Security Awareness Training Blog

Security Awareness Training Blog

Read the latest news about security awareness training, best practices, why you need it, and what happens when you don't have it in place.

SANS Security Awareness Report Highlights the Rising Era of Awareness Training

SANS Security Awareness, a division of SANS Institute, announced they have released their new 2019 Security Awareness Report. In its fifth consecutive year, this very useful annual report ...
Continue Reading

[LIVE WEBINAR] Hacking Your Organization: 7 Steps Bad Guys Use to Take Total Control of Your Network

The scary fact is that human error is a contributing factor in more than 90% of breaches. With so many technical controls in place hackers are still getting through to your end ...
Continue Reading

UK Mid-Sized Firms Lost £30bn to CyberAttacks in 2018

Phil Muncaster at InfoSec Mag reported that "Cybersecurity incidents have cost UK mid-market firms a combined £30bn over the past year as automated attacks become the norm, according to ...
Continue Reading

An Amazon Phishing Scam Hits Just In Time For Prime Day

Amazon has confirmed that Prime Day 2019 will begin at 12 a.m. PT on Monday, July 15 and conclude at 11:59 p.m. PT on Tuesday, July 16.
Continue Reading

U.S. Coast Guard Warns Shipping Industry on Cybersecurity. Are You Next?

Kim Nash wrote in the WSJ Cybersecurity newsletter: "Avast! Pirates are getting better with cyber weapons on the high seas, WSJ Pro’s James Rundle reports. Maritime freight operators must ...
Continue Reading

Homeland Security Warning About Phishing As A Threat to 2020 Elections

The US Department of Homeland Security is warning state election officials that phishing attacks are one of the greatest threats to watch out for as the 2020 elections approach.
Continue Reading

Discovered This Year: 5,334 Kits Offering Evasive Criminal Phishing-as-a-Service

Commodity phishing kits are making it easier for unskilled criminals to run sophisticated phishing campaigns for a low price, according to a report from cloud security provider Cyren.
Continue Reading

[Heads-up] IT Pros In The Trenches Of Iran And China's New Cyber War Against The U.S.

You did not sign up for this, but you are finding yourself in the trenches of a cyber war which is slowly but surely moving from a cold to a hot stage. The latest development is that the ...
Continue Reading

“Lack of Security Awareness” a Major Reason Why Financial Firms Are 300 Time More Likely to Fall Prey to Cyberattacks

The bad guys always go where the money is. And financial firms are grossly ill-prepared for cyberattacks and suffer higher costs in addressing successful attacks. Boston Consulting Group ...
Continue Reading

80% of all Brand Deception Phishing Scams Targeting Execs Pretend to be Microsoft

The prevalence of Office 365 and the Windows OS has caused cybercriminals to choose the software titan as their primary brand used in identity deception phishing scams.
Continue Reading

Over Half of Employees Don’t Adhere to Email Security Protocols

A new survey by Barracuda Networks shows that the vast majority (87%) of decision makers believe email threats will rise in the coming year. However, companies are ill-prepared to defend ...
Continue Reading

Globally, One-Third of Organizations Experience Ransomware Attacks Weekly

The latest data from Australian telecommunications provider Telstra shows ransomware is running rampant, with security breaches not far behind in frequency.
Continue Reading

Cyber Crime Refines Their Social Engineering Tactics

Attackers are improving their strategies by accounting for new developments in technology, Help Net Security reports. Researchers at FireEye analyzed 1.3 billion phishing emails and ...
Continue Reading

Enter Facebook's Libra, with Scammers in its Train

Within twenty-four hours of Facebook’s announcement of its new Libra cryptocurrency and Calibra digital wallet, more than three-hundred sites were registered with domain names associated ...
Continue Reading

Dridex Credential Stealer Returns With New Antivirus Evasion - Including Application Whitelisting

SCMag reported that a new strain of the notorious Dridex malware has been spotted using polymorphism antivirus evasion techniques in phishing emails. The Dridex credential-stealer that ...
Continue Reading

Brand-New Tool: Social Media Phishing Test Checks for Users Vulnerable to Social Media Related Attacks

Phishing is still the #1 threat action used in social engineering attacks, and spear phishing, in particular, takes advantage of your users’ socially networked lives.
Continue Reading

Instagram Vanity Makes for Vulnerability

Scammers are targeting Instagram users with phony offers to verify their accounts in order to receive Instagram’s blue checkmark, Threatpost reports. Researchers at Sucuri came across a ...
Continue Reading

New Malware Pretends to Be You by Matching Your Keystroke Characteristics

Cybersecurity researchers have developed a new keystroke impersonation attack that avoids being detected by keystroke-based biometric security solutions.
Continue Reading

Microsoft Kills Password Expiration Policy Recommendation with Latest Security Baseline for Windows 10

This change from Microsoft highlights the need for organizations to readdress the user-based insecurity of passwords caused by password expirations.
Continue Reading

KnowBe4 Fresh Content and Feature Updates - June 2019

Check out the content and feature updates in the KnowBe4 platform for the month of June!
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews