Security Awareness Training Blog

Cybersecurity Blog

Get the latest news in cybersecurity with in-depth coverage and analysis of current statiistics, developments and how to stay ahead of current threats.

Get Ready: International Fraud Awareness Week

November 12-18, 2023 is International Fraud Awareness Week and I know what you are thinking: “Didn’t we just have an entire month dedicated to cyber fraud and cybersecurity in general?” ...
Continue Reading

74% of CEOs Concerned About Their Organization's Ability to Protect Against Cyber Attacks, Despite Seeing Cybersecurity as Critical

According to the recent The Cyber-Resilient CEO report released by IT services and consulting agency Accenture, a staggering 74% of CEOs have expressed concerns about their organizations' ...
Continue Reading

New Gartner Forecast Shows Global Security and Risk Management Spending to Increase by 14% in 2024

Gartner issued a press release that forecasted global security and risk management end-user spending to reach $188.1 billion, along with worldwide end-user spending on security and risk ...
Continue Reading

Generative AI and the Automation of Social Engineering Increasingly Used By Threat Actors

Threat actors continue to use generative AI tools to craft convincing social engineering attacks, according to Glory Kaburu at Cryptopolitan.
Continue Reading

Lazarus Attack on Spanish Aerospace Company Started with Messages from Phony Meta Recruiters

A recent attack on an undisclosed Spanish aerospace company all started with messages to the company's employees that appeared to be coming from Meta recruiters, via LinkedIn Messaging. ...
Continue Reading

Security Awareness Is Dead. Long Live Security Awareness

Our actions determine outcomes, not our thoughts, our knowledge, or our intentions.
Continue Reading

Threat Group UNC3944 Continues to See Success Using Text-Based Social Engineering

A new update on UNC3944 group's activities shows how they are evolving their focus squarely on SMiShing credential harvesting attacks that result in data theft/extortion attacks.
Continue Reading

Facebook Messenger Becomes the Delivery Mechanism for Infostealer Malware Attack

Millions of business accounts on Facebook are the target of a new malware attack, which is seeing a success rate of 1 out of 70, causing concern for the security of corporate credentials.
Continue Reading

New Threat Actor Impersonates the Red Cross to Deliver Malware

Researchers at NSFOCUS are tracking a phishing campaign by a new threat actor called “AtlasCross” that’s impersonating the Red Cross in order to deliver malware.
Continue Reading

Exploring the DORA: Key Takeaways from the New EU Financial Sector Risk Regulation

When asked why he robbed banks, Willie Sutton, one of the first fugitives named to the U.S. FBI’s most wanted list, reportedly replied, “Because that’s where the money is.” As any infosec ...
Continue Reading

Practical Insights To Improve Security Awareness in Higher Education

I am a strong believer that understanding cybersecurity as part of an organization-wide process is of the utmost importance.
Continue Reading

Deepfakes: The Threat to Reality and How To Defend Against It

Deepfakes have emerged as a serious concern in the digital landscape, presenting a significant threat to truth and trust.
Continue Reading

Tools From Cybercrime Software Vendor W3LL Found to be Behind the Compromise of 56K Microsoft 365 Accounts

A new report uncovers the scope and sophistication found in just one cybercrime vendor’s business that has aided credential harvesting and impersonation attacks for the last 6 years.
Continue Reading

MFA Defenses Fall Victim to New Phishing-As-A-Service Offerings

ZeroFox warns that phishing-as-a-service (PhaaS) offerings are increasingly including features to bypass multi-factor authentication.
Continue Reading

Tighter Policies Mixed with Higher Costs Are Creating a Cyber Insurance Gap

New data on the state of cyber insurance shows that it’s becoming more difficult to get a policy, and the organizations obtaining one share that circumstances could cause denial of claims.
Continue Reading

TikTok Impersonations of Elon Musk Scam Victims of Their Bitcoin

There’s been a surge of Elon Musk-themed cryptocurrency scams on TikTok, BleepingComputer reports. The scammers inform the victims that they can claim their reward after spending a small ...
Continue Reading

Data Breach Costs Rise, But Cybersecurity Pros Still Take Risks

The latest data from IBM shows that the average cost of a data breach has gone up by 2% to a whopping $4.45 million. You would think that in the cybersecurity industry, people would be ...
Continue Reading

The International Joint Commission Falls Victim to Ransomware Attack; 80GB Of Data Stolen

The International Joint Commission (ICJ), an organization that handles water issues along the Canada–United States border, was hit by a ransomware attack, the Register reports.
Continue Reading

New Scam Impersonates QuickBooks to Steal Credentials, Extract Money

Establishing urgency through a false need to “upgrade” or lose services, this new attack takes advantage of the widespread use of the popular accounting app to attract victims.
Continue Reading

Microsoft (Once Again) Tops the List of Most Impersonated Brands in 2023

Out of the over 350 brands regularly impersonated in phishing attacks, Microsoft continues to stand out because they provide attackers with one unique advantage over other brands.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews