Security Awareness Training Blog

IT Security Blog

Get the most current news about the IT Security industry, what the latest threats are and what that means to security professionals.

CyberheistNews Vol 3 #20

      Latest Attack Trend: 'Persistent Spear Phishing'
Continue Reading

Don't Get Hijacked On Social Media

John Mello over at Chief Security Magazine wrote today: "Online social networkers invite data marauders to compromise their accounts by choosing a convenient but risky option offered by ...
Continue Reading

CyberheistNews Vol 3, # 19

CyberheistNews Vol 3, # 19     Fraud-as-a-service Goes Mainstream
Continue Reading

REVIEWS: Kevin Mitnick Home Internet Security Course

Now that the Kevin Mitnick Home Internet Security Course is released and commercially available we thought you might be interested in hearing what people tell us when we ask them what ...
Continue Reading

Automated Twitter DM Spear Phishing

Automated Twitter DM Spear Phishing. It was to be expected. Cyber criminals now are able to scrape your followers from Twitter, and send you a Direct Message (DM) supposedly coming from ...
Continue Reading

The Problem With Our Security Models

Continue Reading

Georgia Tech Researchers Try To Stop Spear-phishing

Georgia Tech correctly identified that the most challenging threat facing corporate networks today is “spear phishing.” “Spear phishing is the most popular way to get into a corporate ...
Continue Reading

28 Percent of Data Breaches Lead to Fraud

Continue Reading

Cyberwar? Time To Calm Down A Bit

  The media has a field day with this whole China / Mandiant report, but there are a few issues being confused here. It's all good and well to make the public aware of the fact that ...
Continue Reading

Security firms slow to react to spear phishing like that used in China hack

Antone Gonsales at the CSO site hits the nail on the head: "Email security vendors have failed to do enough to protect customers against advanced cyberattacks like the one recently linked ...
Continue Reading

Which Antivirus Has The Best Phishing Protection? Surprise!

I ran across some very interesting research recently done by NSS Labs. They compared twelve of the most popular antivirus engines, they call them endpoint protection products (EPP) and ...
Continue Reading

New CyberSec Executive Order IT Impact Zero

Last Tuesday, the White House issued the long awaited CyberSec Executive Order, which makes an attempt to outline policies that will protect US organizations against cyber-attacks and ...
Continue Reading

Cyber Bullying

KnowBe4 is a market leader in security awareness training for employees in an office environment. However, when we asked people who finished the training what they thought, they said they ...
Continue Reading

Feb SANS Monthly Awareness Video

You may be familiar with our friends at SANS. For their 'Securing The Human' team, every month is security awareness month, same as here at KnowBe4. On the first of every month they post ...
Continue Reading

IT security equals job security

Did you ever expect that our IT networks would be a worldwide battleground for highly sophisticated cyber warfare? IT security certainly will provide job security for the next decade or ...
Continue Reading

DHS disable your Plug And Play

Today, Jan 29 2013, the Department of Homeland Security advises computer users to disable Universal Plug and Play (UPnP), after researchers at Rapid7 alerted DHS that hackers could ...
Continue Reading

Most Common Motivations Behind DDoS Attacks

Arbor networks Worldwide Infrastructure Security Report (WISR) shows that ideology is the primary attack motivation, followed by online gaming and vandalism. Click on the graphic to go to ...
Continue Reading

Fake Apple Invoices

Internet criminals are getting more and more inventive with their social engineering attacks. Here are two examples of fake Apple invoices. The first is an example from the Sophos blog ...
Continue Reading

Upper Management Often Ignores IT Security Policy

Over the years I have had a nagging suspicion that only today was confirmed. I ran into a study done last year done by a company called Cryptzone who interviewed 300 IT Security ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews