Security Awareness Training Blog

Cybersecurity Blog

Get the latest news in cybersecurity with in-depth coverage and analysis of current statiistics, developments and how to stay ahead of current threats.

I am a malware coder and botnet operator

This is a discussion on Reddit, where a (presumably Polish) malware coder and botnet operator very candidly answers questions from people. This is a fascinating but rather technical read, ...
Continue Reading

News - FBI warns against malware installed via hotel networks

The Internet Crime Complaint Center had this 'Intelligence Note': "Recent analysis from the FBI and other government agencies demonstrates that malicious actors are targeting travelers ...
Continue Reading

The personal cloud will eclipse the PC

The personal cloud is poised to eclipse the PC as the hub of consumers' digital lives by 2014 as rapid growth in the use of apps and services introduces a new paradigm for how people ...
Continue Reading

The Average Cyberespionage Attack Goes On For 416 Days

WIRED Mag has a great article by Kim Zetter. It boils down to the fact that high-level hackers are able to get and stay in your network. And even if you are able to kick them out, they ...
Continue Reading

Symantec Report Says User Behavior is Root of Most Breaches

Tracy Kitten over at BankInfoSecurity spotted something interesting in Symantec's recent Internet Security Threat Report. This is the upshot: "Which Internet security threats pose the ...
Continue Reading

How To Land A Cybersecurity Job

Just found an article in NetworkWorld by Carolyn Duffy Marsan that is very interesting. Here is a snippet: "One specific skill related to cloud security that's in demand: SAML. The ...
Continue Reading

Proof: Antivirus Only Defends Against Low-skilled Attackers

The SANS Computer Forensics and Incident Response team built a real-life network for their students so they could learn how to hack into the network. They put McAfee enterprise endpoint ...
Continue Reading

Scam Of The Week: Fake Storage Upgrades

Phishers are now offering fake storage upgrades. Symanted reported: "Customers of popular email service providers have been a common target for phishers for identity theft purposes. ...
Continue Reading

CISPA fight far from over. A Guide To The Cybersecurity Bill Alphabet Soup

Stefanie Hoffman over at Fortinet took the time to summarize the current cybersecurity bills. This fight is far from over, so you might want to take a look at what's cooking at Capitol ...
Continue Reading

Bogus PayPal payment alert causes malware infection

Gary Warner just reported: "A new malicious spam campaign has just launched this morning targeting Paypal users. This malware campaign attempts to "social engineer" users into clicking a ...
Continue Reading

Cybercrime uses hidden file extensions to trick users

Symantec contributor Fred Gutierrez shows clearly in this blog post why it can be deadly to click on a .JPG file: "Cybercriminals have continuously evolved their methods throughout the ...
Continue Reading

Make sure 'challenge questions' aren't a backdoor into your account!

The Lookout Mobile Security Blog pointed out something important. Patty talked about the man who hacked hollywood: "Finding a working e-mail address was a simple process of trial and ...
Continue Reading

Omaha cast net that caught cyberthieves

Matthew Hansen, World-Herald Staff Writer just wrote a great article that illustrates what I have been warning about these last years. It starts out like this: "Imagine for a moment that ...
Continue Reading

Hacking The Hackers: A Counter-Intelligence Operation

Marc Weber Tobias, a contributor to Forbes Magazine wrote a very interesting article: "One of our security lab team members is an ex-cyberspook who spent his career in the military doing ...
Continue Reading

If PCI Is Your Whole Security Program, You’re Not Doing Your Job Right

Steve Ragan at the SecurityWeek site, wrote: "Painless PCI assessments are possible if you work for them. For most CISOs, the pain of an audit is part of the job, but it doesn’t have to ...
Continue Reading

Antivirus 10-Second Flash Survey: Is this bonus attractive?

You're in the market to replace your existing Antivirus. One of the vendors on your shortlist has a Special Bonus they are offering. They are going to give you a free high-quality ...
Continue Reading

This is cool. USB drive uses voice recognition security

Fingerprint recognition has long been used to protect sensitive data on USB drives - here’s another approach. This 8GB USB storage device uses voice recognition software to detect a ...
Continue Reading

Bogus Olympics 2012 Email Warning Blindside Users With Malware

The upcoming London Olympics is undoubtedly one of the most highly-anticipated sports event of the year. It is also a favorite social engineering ploy among cybercriminals. Just recently, ...
Continue Reading

Weak passwords STILL subvert IT security

Jaikumar Vijayan over at Computerworld observed correctly: "A recent data breach that exposed the Social Security numbers of more than 280,000 people served as yet another reminder of the ...
Continue Reading

8 Dirty Secrets Of The IT Security Industry

Bill Brenner at CSO Magazine is quoting IBM ISS Security Strategist Joshua Corman who has been on a crusade with his 8 Dirty Secrets campaign. Here they are and I'm quoting Dirty Secret ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews