Security Awareness Training Blog

Hacking Blog

Hacking news about techniques cyberriminals use, how they (sometimes) get caught, the organizations that have been hacked and how it impacts their business.

Home Depot Hack Turns Into Criminal Negligence Scandal

Wait for the class-actions lawsuits to get unleashed. The lawyers are going to be over this one like white on rice. Ex-employees from the Home Depot IT technology group are now claiming ...
Continue Reading

Home Depot, Target Breaches Exploited Old WinXP Flaw

The massive security breaches and theft of credit card information at The Home Depot and Target have something in common. They were both allowed by a vulnerability in XP embedded that was ...
Continue Reading

Symantec: Crypto Ransomware Phishing Up 700 Percent in 2014

Very interesting data from Symantec. This is fresh from the press and shows Phishing, Spam and Malware trends. There is a PDF with a whole bunch more data, but these are the most relevant ...
Continue Reading

Is The Home Depot Hack Really Russian Retaliation?

Brian Krebs blogged: "Multiple banks say they are seeing evidence that Home Depot stores may be the source of a massive new batch of stolen credit and debit cards that went on sale this ...
Continue Reading

J.P. Morgan Hacked Because Malware Infects Employee PC

This morning, the Wall Street Journal reported on the front page that J.P. Morgan was hacked and suffered a cyberheist called "a significant breach of corporate computer security".
Continue Reading

Workers At U.S. Nuclear Regulator Fooled By Phishing

Antone Gonsalves at CSO reported something that worries me, and this SHOULD NOT BE at this day and age.
Continue Reading

Hacking Into Traffic Lights With a Plain Old Laptop Is Scary Simple

Gizmodo reported yesterday about a new study from the University of Michigan on the vulnerabilities of traffic lights which is shocking proof that we need to make some major changes, and ...
Continue Reading

Kevin Mitnick at Black Hat 2014

I was at Black Hat 2014, and Kevin Mitnick was also at at the show. He signed 700 books in a 3-hour span, whew! Here is the line that ran all the way back to the show floor. I took this ...
Continue Reading

Scam Of The Week: "For Sale: CyberVor False Sense Of Security"

Are the credentials of one of your users among the stash of the 1.2 billion stolen passwords? A small Internet security company will tell you for just a 120 bucks per year. Their ...
Continue Reading

Is Antivirus as Vulnerable as Any Other Product?

Joxean Koret, a security researcher from the Singapore-based Coseinc, using a "fuzzer" tool he built himself, found numerous remotely exploitable vulnerabilities in multiple antivirus ...
Continue Reading

New Cellphone Phishing Hack Pulls Data Out Of Computer Over Air

This is from a few weeks ago, and I only just got to it. Hackers can exfiltrate data via a cellphone and no longer need the Internet to invade and control a system, Ben Gurion University ...
Continue Reading

$440,000 Cyberheist Victim Now Needs To Pay Bank's Legal Fees

Talk about adding insult to injury. Brian Krebs has the update, he's been reporting on the legal gray area when cyber mafia steals hundreds of thousands out of a company's bank account. ...
Continue Reading

Elite Hackers Develop Cybercrime Attack Kits As Market Matures

Today, in the Wall Street Journal, an article told the story of a software product called blackshades that experts call a "rat" (Remote Access Trojan) which was commercially sold to cyber ...
Continue Reading

Malware Only Lives For A Few Hours

Rob Rachwald and Zheng Bu at FireEye came up with some interesting observations: "At FireEye, we look at hundreds of malware samples daily, and, in a recent talk at RSA Conference, Zheng ...
Continue Reading

Shocker Symantec Admits That Antivirus Is Dead

An article in the Wall Street Journal of May 5, 2014 summarized what I have been talking about these last few years. 25 years ago, Symantec was one of the first IT security companies to ...
Continue Reading

Verizon's New 2014 Data Breach Report: Summary

In IT, we are subject to help desk tickets and putting out fires. The problem with this is that most of these are short-term fixes. It is usually about last week's downtime, today's ...
Continue Reading

14 Things That Definitely Should Not Be On The Internet, But Are

You would think that after the recent few years of press showing the risks of the Internet that people would wise up. But no. To my astonishment it's getting worse, not better. Just have ...
Continue Reading

Hackers Used Spear Phishing Attack To Hack CNN Blogs

Security analysts at Intelligence firm InterCrawler published the details of the investigation on recent attack against CNN Blogs and social media accounts. Recently a few social media ...
Continue Reading

Which HackBusters Logo Do You Like Best?

You miss important IT security news because you aren’t subscribed to the right sources, or the relevant security news is snowed under simply because of the incredible volume. So KnowBe4 ...
Continue Reading

Dont Let Your C-Level Execs Wind Up At Capitol Hill Like This

Major U.S. retailers at Senate hearing: hackers have upper hand 
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews