Security Awareness Training Blog

Cybersecurity Blog

Get the latest news in cybersecurity with in-depth coverage and analysis of current statiistics, developments and how to stay ahead of current threats.

The three ‘B’s’ of cybersecurity for small businesses

I just found a great article by Scott Shackelford, Associate Professor of Business Law and Ethics; Director, Ostrom Workshop Program on Cybersecurity and Internet Governance; ...
Continue Reading

[ALERT] You Want To Fix This MS-Word 0-day Threat Today

Monday night, researchers at Proofpoint sounded the alarm about a critical 0-day threat known as CVE-2017-0199 in Microsoft Word that allowed booby-trapped Dridex phishing attacks be sent ...
Continue Reading

Hourly Cost of Security Downtime Survey - Win $500 Amazon Cert

KnowBe4 and ITIC’s joint 2013-2014 Hourly Cost of Security Downtime Survey is live! The survey polls organizations on the cost of hourly downtime associated with security outages as well ...
Continue Reading

IT Security Is Broken Bad

With the TV show Breaking Bad in its last season, this seems to be a fun title. However, the topic is not all that much fun. You should realize it's not a question of when you will be ...
Continue Reading

Forbes: IT Security Industry To Expand Tenfold

Richard Stiennon, Forbes contributor makes a stunning prediction. He claims that most organizations have woefully underspent for IT Security and now that governments around the world have ...
Continue Reading

91% of cyberattacks begin with spear phishing email

Antony Savvas at Computerworld UK had a good write-up about this quite interesting news: "Some 91% of cyberattacks begin with a "spear phishing" email, according to research from security ...
Continue Reading

$345,000 Cyberheist Settles After Three Years Dispute

Patco Consulting was one of the first companies to seek protection via the courts after more than half a million dollars was stolen out of their bank via an account takeover by eastern ...
Continue Reading

One phishing email exposes millions of people to data theft in South Carolina cyberattack

NBC News reported: COLUMBIA, S.C. -- A single malicious email sent to workers at the South Carolina Department of Revenue last August enabled an international hacker to crack into state ...
Continue Reading

VCs Validate Security Awareness Training

I am very encouraged to see our friends at PhishMe getting 2.5 Million in Venture money to expand their business. With this new investment, Christopher Steed, Vice President at Paladin ...
Continue Reading

Alarming number of merchants unaware of PCI DSS

Help Net Security had the story: The last four years have been marked by continued growth in small business data compromise, yet small business owners are still missing the point of the ...
Continue Reading

How a Coca-Cola Exec Fell for a Hacker's E-mail Trick

In the annals of what-was-I-thinking moments in computer security, this has to be one of the most gobsmacking. According to a Bloomberg News investigation of a series of undisclosed ...
Continue Reading

7 shortcuts To Get Your Network Hacked Final Results

[caption id="" align="aligncenter" width="700"] Shortcuts To Get Hacked[/caption] October 30, 2012 we asked system administators: "In your opinion, what are the most gruesome errors a ...
Continue Reading

Top 5 Spear-Phishing Attacks Targeting Executives

Twice a year, KnowBe4 publishes the Top 5 spear-phishing attacks that are used to lure executives into clicking on links or open infected attachments. We recommend sending this list to ...
Continue Reading

The TOP 10 BYOD Gotchas

Did you know? On any given day across the globe, the number of iPhones sold will exceed the number of babies born (378,000 to 371,000) The problem is that mobile device security has not ...
Continue Reading

Researcher Warns 'Zombie Browsers' Are Skyrocketing

Ellen Messmer at Network World covered this one: "Some Web browsers can be tricked into using so-called "malicious extensions" that can give hackers the ability to hijack the user's ...
Continue Reading

2013 Security Awareness Training Survey

I just recevied some interesting information. SearchSecurity.com surveyed IT professionals about their end-user security training purchase intentions for 2013. The numbers are revealing. ...
Continue Reading

Why We Are Doing This

Some of you might remember Sunbelt Software, which from 1996 to 2010 sold system admin and security tools for Windows Server. I am one of the two co-founders of Sunbelt. After ...
Continue Reading

Cybergeddon - New Web Series Sponsored By Symantec

[caption id="Cybergeddon" align="aligncenter" width="570"]Missy Peregrym in the Yahoo Web series Cybergeddon Still from Cyberteddon © Yahoo. All rights reserved.[/caption] Not sure how I ...
Continue Reading

Fake Amex ID Verification

[caption id="" align="alignleft" width="260" caption="Fake Amex ID Verification"][/caption] OK, here is another one to warn everyone about, especially the employees that have a ...
Continue Reading

Spot the security "no-no"

[caption id="" align="alignleft" width="260" caption="Spot the security "no-no""][/caption] Wow, talk about a TV interview that contains a massive vulnerability. We think this is a press ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews