OSINT – a Hacker’s First Asset in Targeted Attacks

Jul 25, 2019 5:19:19 PM By Stu Sjouwerman

Before a cybercriminal wants to engage in a targeted attack against a particular organization or individual, they’d like to know a few things first. That’s where OSINT comes into play.

New Study Finds Employees Pose the Greatest Cybersecurity Risk

Jul 25, 2019 5:15:59 PM By Stu Sjouwerman

While historically being seen as an organization’s greatest asset, the latest report from the analyst firm Ponemon cites humans as the weakest link.

Netflix's New "The Great Hack" Reminds Us -- If you Don't Pay For the Product You Are The Product

Jul 25, 2019 5:11:46 PM By Stu Sjouwerman

Last night, Netflix premiered “The Great Hack” which is based on the Cambridge Analytica scandal. They reminded us of the golden expression: “If you don't pay for the product you are the ...

BEC = “Because it’s Easy Cash” Scammers Trick Employees Into Giving Away Customer Info

Jul 25, 2019 10:51:29 AM By Stu Sjouwerman

Business Email Compromise—also known as CEO Fraud—scammers are now targeting a company's customers using a new indirect attack method designed to collect information on future scam ...

This Year, Phishing Causes Losses of $17,700 per minute And Ransomware Attacks Will Cost $22,184 Per Minute

Jul 25, 2019 10:37:42 AM By Stu Sjouwerman

Global losses to cybercrime total $1.5 trillion per year, which amounts to $2.9 million per minute, a new report by RiskIQ shows. Some of the largest companies are losing $25 each minute ...

A Phishing Campaign Evades Email Gateways via WeTransfer

Jul 25, 2019 8:39:51 AM By Stu Sjouwerman

A phishing campaign is abusing the legitimate file hosting site WeTransfer to get malicious links through email filters, according to Jake Longden at Cofense. The attackers send real ...

80% of Organizations Don’t Use DMARC Making Them Susceptible to Email Spoofing

Jul 24, 2019 5:17:12 PM By Stu Sjouwerman

DMARC’s ability to confirm a sending domain’s identity seems like a no-brainer, and yet most organizations aren’t taking advantage of this protective service to stop phishing attacks.

Ransomware Attacks Costs Nearly Triple in 2019 to over $36K Per Attack

Jul 24, 2019 4:40:39 PM By Stu Sjouwerman

The latest data from ransomware recovery vendor, Coveware, outlines the current state of the cost, duration, and recovery rate of ransomware attacks today.

HoneyTrap, The Oldest In The World Now As Iranian Catphish on LinkedIn

Jul 24, 2019 6:48:59 AM By Stu Sjouwerman

Iranian state-sponsored hackers are increasing their targeting of civilian targets amid escalating tensions between the US and Iran, according to Zak Doffman at Forbes. Doffman cites a ...

KnowBe4 Achieves Highest and Furthest Overall Position for Its Ability to Execute and Completeness of Vision in the 2019 Gartner Magic Quadrant for Security Awareness CBT

Jul 23, 2019 1:19:33 PM By Stu Sjouwerman

We are excited to announce that KnowBe4 has achieved the highest and furthest overall position as a Leader for its ability to execute and completeness of vision in the 2019 Magic Quadrant ...

New Cyber Attack Trends Report Reveals That Digital Criminals Made Off With $45 Billion in 2018

Jul 23, 2019 10:27:12 AM By Stu Sjouwerman

Scott Ikeda at CPO Magazine posted insights about a new report on cyber attack trends which combines information from a number of high-level sources. It reveals a startling amount of ...

Fake Accounts Go to College

Jul 23, 2019 10:12:48 AM By Stu Sjouwerman

The US Department of Education warned last week that 62 colleges were exposed to criminals who exploited an authentication vulnerability in a popular enterprise resource planning ...

Is Equifax Paying Up To 700 Million... Or Is It 1.4 Billion?

Jul 23, 2019 7:26:05 AM By Stu Sjouwerman

In a settlement with the FTC, consumers affected by the breach are eligible for up to $20,000 in a cash settlement, depending on damages they can prove. But different news sources claim ...

Windows Defender Gets a New Name: Microsoft Defender

Jul 22, 2019 7:24:20 AM By Stu Sjouwerman

Bleepingcomputer reported: "Windows Defender is being rebranded to Microsoft Defender to indicate that it now part of a cross platform family of products. This includes enterprise ...

[Scam of The Week] New 'US State Police' Phishing Extortion Scam Includes Contact Numbers

Jul 20, 2019 11:26:21 AM By Stu Sjouwerman

Our friend Larry Abrams at Bleeping computer warned: "A new extortion scam is underway that pretends to be from a US State Police detective who is willing to delete child porn evidence if ...

KnowBe4 Adds Language Localization to Learner's Experience For All Customers

Jul 20, 2019 10:02:24 AM By Stu Sjouwerman

We are excited to announce the availability of KnowBe4’s new localized training interface option for your users!

U.S. Coast Guard Warns of Phishing Attacks Designed for Data Theft and Malware Infection

Jul 19, 2019 3:15:52 PM By Stu Sjouwerman

A new Marine Safety Information Bulletin from the U.S. Coast Guard demonstrates that cybercriminals aren’t just after land-based businesses.

U.K. Sees an Increase in Sophisticated Phishing Attacks Targeting Educational Institutions

Jul 19, 2019 3:12:23 PM By Stu Sjouwerman

Using a mix of identity deception, domain spoofing, credential theft, and bank fraud, scammers are taking advantage of soft targets in the U.K.’s education sector.

Deep Fakes Getting Better Every Day With AI / Machine Learning

Jul 19, 2019 11:51:36 AM By Stu Sjouwerman

A recent article in The Next Web showed how AI can magically remove a person or object from a video background as computer algorithms “clips” the person walking across a street out of the ...

SANS Security Awareness Report Highlights the Rising Era of Awareness Training

Jul 18, 2019 8:40:14 AM By Stu Sjouwerman

SANS Security Awareness, a division of SANS Institute, announced they have released their new 2019 Security Awareness Report. In its fifth consecutive year, this very useful annual report ...

Security Awareness Training Blog