robbed banks, Willie Sutton, one of the first fugitives named to the U.S. FBI’s most wanted list, reportedly replied, “Because that’s where the money is.” As any infosec ...
Continue Reading

Practical Insights To Improve Security Awareness in Higher Education

I am a strong believer that understanding cybersecurity as part of an organization-wide process is of the utmost importance.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews