Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Fraud Awareness Week

Nov 21, 2024 4:00:22 PM By John Just
The Association of Certified Fraud Examiners (ACFE) recently released a report Occupational Fraud 2024: A Report to the Nations, where they estimated that most organizations lose about 5% ...
Continue Reading

Out of 29 Billion Cybersecurity Events, Phishing was the Primary Method of Initial Attack

Nov 20, 2024 2:22:11 PM By Stu Sjouwerman
The newly released single largest analysis of cyber attacks across all of 2023 show a strong tie between the use of phishing and techniques designed to gain credentialed access.
Continue Reading

Beware of Fake Tech Support Scams

Nov 20, 2024 2:22:06 PM By Roger Grimes
About five years ago, I was having trouble with an expensive brand-name refrigerator that my wife and I had bought. It was a great refrigerator feature-wise. My wife and I initially loved ...
Continue Reading

Threat Actors are Sending Malicious QR Codes Via Snail Mail

Nov 20, 2024 10:40:54 AM By Stu Sjouwerman
The Swiss National Cyber Security Centre (NCSC) has warned of a QR code phishing (quishing) campaign that’s targeting people in Switzerland via physical letters sent through the mail, ...
Continue Reading

Phishing Attacks Exploit Microsoft Visio Files and SharePoint

Nov 15, 2024 10:06:32 AM By Stu Sjouwerman
Threat actors are exploiting Microsoft Visio files and SharePoint to launch two-step phishing attacks, according to researchers at Perception Point.
Continue Reading

Half of all Ransomware Attacks This Year Targeted Small Businesses

Nov 15, 2024 10:05:57 AM By Stu Sjouwerman
New data shows just how crippling ransomware has been on small businesses that have fallen victim to an attack and needed to pay the ransom.
Continue Reading

Criminal Threat Actor Uses Stolen Invoices to Distribute Malware

Nov 13, 2024 3:08:32 PM By Stu Sjouwerman
Researchers at IBM X-Force are tracking a phishing campaign by the criminal threat actor “Hive0145” that’s using stolen invoice notifications to trick users into installing malware.
Continue Reading

Nation-State Threat Actors Rely on Social Engineering First

Nov 12, 2024 3:38:33 PM By Stu Sjouwerman
A new report from ESET has found that most nation-state threat actors rely on spear phishing as a primary initial access technique.
Continue Reading

[FREE RESOURCE KIT] Stay Cyber Safe this Holiday Season with Our Free 2024 Resource Kit!

Nov 12, 2024 7:24:00 AM By Stu Sjouwerman
Isn’t it typical for bad actors to strike when we’re distracted and busy during this time of year?
Continue Reading

Criminals Use Search Engine Poisoning to Boost Phishing Pages

Nov 11, 2024 4:46:36 PM By Stu Sjouwerman
Researchers at Malwarebytes warn that cybercriminals are using search engine poisoning to boost phishing pages to the top of Bing’s search results.
Continue Reading

Attackers Abuse DocuSign to Send Phony Invoices

Nov 7, 2024 8:09:49 AM By Stu Sjouwerman
Threat actors are abusing DocuSign’s API to send phony invoices that appear “strikingly authentic,” according to researchers at Wallarm.
Continue Reading

BlackBasta Ransomware Gang Uses New Social Engineering Tactics To Target Corporate Networks

Nov 5, 2024 2:13:18 PM By Stu Sjouwerman
ReliaQuest warns that the BlackBasta ransomware gang is using new social engineering tactics to obtain initial access within corporate networks.
Continue Reading

The Rise of Outsourced Cybersecurity: How CISOs are Adapting to New Challenges

Nov 1, 2024 9:59:43 AM By Stu Sjouwerman
Chief Information Security Officers (CISOs) are facing unprecedented challenges. The combination of increasingly sophisticated cyber threats, persistent talent shortages, and complex ...
Continue Reading

Threat Actors Abuse LinkedIn to Target Job Seekers

Nov 1, 2024 9:59:39 AM By Stu Sjouwerman
Threat actors are targeting people who have recently lost their jobs with employment scams on LinkedIn, according to researchers at Malwarebytes.
Continue Reading

75% of Organizations Have Experienced a Deepfake-Related Attack

Oct 29, 2024 10:34:43 AM By Stu Sjouwerman
As generative AI evolves and becomes a mainstream part of cyber attacks, new data reveals that deepfakes are leading the way.
Continue Reading

Crooks are Sending Halloween-Themed Phishing Emails

Oct 29, 2024 10:34:35 AM By Stu Sjouwerman
Halloween-themed spam and phishing emails have surged over the past two months, with a significant increase beginning in October, according to researchers at Bitdefender.
Continue Reading

4 out of 10 Phishing Emails Are Sent From a Compromised Email Account

Oct 28, 2024 4:40:24 PM By Stu Sjouwerman
Analysis of phishing emails in the second quarter of this year paints a picture of what security teams and vigilant recipients should expect from modern phishing attacks.
Continue Reading

Threat Actors Compromise Valid Accounts Via Social Engineering

Oct 28, 2024 4:38:14 PM By Stu Sjouwerman
Phishing remains a top initial access vector for cyberattacks, according to researchers at Cisco Talos.
Continue Reading

Cyber Attack Tools Now Being Used To Help Phishing Pages Avoid Detection

Oct 28, 2024 9:15:07 AM By Stu Sjouwerman
Cybercriminals are offering tools to help phishing pages avoid detection by security tools, according to researchers at SlashNext.
Continue Reading

Cybersecurity Budgets Are Increasing, but Security Leaders Don’t Think It’s Enough

Oct 25, 2024 4:15:23 PM By Stu Sjouwerman
Despite the belief that today’s SOC should be doing the lion’s share of protecting an organization, new data shows reliance on more than just security teams is needed.
Continue Reading
Subscribe

Search Our Blog


Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews