January Content Update: Including the new 2020 KnowBe4 Social Engineering Red Flags Training Module

Feb 6, 2020 5:14:48 PM By Stu Sjouwerman

Here are a few important updates to share with you from the month of January.

Six Security Questions You Should Keep in Mind for Third Parties

Feb 6, 2020 8:23:45 AM By Jelle Wieringa

Organizations are beginning to understand the consequences of a data breach or a phishing attack and the negative impact they can really have. But what are the security risks for third ...

Charities Need to Watch Out for Scammers

Feb 6, 2020 8:21:46 AM By Stu Sjouwerman

The UK’s National Council for Voluntary Organisations (NCVO) has warned charities to be wary of scammers, Charity Digital News reports. The NCVO’s Road Ahead 2020 report outlines trends ...

Not the Antiques Roadshow

Feb 5, 2020 8:29:34 AM By Stu Sjouwerman

Scammers conned a Dutch museum into sending them £2.4 million (about $3.1 million) by posing as a real London-based art dealer who planned to sell the museum a John Constable painting, ...

Law Firms Are the Latest Victims of Maze’s Ransomware and Extortion Attacks

Feb 4, 2020 3:46:54 PM By Stu Sjouwerman

With five law firms hit within just the last week, the Maze ransomware is making itself known and should be a warning to any and all legal firms that preventing an attack is paramount.

Unusual New Botnet-driven Phishing Attack With Tricky Downloaders

Feb 4, 2020 5:38:20 AM By Stu Sjouwerman

A large phishing campaign is distributing malicious Excel documents and utilizing irritating pop-ups to trick users into enabling macros, researchers at Lastline have found. The campaign ...

Your Cyber Insurance Policy Just Became Outdated

Feb 3, 2020 8:35:55 AM By Erich Kron

Just when we think we have a handle on our cyber insurance, the ransomware attackers have come and stirred things up again. I’m talking about the new trend in ransomware that you may not ...

Intelligence Services Get Phishing Licenses

Feb 3, 2020 8:23:46 AM By Stu Sjouwerman

New York Times journalist Ben Hubbard was targeted by a spear phishing attack designed to deliver NSO Group’s Pegasus spyware, researchers at the University of Toronto’s Citizen Lab have ...

[Heads-up] We Give Notice About The New Criminal Age 'Ransomware 2.0': Extremely Damaging, Dangerous And Plain Evil

Feb 2, 2020 1:38:44 PM By Roger Grimes

Take a look at that screen. Let it sink in a moment. Imagine if it were your company.

Iranian Hacker Group APT34 Apparently at It Again Targeting U.S. Research Organizations

Jan 31, 2020 4:22:55 PM By Stu Sjouwerman

[Heads-up] Scam Of The Week: Coronavirus Phishing Attacks In The Wild

Jan 31, 2020 1:28:07 PM By Stu Sjouwerman

Yup, you can count on it, when there is a worldwide health scare, the bad guys are on it like flies on $#!+. We are seeing a new malicious phishing campaign that is based on the fear of ...

Are You Expecting a Special Invitation?

Jan 31, 2020 11:05:22 AM By Jacqueline Jayne

According to MailGuard, a few days ago an email from our Prime Minister Scott Morrison started to do the rounds.

[Heads-up] It's OK To Just Say No To Phone Scams

Jan 31, 2020 6:40:29 AM By Eric Howes

Earlier this week a credit union located in the Midwest United States alerted its members via email to a pair of phone-and-text-based scams designed to trick unwitting users into coughing ...

9-Month Compromise of Wawa Results in Data Breach of More Than 30 Million Credit Cards

Jan 30, 2020 10:08:58 AM By Stu Sjouwerman

The breach, discovered in December of last year, is suspected to have led to the theft of and subsequent and sale of one of the largest takes of customer credit card data on the dark web.

Phishing Attacks Target Telecom Companies and their Tools to Facilitate SIM Swapping Attacks

Jan 30, 2020 8:31:04 AM By Stu Sjouwerman

Hackers are phishing telecom workers and “authorized retailers” to steal credentials and gain access to internal company tools. The end game is to modify SIM settings to help with a ...

It's the Access, Not the Technology

Jan 30, 2020 8:24:09 AM By Stu Sjouwerman

Exercising a suitable level of operational security is the key to protecting yourself from the consequences of sophisticated cyber attacks, according to Lionel Laurent at Bloomberg. ...

Phishing Telcos for SIM-Swapping

Jan 29, 2020 8:26:50 AM By Stu Sjouwerman

Motherboard reports that SIM swappers are launching phishing attacks against employees at Verizon, T-Mobile, and Sprint in order to hijack customer service tools. Once they have access to ...

‘Ryuk Stealer’ Searches for and Steals Confidential Files from Government, Military, and Law Enforcement

Jan 28, 2020 3:14:04 PM By Stu Sjouwerman

The newest strain of Ryuk ransomware has added new keywords and filetypes to expand its ability to find files with content that can be turned into money through sale, extortion, or ransom.

Latest Ryuk Ransomware Attacks on Oil and Gas Companies Includes Compromising Active Directory

Jan 28, 2020 3:07:49 PM By Stu Sjouwerman

Ransomware has definitely grown up from its infant stages where it simply infected one computer. From spreading through lateral movement, to the use of a victim's email to spread the ...

A Look Inside the Phishing Tackle Shop

Jan 28, 2020 8:31:51 AM By Stu Sjouwerman

The sophisticated 16Shop phishing kit can now target PayPal and American Express users, according to researchers from ZeroFOX. The researchers came across a new version of 16Shop that ...

Security Awareness Training Blog