Bad Guys Built A Completely Fake News Website For A Bitcoin Phishing Scam

Jan 20, 2020 8:00:41 AM By Stu Sjouwerman

The Central Bank of Malta has issued a statement warning people about a bitcoin phishing scam being pushed by a spoofed news website, the Times of Malta reports. The site imitated a ...

Leaving Windows 7 in Production Puts You at High Risk of Ransomware Attack

Jan 17, 2020 1:11:23 PM By Stu Sjouwerman

Microsoft end-of-support for Windows 7 means systems will remain unpatched, creating an opportunity for future ransomware attacks to wreak havoc.

Business Disruption is the Prominent Result for All Cyberattacks

Jan 17, 2020 1:02:44 PM By Stu Sjouwerman

New data from security vendor CrowdStrike shows that the bad guys are getting better at avoiding detection and are having a substantial financial impact on operations.

Defending Against Ransomware is a Team Effort

Jan 17, 2020 8:29:41 AM By Stu Sjouwerman

Ransomware operators have grown very skilled in targeting exactly what will compel an organization to pay up, according to Andrew Brandt, principal researcher at Sophos. On the ...

Nemty Ransomware Creators Plan to Post Stolen Data of Non-Payors to Blog

Jan 16, 2020 11:55:12 AM By Stu Sjouwerman

In a twist to the newest ransomware tactic where data is stolen and then encrypted, the folks behind Nemty are going to use a blog to publish victims data if they don’t pay.

Kiwi Drivers Phished with Bogus License Renewals

Jan 16, 2020 8:36:17 AM By Stu Sjouwerman

The New Zealand Transport Agency (NZTA) has warned of an ongoing email phishing campaign using fake vehicle license renewal reminders, 1 News reports. The emails appear legitimate and ...

TrickBot Hackers Have Created the Ultimate “On the Fly” Update Backdoor

Jan 15, 2020 3:06:26 PM By Stu Sjouwerman

The newly-created “PowerTrick” backdoor leaves malware ready to accept new commands and victim organizations perpetually in danger of the next thing the malware’s creators can think of.

You Should Be Scared of the Latest Strains of Phobos Ransomware

Jan 15, 2020 2:59:51 PM By Stu Sjouwerman

In an unusual twist, it’s not actually the ransomware itself that makes the newer forms of Phobos so frightening; it’s the people behind the attacks that will have you worried.

Happy Hotel With a Sad Ending

Jan 15, 2020 8:42:17 AM By Javvad Malik

Tokyo, Japan-based Almex which operates the Japanese Happy Hotels announced it has been hacked and that customer data including email address, birth date, gender, phone number, log in, ...

Nobel Laureates Get Scammed, Too

Jan 15, 2020 8:21:53 AM By Stu Sjouwerman

Nobel Prize-winning economist and New York Times Opinion columnist Paul Krugman appears to have been taken in by a phishing scam, Business Insider reports. In a tweet that’s since been ...

Hackers Target the Special Olympics of New York and Use them to Launch Phishing Attacks

Jan 14, 2020 11:53:50 AM By Stu Sjouwerman

This latest attack demonstrates how cybercriminals can leverage one organization as merely a part of a larger phishing campaign to scam countless individuals out of credentials or money.

Fast Work By Cops Recovers $710,000 After CEO Fraud Attack Hits Long Island County Government

Jan 14, 2020 6:33:48 AM By Stu Sjouwerman

Finally some good news. Newsday reports that in record time, Nassau County, New York, recovered $710,000 that was transferred to scammers who were impersonating an existing county vendor.

Auto Dealership Becomes Latest Victim of Ransomware Attack Costing Up to $500,000

Jan 13, 2020 9:57:23 AM By Stu Sjouwerman

The opening of a seemingly benign email from a coworker by an unsuspecting employee set in motion an attack that brought operations to a halt and resulted in some costly remediation. The ...

Microsoft Sues Hacker Group for Data Theft of Highly Sensitive Information

Jan 13, 2020 9:48:18 AM By Stu Sjouwerman

A new recently unsealed lawsuit against a North Korean hacker group shows how even the largest companies can be successfully attacked by phishing.

An Overview of Phishing from the Accounting Sector

Jan 13, 2020 8:23:18 AM By Stu Sjouwerman

Employee training is an essential long-term defense against phishing attacks, according to David Barton and Kimberly Anderson at UHY Advisors. In an article for Accounting Today, Barton ...

[Scam Of The Week] Don't Fall For This Tricky: “Start your 2020 with a gift from us”

Jan 13, 2020 7:00:00 AM By Stu Sjouwerman

Paul Ducklin at Naked Security warned us about a scam that just surfaced and promises a gift by courier from overseas where the other person hasn’t told you what they’re sending – the ...

Cybercriminal Offers a “How To” Guide for Robbing Banks; Uses Cayman National Bank as the Example

Jan 10, 2020 10:05:49 AM By Stu Sjouwerman

This latest document from notorious hacker Phineas Phisher, along with a leaked report from PwC, shows how easy it is for a bank to be hacked and defrauded.

The Top 5 Eyeopener Strategies To Improve Your IT Defenses And Keep Bad Guys Out Of Your Network

Jan 9, 2020 4:16:06 PM By Roger Grimes

Last year, in 2019 according to CVEdetails, there were 12,174 new, publicly announced vulnerabilities. If that sounds like a high number, it’s a lot less than the previous two years. We ...

New Office 365 Phishing Attack Targets OAuth Apps Instead of Credentials

Jan 9, 2020 8:43:14 AM By Stu Sjouwerman

Trying to steal your username and password is so “yesterday.” The 2020 Hacker is now leveraging Office 365 OAuth APIs to gain control over user mailboxes with phishing tactics.

The Better the Phishing Protection Gets, the More Sophisticated Phishing Attacks Are Getting

Jan 9, 2020 8:34:29 AM By Stu Sjouwerman

Microsoft’s review of how phishing has evolved over the last year highlights some of the great lengths attackers will go to in order to avoid being detected as a phishing campaign.

Security Awareness Training Blog