Facebook Messenger Becomes the Delivery Mechanism for Infostealer Malware Attack

Sep 28, 2023 4:19:23 PM By Stu Sjouwerman

Millions of business accounts on Facebook are the target of a new malware attack, which is seeing a success rate of 1 out of 70, causing concern for the security of corporate credentials.

New Threat Actor Impersonates the Red Cross to Deliver Malware

Sep 28, 2023 9:17:22 AM By Stu Sjouwerman

Researchers at NSFOCUS are tracking a phishing campaign by a new threat actor called “AtlasCross” that’s impersonating the Red Cross in order to deliver malware.

Exploring the DORA: Key Takeaways from the New EU Financial Sector Risk Regulation

Sep 28, 2023 8:00:00 AM By Stu Sjouwerman

When asked why he robbed banks, Willie Sutton, one of the first fugitives named to the U.S. FBI’s most wanted list, reportedly replied, “Because that’s where the money is.” As any infosec ...

Practical Insights To Improve Security Awareness in Higher Education

Sep 26, 2023 9:40:31 AM By Martin Kraemer

I am a strong believer that understanding cybersecurity as part of an organization-wide process is of the utmost importance.

Deepfakes: The Threat to Reality and How To Defend Against It

Sep 26, 2023 9:40:12 AM By Javvad Malik

Deepfakes have emerged as a serious concern in the digital landscape, presenting a significant threat to truth and trust.

Tools From Cybercrime Software Vendor W3LL Found to be Behind the Compromise of 56K Microsoft 365 Accounts

Sep 25, 2023 8:00:00 AM By Stu Sjouwerman

A new report uncovers the scope and sophistication found in just one cybercrime vendor’s business that has aided credential harvesting and impersonation attacks for the last 6 years.

MFA Defenses Fall Victim to New Phishing-As-A-Service Offerings

Sep 25, 2023 8:00:00 AM By Stu Sjouwerman

ZeroFox warns that phishing-as-a-service (PhaaS) offerings are increasingly including features to bypass multi-factor authentication.

Tighter Policies Mixed with Higher Costs Are Creating a Cyber Insurance Gap

Sep 20, 2023 4:40:42 PM By Stu Sjouwerman

New data on the state of cyber insurance shows that it’s becoming more difficult to get a policy, and the organizations obtaining one share that circumstances could cause denial of claims.

TikTok Impersonations of Elon Musk Scam Victims of Their Bitcoin

Sep 20, 2023 9:07:37 AM By Stu Sjouwerman

There’s been a surge of Elon Musk-themed cryptocurrency scams on TikTok, BleepingComputer reports. The scammers inform the victims that they can claim their reward after spending a small ...

Data Breach Costs Rise, But Cybersecurity Pros Still Take Risks

Sep 20, 2023 8:10:03 AM By Stu Sjouwerman

The latest data from IBM shows that the average cost of a data breach has gone up by 2% to a whopping $4.45 million. You would think that in the cybersecurity industry, people would be ...

The International Joint Commission Falls Victim to Ransomware Attack; 80GB Of Data Stolen

Sep 18, 2023 12:04:34 PM By Stu Sjouwerman

The International Joint Commission (ICJ), an organization that handles water issues along the Canada–United States border, was hit by a ransomware attack, the Register reports.

New Scam Impersonates QuickBooks to Steal Credentials, Extract Money

Sep 15, 2023 10:20:14 AM By Stu Sjouwerman

Establishing urgency through a false need to “upgrade” or lose services, this new attack takes advantage of the widespread use of the popular accounting app to attract victims.

Microsoft (Once Again) Tops the List of Most Impersonated Brands in 2023

Sep 15, 2023 10:19:58 AM By Stu Sjouwerman

Out of the over 350 brands regularly impersonated in phishing attacks, Microsoft continues to stand out because they provide attackers with one unique advantage over other brands.

Board Members' Lack of Security Awareness Puts Businesses at Risk of Cyber Attacks, Finds Savanti Report

Sep 15, 2023 10:19:45 AM By Stu Sjouwerman

A report from cybersecurity consultancy Savanti reveals that board members are facing challenges in understanding cyber risks, and this has important implications for businesses.

Can You Guess Common Phishing Themes in Southeast Asia?

Sep 13, 2023 9:07:52 AM By Stu Sjouwerman

Researchers at Cyfirma outline trends in phishing campaigns around the world, finding that Singapore is disproportionately targeted by phishing attacks.

AP Stylebook Data Breach Compromises Customer Personal Information

Sep 12, 2023 2:32:48 PM By Stu Sjouwerman

The Associated Press (AP) has disclosed a data breach affecting the legacy AP Stylebook website that led to phishing attacks against impacted customers, BleepingComputer reports.

Microsoft Teams Phishing Campaign Distributes DarkGate Malware

Sep 11, 2023 8:55:42 AM By Stu Sjouwerman

Researchers at Truesec are tracking a phishing campaign that’s distributing the DarkGate Loader malware via external Microsoft Teams messages.

New Telekopye Phishing Toolkit Uses Telegram-Based Bots To Turn Novice Scammers into Experts

Sep 8, 2023 8:13:13 AM By Stu Sjouwerman

The Telekopye toolkit allows scammers to create phishing websites, send fraudulent SMS messages and emails, and target popular Russian and non-Russian online marketplaces.

Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication Methods

Sep 8, 2023 8:00:00 AM By Stu Sjouwerman

Inadequate authentication measures leave your digital identity vulnerable to cybercriminals. Tools like multi-factor authentication, biometrics, passwords, PINs and tokens are more ...

Nearly One-Quarter of Financial-Themed Spam Emails are Phishing Attacks

Sep 1, 2023 10:23:14 AM By Stu Sjouwerman

While spam tends to be dismissed as being more of an annoyance, new research shows that there is a very real and ever-present threat in emails that are marked as “spam”.

Security Awareness Training Blog

Cybersecurity Blog

View Topics