Security Awareness Training Blog

Security Awareness Training Blog

Read the latest news about security awareness training, best practices, why you need it, and what happens when you don't have it in place.

[Heads Up] The REvil Ransomware Gang Is Now *Auctioning Off* Their Victim Data

Intrepid investigative Reporter Brian Krebs had the news first. "The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies ...
Continue Reading

How Low Will Cybercriminals Go?

Surely Bond villains only exist in movies -- I mean people aren’t truly evil are they? Especially ones who sit behind a computer. This was part of a discussion I was having with my ...
Continue Reading

Prepare Your Organization to Work From Home More Securely With Ridiculously Easy Security Awareness Training and Phishing

Join us for a live demo on Security Awareness Training and phishing in action!
Continue Reading

Human Performance as a Risk Factor

Most organizations don’t place enough focus on the human elements of cybersecurity, according to Stephen A. Wilson, Dean Hamilton, and Scott Stallbaum from consulting firm Wilson Perumal ...
Continue Reading

Supreme Court “Summons” is the Latest Phishing Attack Aimed at Stealing Your Microsoft 365 Credentials

Even the Supreme Court isn’t safe from brand impersonation in this scam intent on getting victims to click on a link to a supposed subpoena to attend a hearing.
Continue Reading

Verizon: Phishing is the Attack Vector Most Often Seen in Data Breaches

This year’s much-anticipated Verizon Data Breach Investigations Report sheds some light on how cybercriminals use phishing to achieve their goal of stealing data.
Continue Reading

EasyJet Becomes the Latest Victim of Data Breach Impacting 9 Million Customers

In an apparent attack intent on stealing intellectual property, EasyJet announced that their customer’s personal data had been “accessed” as part of the attack.
Continue Reading

[Eye-Opener] More Than Half Of Your Employees Cut Security Corners When They Work Remote

More than half of your employees are cutting corners with regards to cybersecurity while working from home, putting your organisation at risk. The coronavirus pandemic has forced all of ...
Continue Reading

Beware of Phony LogMeIn Security Updates

Researchers at Abnormal Security warn that a phishing campaign is trying to steal LogMeIn remote desktop credentials. The attackers are sending phishing emails that purport to come from ...
Continue Reading

Phishing Campaigns Using Google Firebase Storage

Scammers are hosting phishing pages on Google Firebase Storage to bypass email security filters, Threatpost reports. Firebase is a Google-owned application development platform that ...
Continue Reading

[Scam Of The Week] Microsoft Warns To Look Out for This Massive Covid-19 Excel Phishing Attack

Microsoft this week warned about a massive phishing attack that started on May 12. The campaign sends emails that look like they are from the "Johns Hopkins Center", and they have an ...
Continue Reading

[Heads Up] The COVID Remote Work Mandate Skyrockets "Work From Home" Training Enrollments

KnowBe4 was one of the first to warn first about the impending COVID phishing tsunami on Jan 31, 2020.  The bad guys did not disappoint and went all-out, all cylinders firing, and pulled ...
Continue Reading

Nearly Every Organization is More Concerned about Cybersecurity Than Before COVID-19

New data from security vendor Tripwire highlights how the shift to remote working has changed the face of cybersecurity for both the current work climate and the future.
Continue Reading

Your Next Ransomware Attack May Require Two Payments!

In a case of adding insult to injury, a new strain of ransomware is looking for one payment to decrypt, and a second payment to not publish stolen files.
Continue Reading

Preying on the Unemployed

An SMS phishing campaign has been exploiting the COVID-19 crisis by spoofing the website of a job placement agency, the New York Daily News reports. The scammers set up a website that ...
Continue Reading

Biases People Take Home With Them

Employees will naturally follow their cognitive biases unless organizations proactively engage them in security processes, according to Georgia Crossland, a Ph.D. researcher at Royal ...
Continue Reading

Scammers Exploit Rollout of COVID-19 Contact-Tracing Apps

An SMS phishing campaign is telling people they’ve come into contact with someone who’s contracted COVID-19, Computing reports. The UK’s Chartered Trading Standards Institute (CTSI) ...
Continue Reading

Dutch Online Retailer Wehkamp Loses 144,000 Euros in Bankruptcy Business Email Compromise

Cyber criminals successfully gained access to email traffic between bankruptcy trustees and Wehkamp – one of the biggest online retailers in The Netherlands – writes RTL Z. Employees of ...
Continue Reading

That Email from President Trump? Yeah, That’s a Phishing Scam

New phishing scams impersonating President Trump and Vice President Pence are designed to install malware or be the start of an extortion scam.
Continue Reading

World's Largest Sovereign Wealth Fund Falls For $10m Social Engineering Attack

The Norwegian Investment Fund has been swindled out of 10 million dollars by fraudsters who pulled off a social engineering attack that the Norfund called "an advanced data breach" but ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews