Security Awareness Training Blog

Hacking Blog

Hacking news about techniques cyberriminals use, how they (sometimes) get caught, the organizations that have been hacked and how it impacts their business.

J.P. Morgan Hacked Because Malware Infects Employee PC

This morning, the Wall Street Journal reported on the front page that J.P. Morgan was hacked and suffered a cyberheist called "a significant breach of corporate computer security".
Continue Reading

Workers At U.S. Nuclear Regulator Fooled By Phishing

Antone Gonsalves at CSO reported something that worries me, and this SHOULD NOT BE at this day and age.
Continue Reading

Hacking Into Traffic Lights With a Plain Old Laptop Is Scary Simple

Gizmodo reported yesterday about a new study from the University of Michigan on the vulnerabilities of traffic lights which is shocking proof that we need to make some major changes, and ...
Continue Reading

Kevin Mitnick at Black Hat 2014

I was at Black Hat 2014, and Kevin Mitnick was also at at the show. He signed 700 books in a 3-hour span, whew! Here is the line that ran all the way back to the show floor. I took this ...
Continue Reading

Scam Of The Week: "For Sale: CyberVor False Sense Of Security"

Are the credentials of one of your users among the stash of the 1.2 billion stolen passwords? A small Internet security company will tell you for just a 120 bucks per year. Their ...
Continue Reading

Is Antivirus as Vulnerable as Any Other Product?

Joxean Koret, a security researcher from the Singapore-based Coseinc, using a "fuzzer" tool he built himself, found numerous remotely exploitable vulnerabilities in multiple antivirus ...
Continue Reading

New Cellphone Phishing Hack Pulls Data Out Of Computer Over Air

This is from a few weeks ago, and I only just got to it. Hackers can exfiltrate data via a cellphone and no longer need the Internet to invade and control a system, Ben Gurion University ...
Continue Reading

$440,000 Cyberheist Victim Now Needs To Pay Bank's Legal Fees

Talk about adding insult to injury. Brian Krebs has the update, he's been reporting on the legal gray area when cyber mafia steals hundreds of thousands out of a company's bank account. ...
Continue Reading

Elite Hackers Develop Cybercrime Attack Kits As Market Matures

Today, in the Wall Street Journal, an article told the story of a software product called blackshades that experts call a "rat" (Remote Access Trojan) which was commercially sold to cyber ...
Continue Reading

Malware Only Lives For A Few Hours

Rob Rachwald and Zheng Bu at FireEye came up with some interesting observations: "At FireEye, we look at hundreds of malware samples daily, and, in a recent talk at RSA Conference, Zheng ...
Continue Reading

Shocker Symantec Admits That Antivirus Is Dead

An article in the Wall Street Journal of May 5, 2014 summarized what I have been talking about these last few years. 25 years ago, Symantec was one of the first IT security companies to ...
Continue Reading

Verizon's New 2014 Data Breach Report: Summary

In IT, we are subject to help desk tickets and putting out fires. The problem with this is that most of these are short-term fixes. It is usually about last week's downtime, today's ...
Continue Reading

14 Things That Definitely Should Not Be On The Internet, But Are

You would think that after the recent few years of press showing the risks of the Internet that people would wise up. But no. To my astonishment it's getting worse, not better. Just have ...
Continue Reading

Hackers Used Spear Phishing Attack To Hack CNN Blogs

Security analysts at Intelligence firm InterCrawler published the details of the investigation on recent attack against CNN Blogs and social media accounts. Recently a few social media ...
Continue Reading

Which HackBusters Logo Do You Like Best?

You miss important IT security news because you aren’t subscribed to the right sources, or the relevant security news is snowed under simply because of the incredible volume. So KnowBe4 ...
Continue Reading

Yahoo Email Hacked

Yahoo warned yesterday that unknown attackers have attempted to access a number of Yahoo Mail accounts, and urged users to change their passwords even if they haven't been affected. Jay ...
Continue Reading

The History Of Hacking In 5 Minutes For Dummies

What do you do when you need to explain the history of hacking to a busy non-technical manager in five minutes or less? Here is an attempt to make this extremely complex subject into a ...
Continue Reading

Even the tech-savvy get their accounts hacked...

By Steve Ragan , Staff Writer at CSO wrote: "October 22, 2013 — The millennial generation, those of us who were born and raised alongside the Internet, should be wise enough to avoid ...
Continue Reading

New Cybercrime-as-a-Service: Unethical Pen-testing

I have talked about this a few times before, there is a well-developed $3 Billion underground economy specialized in cybercrime. Here is an example of a "promising" new criminal DIY ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews