If You Think Security Awareness Training is Expensive, Try Ignorance

Apr 15, 2015 11:02:00 AM By Stu Sjouwerman

Facts surrounding spear phishing all point to employees as the most cited culprits and security awareness training as the most effective remedy. Yet all training programs are not equal. ...

So, What Is The Real Reason The White House Got Hacked?

Apr 11, 2015 9:58:00 AM By Stu Sjouwerman

According to a new CyberEdge research survey of 19 sectors, including government, spearphishing is the biggest concern to IT security pros, more worrisome than even malware. And only 20 ...

SHOCKER: Data Breaches Cost Big Companies Very Little

Apr 6, 2015 5:16:21 PM By Stu Sjouwerman

Two articles today in Fortune Magazine and Harvard Business Review each lifted a piece of the veil about a dirty little secret about data breaches. From Home Depot to Target to Sony, big ...

IBM: 'Dyre Wolf' Cyber Gang Uses Spear Phishing For $1 Million Cyberheists

Apr 4, 2015 10:48:00 AM By Stu Sjouwerman

Last week, IBM Security reported on an active cyberheist campaign using a variant of the Dyre Trojan that has successfully stolen more than $1 million at a time from targeted enterprise ...

Experts: Social Engineering Attacks Harder To Stop

Mar 28, 2015 10:42:45 AM By Stu Sjouwerman

Michael Heller at TechTarget wrote a good longish article where he concluded: "As more personal and corporate information is shared on the Web, social engineering techniques and attacks ...

How to get your Phish-prone percentage up. Up? Yes, Up.

Mar 23, 2015 11:14:00 AM By Stu Sjouwerman

Something surprising happened last week. A few of our customers reported that their phish-prone percentage was going up. Up? Yes, up. Not something you normally would expect or ...

Premera And Anthem Both Hacked Using Shrewd Social Engineering

Mar 21, 2015 10:11:41 AM By Stu Sjouwerman

Health records are the new credit cards. They have a longer shelf life and are often easier to get. There are more opportunities for fraud. No wonder that bad guys are after them with a ...

Why your brain shuts down when you see a security alert

Mar 21, 2015 9:28:56 AM By Stu Sjouwerman

Been mystified why end-users do not seem to get it? Their eyes glazing over when a security alert pops up on their screen? Brand new neuroscience research using MRI shows a dramatic drop ...

Despite Mobile App Risks Enterprise Does Not Have Mobile Security Policy

Mar 20, 2015 1:43:33 PM By Stu Sjouwerman

Here is the disconnect: 82 percent of IT pros think that BYOD in the workplace has “very significantly” or “significantly” increased IT security risks, less than half of organizations ...

CyberheistNews Vol 5 #11 Ransomware: Pay Up Or Fight. What Would You Do?

Mar 17, 2015 9:26:00 AM By Stu Sjouwerman

Ransomware: Pay Up Or Fight. What Would You Do? Ask security experts what to do when hit with ransomware -- the sophisticated malware that infects a device or network, uses military-grade ...

Report: 71 percent successfully spear-phished in 2014

Mar 14, 2015 5:00:00 PM By Stu Sjouwerman

Adam Greenberg at SC Magazine reported on something interesting:

Spear Phishing Attack Nearly Costs FL City $500K

Mar 12, 2015 2:12:00 PM By Stu Sjouwerman

A spear-phishing last month at Orange Park City Hall almost got away with $500,000 from the city's bank account. Fortunately it was caught in time so that a wire transfer that already had ...

Number One Infosec Headache Is End Users

Feb 25, 2015 11:56:11 AM By Stu Sjouwerman

Intel Report About Social Engineering

Feb 23, 2015 4:13:59 PM By Stu Sjouwerman

In a new report, Hacking the Human OS, McAfee (owned by Intel) security researchers Raj Samani and Charles McFarland found that, increasingly, hackers are using social engineering ...

More Phishing Attacks Going After Financial Data

Feb 17, 2015 11:27:37 AM By Stu Sjouwerman

Kaspersky recently reported that 28.8 percent of phishing attacks in 2014 tried to steal financial data from consumers. The results show how cybercrime has shifted its focus to payment ...

World's Biggest Cyberheist Cybergang Phished $900 Million Out Of Banks

Feb 15, 2015 9:25:00 AM By Stu Sjouwerman

More than 100 financial institutions in 30 countries have been the victim of a cyberheist that lasted in some cases almost 2 years. This was not a smash-and-grab but a highly ...

Antivirus Products Are Slow at Making Malware Signatures

Feb 12, 2015 4:48:00 PM By Stu Sjouwerman

The traditional malicious software detection approach is far from being sufficient, especially in corporate environments. More and more it's found that antivirus products can take months ...

Anthem Breach Began with Phishing of Employees

Feb 11, 2015 2:23:00 PM By Stu Sjouwerman

Last updated 2/12/2015 - The foreign hackers who stole up to 80 million records from Anthem social engineered their way into the company's network by obtaining the credentials of five ...

Train Employees And Cut Cyber Risks Up To 70 Percent

Jan 18, 2015 12:26:00 PM By Stu Sjouwerman

It's a well-known fact that employees are the weakest link in IT security. There is good news though! New research from our friends at Wombat Security Technologies and the Aberdeen Group ...

Defense In Depth: Your Answer To Social Engineering

Dec 31, 2014 1:04:36 PM By Stu Sjouwerman

Organizations defend their networks on each of the six levels in the green graph you see. End-user Internet Security Awareness Training resides in the outer layer: ‘Policies, Procedures, ...

Security Awareness Training Blog