Law Firms Are the Latest Victims of Maze’s Ransomware and Extortion Attacks

Feb 4, 2020 3:46:54 PM By Stu Sjouwerman

With five law firms hit within just the last week, the Maze ransomware is making itself known and should be a warning to any and all legal firms that preventing an attack is paramount.

Unusual New Botnet-driven Phishing Attack With Tricky Downloaders

Feb 4, 2020 5:38:20 AM By Stu Sjouwerman

A large phishing campaign is distributing malicious Excel documents and utilizing irritating pop-ups to trick users into enabling macros, researchers at Lastline have found. The campaign ...

Your Cyber Insurance Policy Just Became Outdated

Feb 3, 2020 8:35:55 AM By Erich Kron

Just when we think we have a handle on our cyber insurance, the ransomware attackers have come and stirred things up again. I’m talking about the new trend in ransomware that you may not ...

Intelligence Services Get Phishing Licenses

Feb 3, 2020 8:23:46 AM By Stu Sjouwerman

New York Times journalist Ben Hubbard was targeted by a spear phishing attack designed to deliver NSO Group’s Pegasus spyware, researchers at the University of Toronto’s Citizen Lab have ...

[Heads-up] We Give Notice About The New Criminal Age 'Ransomware 2.0': Extremely Damaging, Dangerous And Plain Evil

Feb 2, 2020 1:38:44 PM By Roger Grimes

Take a look at that screen. Let it sink in a moment. Imagine if it were your company.

Iranian Hacker Group APT34 Apparently at It Again Targeting U.S. Research Organizations

Jan 31, 2020 4:22:55 PM By Stu Sjouwerman

[Heads-up] Scam Of The Week: Coronavirus Phishing Attacks In The Wild

Jan 31, 2020 1:28:07 PM By Stu Sjouwerman

Yup, you can count on it, when there is a worldwide health scare, the bad guys are on it like flies on $#!+. We are seeing a new malicious phishing campaign that is based on the fear of ...

Are You Expecting a Special Invitation?

Jan 31, 2020 11:05:22 AM By Jacqueline Jayne

According to MailGuard, a few days ago an email from our Prime Minister Scott Morrison started to do the rounds.

[Heads-up] It's OK To Just Say No To Phone Scams

Jan 31, 2020 6:40:29 AM By Eric Howes

Earlier this week a credit union located in the Midwest United States alerted its members via email to a pair of phone-and-text-based scams designed to trick unwitting users into coughing ...

9-Month Compromise of Wawa Results in Data Breach of More Than 30 Million Credit Cards

Jan 30, 2020 10:08:58 AM By Stu Sjouwerman

The breach, discovered in December of last year, is suspected to have led to the theft of and subsequent and sale of one of the largest takes of customer credit card data on the dark web.

Phishing Attacks Target Telecom Companies and their Tools to Facilitate SIM Swapping Attacks

Jan 30, 2020 8:31:04 AM By Stu Sjouwerman

Hackers are phishing telecom workers and “authorized retailers” to steal credentials and gain access to internal company tools. The end game is to modify SIM settings to help with a ...

It's the Access, Not the Technology

Jan 30, 2020 8:24:09 AM By Stu Sjouwerman

Exercising a suitable level of operational security is the key to protecting yourself from the consequences of sophisticated cyber attacks, according to Lionel Laurent at Bloomberg. ...

Phishing Telcos for SIM-Swapping

Jan 29, 2020 8:26:50 AM By Stu Sjouwerman

Motherboard reports that SIM swappers are launching phishing attacks against employees at Verizon, T-Mobile, and Sprint in order to hijack customer service tools. Once they have access to ...

‘Ryuk Stealer’ Searches for and Steals Confidential Files from Government, Military, and Law Enforcement

Jan 28, 2020 3:14:04 PM By Stu Sjouwerman

The newest strain of Ryuk ransomware has added new keywords and filetypes to expand its ability to find files with content that can be turned into money through sale, extortion, or ransom.

Latest Ryuk Ransomware Attacks on Oil and Gas Companies Includes Compromising Active Directory

Jan 28, 2020 3:07:49 PM By Stu Sjouwerman

Ransomware has definitely grown up from its infant stages where it simply infected one computer. From spreading through lateral movement, to the use of a victim's email to spread the ...

A Look Inside the Phishing Tackle Shop

Jan 28, 2020 8:31:51 AM By Stu Sjouwerman

The sophisticated 16Shop phishing kit can now target PayPal and American Express users, according to researchers from ZeroFOX. The researchers came across a new version of 16Shop that ...

Is There Still Hope for Privacy?

Jan 28, 2020 8:15:00 AM By Perry Carpenter

January 28 is Data Privacy Day. In honor of that, I’d like to share some random thoughts on privacy that I put together for a recent webcast with StaySafeOnline.org. And when I say, ...

New Malware Upgrade Steals Browser and Email Client Credentials

Jan 27, 2020 12:28:36 PM By Stu Sjouwerman

Nothing is safe anymore. While tricking users into giving up their credentials still seems pretty impressive, new updates to the FTCode ransomware target the IDs and passwords on your ...

Cyber-Insurance Premiums Jump as High as 25% and May Now Require Co-Insurance

Jan 27, 2020 12:12:18 PM By Stu Sjouwerman

With enough claims under the belts of insurance companies covering data ransoms, data theft, and other types of cyberattack, the risk appears to be shifting somewhat back to the ...

Contributing to the Delinquency of a Major

Jan 27, 2020 8:33:40 AM By Stu Sjouwerman

A Swedish man used a multitude of forged credentials and a fake school diploma to join the Swedish military, where he maintained the ruse for eighteen years and eventually attained the ...

Security Awareness Training Blog