Legitimate Services, but still Hook, Line, and Sinker

Sep 8, 2020 7:03:00 AM By Stu Sjouwerman

A malware distribution campaign is abusing organizations’ contact forms to send malicious emails designed to catch the attention of companies’ customer support personnel. The attackers ...

Organizations Aren’t Prepared to Recover from Cyberattacks on Active Directory

Sep 2, 2020 8:26:55 AM By Stu Sjouwerman

Cybercriminals are increasingly leveraging Active Directory to spread malware and even hold the organization for ransom. New data suggests you’re nowhere near ready for it.

QBot is Back With New Phishing Tricks

Aug 31, 2020 8:22:24 AM By Stu Sjouwerman

Researchers at Check Point warn that the QBot banking Trojan now has the ability to hijack email threads on infected devices and send malicious emails to the victim’s contacts. The ...

Watch Out! Cybersecurity and Infrastructure Security Agency Warn of New VBA Attack Designed to Deploy KONNI Remote Administration Tool

Aug 25, 2020 10:42:10 AM By Stu Sjouwerman

A new alert from CISA outlines just how dangerous and intrusive the KONNI malware is in organizations that fall for phishing attacks using Word attachments with malicious VBA code.

FakeSpy Android Malware Distributed via Smishing

Jul 7, 2020 8:29:13 AM By Stu Sjouwerman

Researchers at Cybereason are tracking a sophisticated malware campaign targeting Android devices around the world. The campaign involves a new version of the FakeSpy information-stealing ...

New Phishing Attack Targets 200M+ Microsoft 365 Accounts Via Malicious Excel .SLK Files to Bypass Security

Jul 6, 2020 3:10:03 PM By Stu Sjouwerman

Using an old (but supported) Excel filetype, attackers can bypass both Exchange Online Protection and Advanced Threat Protection to run malicious macros.

[Heads Up] A New Devilish Malware Worm Called Lucifer Is Targeting Your Windows Workstations

Jun 25, 2020 10:31:51 AM By Stu Sjouwerman

Palo Alto Networks’ Unit 42 Security experts have identified a malware worm called Lucifer, that targets Windows systems with cryptojacking and distributed denial-of-service (DDoS) ...

Why BEC Punches Above Its Weight

Jun 9, 2020 8:27:09 AM By Stu Sjouwerman

Business email compromise (BEC) attacks are particularly insidious because they don’t use malware payloads or malicious URLs. That’s a reminder from Evan Reiser, CEO and co-founder of ...

Fake Zoom Downloader is the Latest Method of Attack on Remote Workers

May 7, 2020 10:33:08 AM By Stu Sjouwerman

Riding on the coattails of the massive rise in popularity in the video conference solution, remote workers new to Zoom need to be wary of where they download the installer.

Implausible Phishbait, But Someone May Bite

May 6, 2020 8:24:27 AM By Stu Sjouwerman

Scammers are impersonating FINRA, the Financial Industry Regulatory Authority, in an attempt to deliver malware or steal SharePoint credentials, Help Net Security reports. FINRA issued an ...

New COVID-19 Malware Variants Render Your Endpoints Useless

Apr 20, 2020 8:37:09 AM By Stu Sjouwerman

Forget cybercriminals out to steal your money and credentials. Security researchers are now finding more malware intent on rewriting master boot records and wiping file systems.

Zeus Sphinx Banking Trojan is Revived Under the Guise of COVID-19 Assistance

Apr 20, 2020 8:29:26 AM By Stu Sjouwerman

The 5-year old malware variant has reared its ugly head once again after a three-year hiatus – this time attempting to take advantage of the need for COVID-19 financial assistance.

NASA sees an “exponential” jump in malware attacks as personnel work from home

Apr 8, 2020 8:53:01 AM By Stu Sjouwerman

Ars Technica reports that NASA has experienced an exponential increase in malware attacks and a doubling of agency devices trying to access malicious sites in the past few days as ...

Hackers Use Interactive Malicious COVID-19 Map to Spread Malware

Mar 14, 2020 10:44:24 AM By Stu Sjouwerman

Cybercriminals constantly latch on to news items that captivate the public’s attention, but usually they do so by sensationalizing the topic or spreading misinformation about it. ...

Racoon: Infostealer Malware Collects Credentials, Financial and Personal Information

Mar 3, 2020 8:32:40 AM By Stu Sjouwerman

Access to a compromised endpoint may no longer be enough. So, enterprising malware authors offer up infostealers to help exfiltrate valuable data from an infected machine.

Catphish and Honey Traps

Feb 19, 2020 8:25:28 AM By Stu Sjouwerman

Hundreds of Israeli soldiers had their phones compromised by malware after falling for catfishing attacks purportedly launched by Hamas, Forbes reports. The Israel Defense Forces (IDF) ...

Emotet-Based Sextortion Scams Net 10 Times More than Necurs-Based Scams

Feb 17, 2020 8:28:40 AM By Stu Sjouwerman

The Emotet trojan just won’t die and appears to be gaining steam as sextortion scams are netting cybercriminals a massive return in exchange for their devious efforts.

Scam Of The Week: "Kobe Bryant Dead, Dies in Helicopter Crash"

Jan 26, 2020 4:29:02 PM By Stu Sjouwerman

Today, news broke that Kobe Bryant died in a helicopter crash. His daughter Gigi was also on board and died in the crash. This is a celebrity death that the bad guys are going to be ...

TrickBot Hackers Have Created the Ultimate “On the Fly” Update Backdoor

Jan 15, 2020 3:06:26 PM By Stu Sjouwerman

The newly-created “PowerTrick” backdoor leaves malware ready to accept new commands and victim organizations perpetually in danger of the next thing the malware’s creators can think of.

[Heads Up] Iran Has Launched Evil New Malware That Wipes Your Windows Workstations

Dec 5, 2019 8:16:15 AM By Stu Sjouwerman

Zak Doffman posted: "Iran’s state-sponsored hackers have deployed a new strain of malicious malware, warns IBM, which has been aimed at the “industrial and energy sectors” in the Middle ...

Security Awareness Training Blog

Malware Blog

View Topics

Legitimate Services, but still Hook, Line, and Sinker

Organizations Aren’t Prepared to Recover from Cyberattacks on Active Directory

QBot is Back With New Phishing Tricks

Watch Out! Cybersecurity and Infrastructure Security Agency Warn of New VBA Attack Designed to Deploy KONNI Remote Administration Tool

FakeSpy Android Malware Distributed via Smishing

New Phishing Attack Targets 200M+ Microsoft 365 Accounts Via Malicious Excel .SLK Files to Bypass Security

[Heads Up] A New Devilish Malware Worm Called Lucifer Is Targeting Your Windows Workstations

Why BEC Punches Above Its Weight

Fake Zoom Downloader is the Latest Method of Attack on Remote Workers

Implausible Phishbait, But Someone May Bite

New COVID-19 Malware Variants Render Your Endpoints Useless

Zeus Sphinx Banking Trojan is Revived Under the Guise of COVID-19 Assistance

NASA sees an “exponential” jump in malware attacks as personnel work from home

Hackers Use Interactive Malicious COVID-19 Map to Spread Malware

Racoon: Infostealer Malware Collects Credentials, Financial and Personal Information

Catphish and Honey Traps

Emotet-Based Sextortion Scams Net 10 Times More than Necurs-Based Scams

Scam Of The Week: "Kobe Bryant Dead, Dies in Helicopter Crash"

TrickBot Hackers Have Created the Ultimate “On the Fly” Update Backdoor

[Heads Up] Iran Has Launched Evil New Malware That Wipes Your Windows Workstations

Search Our Blog

Subscribe To Our Blog

Posts By Topic

Get the latest about social engineering

Subscribe to CyberheistNews

Get the latest about social engineering

Subscribe to CyberheistNews

Products & Services

About Us

Free Tools

Contact Us

Contact Support

Search