Security Awareness Training Blog

Security Awareness Training Blog

Read the latest news about security awareness training, best practices, why you need it, and what happens when you don't have it in place.

F-Secure Cautions about Fresh Olympic-themed Spam

F-Secure the security company based in Finland has recently cautioned that spam mails themed on the Olympics are targeting Internauts while carrying web-links to one malevolent PDF file ...
Continue Reading

Over-55s Pick Passwords Twice As Secure As Teenagers

"People over the age of 55 pick passwords double the strength of those chosen by people under 25 years old. That's according to the largest ever study of password security, which also ...
Continue Reading

Malicious PowerPoint File Contains Exploit, Drops Backdoor

TrendLabs discovered a malicious MS PowerPoint document that arrives attached to email messages. The file contains an embedded Flash file, which exploits a software bug found in specific ...
Continue Reading

Aaaugh! 1 in 5 U.S. Windows PCs Lack Antivirus Defenses

Un-friggin-believable but true. Don't be one of them! Gregg Keizer at ComputerWorld was the first with this story. "Nearly a fifth of Windows PCs in the U.S. lack any active security ...
Continue Reading

CyberheistNews Vol 2, #24

Continue Reading

CyberheistNews Vol 2, #23

Continue Reading

CyberheistNews Vol 2, #22

Continue Reading

Chinese hacker brings grief to Calgary’s Catholic school system

Hackers will find any mail server that is not protected and/or configured correctly and use it to send out as much spam as possible. This gets the unsuspecting organization blacklisted ...
Continue Reading

VIDEO The Top 5 Online Security Traps And How To Avoid Them

GFI is one of the few antivirus vendors that understands the importance of prevention and end-user training. They produced this useful video that in two minutes illustrates the top 5 ...
Continue Reading

Gmail Security Hole Allows Hackers To Automate Social Engineering Trick

Christopher Mims over at Technology Review was the first one to report on this. A large Gmail security hole could lead to mass harvesting of accounts, as hackers can automate this social ...
Continue Reading

Hackers Target the Weakest Link: The End User

I was interviewed by Jeremy Quittner yesterday. Here is how he started his article in American Banker today: "It took Stu Sjouwerman, the founder and chief executive of security firm ...
Continue Reading

Guessable Passwords: The Unpatchable Exploit

Monday morning, I found a tweet by @INFOSECSchool with the above title. I admit, it's a catchy phrase and sure enough, IF you allow easy passwords, it's an invitation to get hacked. This ...
Continue Reading

Fake Amex ID Verification

[caption id="" align="alignleft" width="260" caption="Fake Amex ID Verification"][/caption] OK, here is another one to warn everyone about, especially the employees that have a ...
Continue Reading

Spot the security "no-no"

[caption id="" align="alignleft" width="260" caption="Spot the security "no-no""][/caption] Wow, talk about a TV interview that contains a massive vulnerability. We think this is a press ...
Continue Reading

Spear-phishing attacks hit gas pipeline networks

A Homeland Security Department cyber response team focusing on industrial control systems has issued a warning to the natural gas pipeline industry of targeted cyberattacks that have ...
Continue Reading

Gartner considers security awareness training an essential tool for all companies

Linda Musthaler, at NetworkWorld just wrote an excellent article about training workers to be cyber safe. One paragraph was especially noteworthy: “In 2012 we’re already seeing a sharp ...
Continue Reading

I am a malware coder and botnet operator

This is a discussion on Reddit, where a (presumably Polish) malware coder and botnet operator very candidly answers questions from people. This is a fascinating but rather technical read, ...
Continue Reading

CyberheistNews Vol 2, #21

Continue Reading

News - FBI warns against malware installed via hotel networks

The Internet Crime Complaint Center had this 'Intelligence Note': "Recent analysis from the FBI and other government agencies demonstrates that malicious actors are targeting travelers ...
Continue Reading

The personal cloud will eclipse the PC

The personal cloud is poised to eclipse the PC as the hub of consumers' digital lives by 2014 as rapid growth in the use of apps and services introduces a new paradigm for how people ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews