Security Awareness Training Blog

IT Security Blog

Get the most current news about the IT Security industry, what the latest threats are and what that means to security professionals.

INFOGRAPHI​C: The Illusion of Personal Data Security in E-Commerce

Dashlane’s first quarterly Personal Data Security Roundup was released recently. The roundup takes a look at password policies of the top 100 e-commerce sites, and the results are ...
Continue Reading

What Is The Deep Web 101

Pierluigi Paganini wrote a great blog post today. The Deep Web (or Invisible Web) is all the information on the World Wide Web not reported by normal search engines. It's HUGE. According ...
Continue Reading

December 2013: 1 in 164 emails infected with some malware

Symantec's  Intelligence Report for December 2013 is out. To no one's surprise the rate of infected emails is increasing dramatically last quarter, it looked like this
Continue Reading

PCI DSS 3.0 Compliance – What’s New? An Infographic…

Last month, the PCI Security Standards Council (PCI SSC) officially released the v3.0 compliance standards, but it will take some time before everyone involved (merchants, service ...
Continue Reading

Consider security training before high-end technology

CompterWeekly.com's "Security Think Tank" section has an opinion piece by Mike Gilespie that's right out of the KnowBe4 playbook.  
Continue Reading

Windows Crash Reports Let NSA Spy On People

Continue Reading

History Repeats Itself And IT Security Suffers

Continue Reading

Interesting info on phishing and social engineering on 60 minutes

Last weekend, 60-minutes had a special about the NSA which spoke out on Snowden and spying. The headline was: "The NSA gives unprecedented access to the agency's HQ and, for the first ...
Continue Reading

Your AntiVirus Does Not See NSA's Botnet

The revelations are getting wilder by the week. The NSA has its own botnet, they infected more than 50,000 computer networks worldwide with malicious software designed to steal sensitive ...
Continue Reading

5 Easy Steps To Create Strong Passwords

5 Easy Steps To Create Strong Passwords First, some Hints and Tips: * Keep your passwords private – never share a password with anyone else. * Do not write down your passwords.  * Use ...
Continue Reading

A Serious Legal Liability: Bad or No Security Awareness Training

Please read this article and then forward it to the head of your legal department or the person in your organization who is responsible for compliance. Recently, the Department of Health ...
Continue Reading

What's Next for IT Debate #3 Does Infrastructure Really Matter?

You can see and hear me September 17th at 1pm, 10am PT. The subject is: "Does Infrastructure Really Matter -- What clients don't know can hurt them"
Continue Reading

April 8, 2014: WinXPGeddon

If you still run Windows XP April 2014, you've got a timebomb on your hands if that system is still connected to the Internet. Stand-alone systems are a bit less of a risk. 
Continue Reading

Spear-phishing attackers vandalize CNN, TIME and Wash Post

You would think that by now journalists and people in media and advertising would be on the alert for social engineering red flags. But no. Syrian hacktivists sent a spear-phishing attack ...
Continue Reading

Liberty and Security - it's not an either/or choice

My good friend Mac Graham just sent me this article that I think is thoughtful, balanced and provides a very interesting solution for this "Liberty versus Security" problem.  (Full ...
Continue Reading

Congressional Aides Targeted By Spear-phishing Attacks

Image Credit: Reuters/Cary Cameron
Continue Reading

The One Security Technology That Actually Works: Application Control

July 16, 2013, Roger Grimes wrote an article in InfoWorld that was straight out of my mind. He said: "Antivirus, perimeter defense, and network monitoring are jokes. But whitelisting ...
Continue Reading

System Administrator Appreciation Day Is Coming Soon!

I wanted to make sure everyone was aware of an important, upcoming holiday. No, it is not the 4th of July (although that is almost here, too)... it's System Administrator Appreciation ...
Continue Reading

POLL: "YOU are in IT. Is it OK what the NSA is doing?"

A new Washington Post-Pew Research Center poll asked Americans if they consider the NSA's practice of obtaining telephone calls and email through secret court orders "acceptable." As the ...
Continue Reading

The Seven Deadly Social Engineering Vices

(updated June 17, 2015) You may not be aware that there is a scale of seven deadly vices connected to social engineering. The deadliest social engineering attacks are the ones that have ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews