Security Awareness Training Blog

IT Security Blog

Get the most current news about the IT Security industry, what the latest threats are and what that means to security professionals.

Court Ruling Could Be Boon to Cyberheist Victims

[caption id="" align="alignleft" width="310" caption="Court Ruling Boon To Cyberheist Victims"][/caption] BrianKrebs reported some very good news. A decision handed down by a federal ...
Continue Reading

Cybercriminals Sniff Out Vulnerable Firms

[caption id="" align="aligncenter" width="560" caption="Small Firms Cyberheist Victims"][/caption] I could have written this headline myself. But I didn't, it was Sarah Needleman at the ...
Continue Reading

Training Fragmentation Causes Knowledge Gap

[caption id="" align="alignleft" width="350" caption="Training Fragmentation"][/caption] More and more, you see training companies promote their security awareness training products as ...
Continue Reading

FBI: High-tech Espionage Costs 13 Billlion

Michael Cooney over at NetworkWorld came up with a number: 13. "Driven by the general ease of stealing electronically stored data and the reality of growing global businesses, US ...
Continue Reading

Scam Of The Week Payroll Phish

[caption id="" align="aligncenter" width="500" caption="Payroll Phish"][/caption] The nakedsecurity blog over at Sophos highlighted a new phishing scam that would be good to alert your ...
Continue Reading

Malware Metastasizes

[caption id="" align="alignleft" width="230" caption="Malware Metastasizes"][/caption] A few days ago I wrote about a 60 million Euro cyberheist. I have been digging into this a bit more, ...
Continue Reading

Bank Settles With California Cyberheist Victim

[caption id="" align="alignleft" width="300" caption="Bank Settles With Cyberheist Victim"][/caption] Finally, a positive outcome in a cyberheist lawsuit. Brian Krebs reported that a ...
Continue Reading

60 Million Euro Stolen In Biggest Cyberheist Ever

[caption id="" align="alignleft" width="390" caption="60 million Cyberheist"][/caption] This is exactly what I have been warning against in my book cyberheist. McAfee and Guardian ...
Continue Reading

Need to protect a critical machine? Use Whitelisting, not Antivirus

[caption id="" align="alignleft" width="290" caption="2002 Good vs. Bad"][/caption] And now a mainstream antivirus vendor is saying this too. First of all, I have no dog in this fight, ...
Continue Reading

OMG - I did not know it was THIS horrible.

[caption id="" align="alignleft" width="290" caption="Top malware email attacks in past 30 days. Source: UAB"][/caption] More from Brian Krebs's astounding blog post today. "As the chart ...
Continue Reading

Microsoft : "Civilian casualties inevitable in government cyber war"

Alastair Stevenson at the V3 site quoted Microsoft: "Cyber attacks such as Duqu, Stuxnet and Flame will inevitably hurt private companies and innocent people as well as governments, ...
Continue Reading

Kevin Mitnick Partners With KnowBe4

[caption id="" align="alignleft" width="225" caption="Kevin Mitnick"][/caption] Kevin Mitnick Partners With KnowBe4 Kevin Mitnick, at One Time the World's Most-Wanted Hacker, Joins Forces ...
Continue Reading

Retelling a Password Nightmare in the Wake of the LinkedIn Password Leak

Alan Shimel tell us an enlightening and cautionary tale how his password was hijacked and how much time it took him to get it all back under control. This is a warmly recommended read ...
Continue Reading

Why antivirus companies failed to catch Flame and Stuxnet

Arstechnica picked up the blog post of F-Secure's Chief Research Officer: A/V outfits were out of their league. Mikko Hypponen is the Chief Research Officer of F-Secure. He has been ...
Continue Reading

Apple Releases Guide To iOS Security

Techcrunch wrote: "Apple has introduced a guide to iOS security, which was posted to Apple.com sometime in late May, but is just now being noticed outside the Apple developer community. ...
Continue Reading

Microsoft releases 'Anti-Flame' Update

Redmond stated: "We recently became aware of a complex piece of targeted malware known as “Flame” and immediately began examining the issue. As many reports assert, Flame has been used in ...
Continue Reading

Free Data Loss Prevention Suite

OpenDLP is a free and open source, agent- and agentless-based, centrally-managed, massively distributable data loss prevention tool released under the GPL. Given appropriate Windows, ...
Continue Reading

Over-55s Pick Passwords Twice As Secure As Teenagers

"People over the age of 55 pick passwords double the strength of those chosen by people under 25 years old. That's according to the largest ever study of password security, which also ...
Continue Reading

Malicious PowerPoint File Contains Exploit, Drops Backdoor

TrendLabs discovered a malicious MS PowerPoint document that arrives attached to email messages. The file contains an embedded Flash file, which exploits a software bug found in specific ...
Continue Reading

Aaaugh! 1 in 5 U.S. Windows PCs Lack Antivirus Defenses

Un-friggin-believable but true. Don't be one of them! Gregg Keizer at ComputerWorld was the first with this story. "Nearly a fifth of Windows PCs in the U.S. lack any active security ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews