Security Awareness Training Blog

Hacking Blog

Hacking news about techniques cyberriminals use, how they (sometimes) get caught, the organizations that have been hacked and how it impacts their business.

How Did Russians Hack The White House?

The White House told the press this week that its Executive Office of the President (EOP) network was hacked a few weeks ago, and pooh poohed the data breach by pointing out that it was ...
Continue Reading

What's -Really- The #1 Hot Security Topic?

There is an enormous amount of noise in the security space, so how do you know what people really talk about and think is the most important topic? Well, we created the Hackbusters site ...
Continue Reading

Survey Finds Half of Holiday Shoppers Will Avoid Hacked Stores

Huffington Post Survey: "As another holiday shopping frenzy nears, a new survey suggests that many consumers plan to avoid the growing number of retailers that have been hacked.
Continue Reading

Russian Cybercrime Rakes In $2.5 Billion These Last 12 Months

There is a Russian outfit called Group-IB. They released a report October 15th which goes into great detail on how Russian cybercrime makes its money. The picture is not pretty but very ...
Continue Reading

The Snappening - Snapchat naked selfies have leaked - but how?

Snapchat is supposed to not keep pictures and basically delete ("self-destruct") any pictures automatically. The ghostly cloud service itself was not hacked, but many megabytes of saved ...
Continue Reading

I was just interviewed on TV about the JP Morgan Hack

Tampa TV station 10News WTSP interviewed me about the JP Morgan Hack. You can see the short clip here:
Continue Reading

Home Depot Hack Turns Into Criminal Negligence Scandal

Wait for the class-actions lawsuits to get unleashed. The lawyers are going to be over this one like white on rice. Ex-employees from the Home Depot IT technology group are now claiming ...
Continue Reading

Home Depot, Target Breaches Exploited Old WinXP Flaw

The massive security breaches and theft of credit card information at The Home Depot and Target have something in common. They were both allowed by a vulnerability in XP embedded that was ...
Continue Reading

Symantec: Crypto Ransomware Phishing Up 700 Percent in 2014

Very interesting data from Symantec. This is fresh from the press and shows Phishing, Spam and Malware trends. There is a PDF with a whole bunch more data, but these are the most relevant ...
Continue Reading

Is The Home Depot Hack Really Russian Retaliation?

Brian Krebs blogged: "Multiple banks say they are seeing evidence that Home Depot stores may be the source of a massive new batch of stolen credit and debit cards that went on sale this ...
Continue Reading

J.P. Morgan Hacked Because Malware Infects Employee PC

This morning, the Wall Street Journal reported on the front page that J.P. Morgan was hacked and suffered a cyberheist called "a significant breach of corporate computer security".
Continue Reading

Workers At U.S. Nuclear Regulator Fooled By Phishing

Antone Gonsalves at CSO reported something that worries me, and this SHOULD NOT BE at this day and age.
Continue Reading

Hacking Into Traffic Lights With a Plain Old Laptop Is Scary Simple

Gizmodo reported yesterday about a new study from the University of Michigan on the vulnerabilities of traffic lights which is shocking proof that we need to make some major changes, and ...
Continue Reading

Kevin Mitnick at Black Hat 2014

I was at Black Hat 2014, and Kevin Mitnick was also at at the show. He signed 700 books in a 3-hour span, whew! Here is the line that ran all the way back to the show floor. I took this ...
Continue Reading

Scam Of The Week: "For Sale: CyberVor False Sense Of Security"

Are the credentials of one of your users among the stash of the 1.2 billion stolen passwords? A small Internet security company will tell you for just a 120 bucks per year. Their ...
Continue Reading

Is Antivirus as Vulnerable as Any Other Product?

Joxean Koret, a security researcher from the Singapore-based Coseinc, using a "fuzzer" tool he built himself, found numerous remotely exploitable vulnerabilities in multiple antivirus ...
Continue Reading

New Cellphone Phishing Hack Pulls Data Out Of Computer Over Air

This is from a few weeks ago, and I only just got to it. Hackers can exfiltrate data via a cellphone and no longer need the Internet to invade and control a system, Ben Gurion University ...
Continue Reading

$440,000 Cyberheist Victim Now Needs To Pay Bank's Legal Fees

Talk about adding insult to injury. Brian Krebs has the update, he's been reporting on the legal gray area when cyber mafia steals hundreds of thousands out of a company's bank account. ...
Continue Reading

Elite Hackers Develop Cybercrime Attack Kits As Market Matures

Today, in the Wall Street Journal, an article told the story of a software product called blackshades that experts call a "rat" (Remote Access Trojan) which was commercially sold to cyber ...
Continue Reading

Malware Only Lives For A Few Hours

Rob Rachwald and Zheng Bu at FireEye came up with some interesting observations: "At FireEye, we look at hundreds of malware samples daily, and, in a recent talk at RSA Conference, Zheng ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews