Security Awareness Training Blog

Security Awareness Training Blog

Read the latest news about security awareness training, best practices, why you need it, and what happens when you don't have it in place.

CRN: "Kevin Mandia -- Detect Spear Phishing, Lock Down CEO Email To Stay Safe"

Michael Novinson at CRN had a great article that really explains the issues we are dealing with. He started out with: "Spear phishing remains the most common way for adversaries to ...
Continue Reading

Simjacking is Still a Problem, British Food Writer Lost £5,000

British food writer Jack Monroe lost £5,000 due to a simjacking attack, the BBC reports. In a series of tweets, Monroe said someone had taken over her phone number and used the access to ...
Continue Reading

It’s Baaaaaaaack! Emotet Trojan Rears Its Ugly Head Once Again After a 3-Month Vacation

One of the most dangerous pieces of malware to-date, this trojan-turned-botnet has come back after a brief hiatus and appears to be a part of a new spear phishing campaign targeting ...
Continue Reading

Cyber Risk Remains a Top Concern for Organizations While Lacking Confidence in Addressing Cyber Threats

It appears priority and ability to execute are two very different things when it comes to dealing with cyber threats, according to the latest data from Marsh and Microsoft.
Continue Reading

Extremely Embarrassing 250,000-record Data Breach At Hookers.nl

The data of 250,000 users of Hookers.nl, a forum where experiences with prostitutes and escorts are exchanged, have been stolen and offered for sale on the internet. It concerns e-mail ...
Continue Reading

Why Hack When You Can Con?

 
Continue Reading

Organizations Experiencing Attacks Rises by 35% as Most Consider Themselves Cyber-Novices

An increase in attacks should equate to a rise in organizational cyber-preparedness. But according to new research from U.K. cyber insurer Hiscox, organizations simply aren’t ready.
Continue Reading

U.S. Organizations Involved with Nuclear Deterrence are the Target of North Korean Phishing Attacks

Using some very sophisticated methods, the Kimsuky group is believed to be behind a spear phishing campaign aimed at stealing U.S. secrets.
Continue Reading

Virtual Hard Disk Images Containing Malware Are Ignored by Windows and Antivirus Engines

This disturbing find by a CERT researcher demonstrates how attackers can encode malicious files within a Virtual Hard Disk (VHD) image that acts in the same way as a ZIP archive.
Continue Reading

Universities Worldwide are the Target of Phishing Attacks by a Hacking Group Aimed at Stealing Research and Intellectual Property

The Iranian hacker group dubbed Colbalt Dickens has hit over 60 universities around the globe attempting to steal credentials to provide access to sensitive data.
Continue Reading

Many in Utilities Sector Expect Attacks on Critical Infrastructure: Survey

Ed Kovacs at SecurityWeek reported on something that is one of the few things that keep me "awake at night":
Continue Reading

Ransomware Still Plagues Organizations Despite Feeling Prepared for an Attack

New data from security vendor AlienVault shines a light on the real state of ransomware, and how concerned IT organizations are with preparing for and dealing with an attack.
Continue Reading

Cybercriminals Leverage the U.K.’s Strong Customer Authentication Requirement in a New String of Phishing Attacks

Attackers are taking advantage of the requirement to secure online shopping and banking transactions processed within the U.K. to gather personal details of consumers and users alike.
Continue Reading

Chinese State-Sponsored Phishing

A sophisticated threat group is going after a variety of industries using spearphishing and an arsenal of malware, according to Nalani Fraser and Fred Plan from FireEye. Fraser and Plan ...
Continue Reading

Is Cyberinsurance a Reason for the Rise in Ransomware Attacks?

Are cybercriminals counting on the victim’s simple cost-to-benefit decision to have their cyber-insurer pay the ransom? And, if so, are they targeting companies with cyberinsurance?
Continue Reading

Now *here* is something new! What The Heck Is War Shipping?

Our friends at Malwarebytes have a great article about this written by Pieter Arntz. This is a cross-post with grateful acknowledgement!  :-D
Continue Reading

Casbaneiro is the Hook in Alt-Coin Phishing

The Casbaneiro banking Trojan is going after Latin American victims’ cryptocurrency, Verdict reports. It’s being distributed via phishing emails which trick victims into downloading a ...
Continue Reading

Fall LinkedIn Job Postings Are a Prime Vehicle for Job Scams, Cyber Attacks

LinkedIn says the Fall hiring season is very hot right now. With more than 20 million jobs posted, LinkedIn is the perfect way for scammers to trick users into becoming victims.
Continue Reading

Ransomware is Having Its Best Year Ever

The recent rash of successful ransomware attacks against municipalities, state and local government, and school districts is bad for organizations and great for cybercriminals.
Continue Reading

The Cost of a Data Breach is Expected to Rise by Two-Thirds Over the Next Five Years

The increase in attack effectiveness and remediation costs, along with new compliance fines are causing the cost of a data breach to rise significantly.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews