Email-Based Threats Increase 64% as Attacks Grow in Sophistication and Volume

May 12, 2021 8:18:54 AM By Stu Sjouwerman

New data from Mimecast shows how email-based threats are not only the greatest perceived concern, but are proving to be the reason for increased experienced attacks.

Your Organization Needs to Take Security Awareness Training More Seriously

May 11, 2021 4:08:50 PM By Roger Grimes

Your organization needs to take security awareness training (SAT) more seriously. I mean truly serious, really serious, and not relegated to some quasi-, semi-serious status that the vast ...

Huge Business Email Compromise Campaign Targets More Than 120 Organizations

May 11, 2021 12:00:00 PM By Stu Sjouwerman

According to Bleeping Computer, Microsoft reported that a large business email compromise (BEC) campaign has targeted dozens of organizations. The industries targeted varied from real ...

Fake Court Order Used to Take Over Domains

May 11, 2021 9:00:39 AM By Stu Sjouwerman

Motherboard reports that a scammer used a phony court order to trick a domain registrar into giving them control over a domain that posted links to dark web drug markets. The scammer then ...

Cybersecurity Spend Is Now More Than 20% of the Average IT Budget As 91% of Organizations Suffering an Attack had Operations Impacted

May 6, 2021 8:58:25 AM By Stu Sjouwerman

The latest data from the Hiscox Cyber Readiness Report highlights how organizations are experiencing cyber threats and how they are responding to increase their readiness for next time.

Genesis Market: a Study in the C2C Economy

May 5, 2021 8:55:19 AM By Stu Sjouwerman

Researchers at Digital Shadows describe Genesis Market, a criminal-to-criminal marketplace that aggregates and sells digital fingerprints to facilitate cyberattacks. The researchers say ...

U.K. Royal Mail-related Phishing Scams Are Up 645%

Apr 30, 2021 12:25:08 PM By Stu Sjouwerman

New data from CheckPoint highlights how scammers are using simple shipping-related social engineering scams to trick victims into giving up personal information and credit card details.

Ransomware Operators Threaten to Short Victims’ Stocks

Apr 29, 2021 10:33:38 AM By Stu Sjouwerman

The Darkside ransomware operators are now offering to tip off unscrupulous stock traders before they post the names of publicly traded victim companies, the Record reports. The criminals ...

Scammers Target Rogers Customers With SMS Messages

Apr 29, 2021 10:33:17 AM By Stu Sjouwerman

Scammers are targeting Rogers customers with text messages offering $50 refunds, according to BleepingComputer. The Canadian telecommunications provider suffered a widespread outage last ...

Researchers Warn of EtterSilent Facilitating Risky Malware Delivery

Apr 29, 2021 10:25:23 AM By Stu Sjouwerman

Cybercriminals are using a new malicious document builder dubbed “EtterSilent,” according to researchers at Intel 471. The builder is used to craft Microsoft Office documents with macros ...

Phishing Campaign Abuses Contact Forms

Apr 29, 2021 10:00:00 AM By Stu Sjouwerman

Attackers are abusing websites’ contact forms to send malicious emails to the websites’ owners, according to researchers at Microsoft. The emails contain bogus copyright claims with a ...

Cybercriminals Use Job-Specific Social Media Platforms to Target UK Citizens With Fake Accounts

Apr 29, 2021 4:55:00 AM By Stu Sjouwerman

At least 10,000 UK citizens have been targeted by nation-state actors via fake LinkedIn accounts over the past five years, the BBC reports. Ken McCallum, Director-General of MI5, said ...

A Legitimate Charity Prompts Scam Imitators

Apr 28, 2021 8:00:00 AM By Stu Sjouwerman

Scammers are impersonating philanthropist Mackenzie Scott, the billionaire ex-wife of Jeff Bezos, the New York Times reports. Scott prefers to give money directly and contacts charities ...

Currently Popular Social Engineering Tactics

Apr 27, 2021 10:00:27 AM By Stu Sjouwerman

Criminals are exploiting new technology to launch updated versions of old attacks, according to Derek Slater at CSO. George Gerchow, CSO at Sumo Logic, told Slater that threat actors are ...

APT Group Use Voice-Changing Software to Impersonate Women as Part of Espionage Attacks

Apr 9, 2021 8:34:02 AM By Stu Sjouwerman

The middle eastern threat group known as APT-C-23 are targeting male soldiers in the Israel Defense Forces in an attempt to get their victims to download and install malware.

The Inside Man Season 1 Is Now Available on Amazon Prime Video

Apr 5, 2021 9:34:30 AM By Stu Sjouwerman

We're pleased to announce that season one of the award-winning security awareness training series 'The Inside Man' is now available on Amazon Prime.

Office 365 Phishing Kits Are Being Used in a New Attack Targeting Execs and Finance

Apr 2, 2021 10:09:14 AM By Stu Sjouwerman

A new highly-targeted phishing campaign is seeking to compromise the online credentials of those with influence within an organization using an Office 365-themed update attack.

Cybercrime Skyrocketed in the US by 55%

Apr 1, 2021 8:58:39 AM By Stu Sjouwerman

According to data released by StockApps, the annual loss from any type of cybercrime in the US reached $4.2 billion in 2020. This turns into billions of dollars lost, and a 55% increase ...

Ubiquiti Cyber Attack Details Depict a Far More Disastrous Scenario Than Let On

Mar 30, 2021 3:49:36 PM By Stu Sjouwerman

New whistleblower details surrounding the December 2020 attack on the cloud-enabled IoT device manufacturer paints a far worse picture than what was disclosed.

Security Awareness is the Key to Cybersecurity Behavior Change

Mar 26, 2021 1:49:56 PM By Stu Sjouwerman

As organizations seek to find ways to increase the effectiveness of their security stance, many are realizing the value of a cybersecurity-aware employee helping to keep the organization ...