The Top Lesson From The Recent Louisiana 2,000-server Ransomware Infection: "User Education, User Education, User Education"

Nov 29, 2019 11:57:37 AM By Stu Sjouwerman

Louisiana suffered a ransomware attack last week that took down more than two thousand of the state’s computers and servers. The ransomware apparently entered the network after a user ...

Google Sent 12K Nation-State Phishing Warnings In Three Months

Nov 27, 2019 6:54:24 AM By Stu Sjouwerman

Google's Threat Analysis Group (TAG) delivered thousands of alerts of government-backed attempts to spearphish gmail users over just a three-month period earlier this year, they reported.

Phishing Simulations Should be Educational, not Punitive

Nov 25, 2019 10:46:55 AM By Stu Sjouwerman

Phishing training programs need to be focused on educating employees rather than on shaming them, according to David Spark and Allan Alford, co-hosts of the Defense in Depth podcast. On ...

Waterloo Brewing loses $2.1 million in social engineering cyberattack

Nov 22, 2019 1:56:38 PM By Stu Sjouwerman

Waterloo Brewing Ltd. says it has lost $2.1 million in what it calls a social engineering cyberattack. The Ontario brewery says the incident occurred in early November and involved the ...

[Heads-up. This Is Ugly] After Refusing The Maze Ransomware Payment, Their Stolen Data Was Leaked

Nov 22, 2019 6:47:54 AM By Stu Sjouwerman

After a deadline was missed for receiving a ransom payment, the group behind Maze Ransomware has published almost 700 MB worth of data and files stolen from a security staffing firm. Our ...

A massive international email scam netted $3 million worth of top-secret US military equipment

Nov 21, 2019 6:42:43 AM By Stu Sjouwerman

In a recent case first reported by Quartz, a crew of international cyber criminals allegedly convinced an unidentified US defense contractor to send them millions of dollars worth of ...

It's Happening The World Over: $300K Lost To Phone Scammer

Nov 21, 2019 5:51:23 AM By Stu Sjouwerman

A woman in Singapore lost $300,000 to a scammer posing as a Singtel customer service employee, according to the Straits Times. The scammer told the victim he would fix some problems with ...

An Australian Watering Hole (but in Canberra, not the Outback)

Nov 20, 2019 7:12:14 AM By Stu Sjouwerman

The Australian Federal Parliament suffered a malware infection earlier this year after some users fell victim to a watering hole attack, the Australian Broadcasting Corporation (ABC) ...

Cybercriminal Gang, Silent Starling, Creates New ‘Vendor Email Compromise’ Category

Nov 19, 2019 2:38:04 PM By Stu Sjouwerman

New attacks focus on organizations with global supply chains looking to trick a supplier’s customers into paying fake invoices and have already impacted 500 organizations worldwide.

Malware Delivered Via Fake Browser Updates Are Back and are More Sophisticated Than Ever

Nov 19, 2019 2:34:30 PM By Stu Sjouwerman

Leveraging vulnerable website content management platforms, these attacks seek to trick users into installing malware under the guise that their web browser is out-of-date.

Now HERE is an interesting Phishing Campaign!

Nov 19, 2019 8:51:01 AM By Stu Sjouwerman

It's a phishing campaign against phishing campaigns! :-D It's a public service program that educates organizations and societies globally on the greatest cyber risk of all - the falsehood ...

Ransomware Attack Hits Louisiana State Servers

Nov 19, 2019 8:43:15 AM By Stu Sjouwerman

Louisiana Governor John Bel Edwards on Monday revealed that a ransomware attack hit state servers, prompting a response from the state’s cyber-security team. The incident appears to have ...

A Look at Election Influence And Social Engineering

Nov 19, 2019 8:37:51 AM By Stu Sjouwerman

Attempts to influence elections are by no means new, but highly targeted online advertising requires people to think about social engineering in the form of political messaging in a new ...

Real Estate Scams Have Gone Global. Bad Guys Caused Tens of Thousands of Dollars Damage Down Under

Nov 18, 2019 3:32:04 PM By Stu Sjouwerman

Scammers hijacked a total of $70,000 by imitating an Australian settlement agent’s email address, and then tricking two property buyers into sending the money to the wrong account, Perth ...

[Heads-Up] Scam Of The Week: Thousands Of Hacked Disney+ Accounts Are Already For Sale On Criminal Sites

Nov 18, 2019 7:00:00 AM By Stu Sjouwerman

Apart from me, guess who has been anticipating the Disney+ channel?

A Majority of Organizations Experience Breaches Despite a Majority Saying They Are Prepared to Defend Against Them

Nov 18, 2019 7:00:00 AM By Stu Sjouwerman

The mismatch of signals by IT organizations shows a potential overestimation on IT’s part about its ability to prevent and protect against new cyberthreats.

[Heads Up] This New, Unusual Ransomware Strain Goes Exclusively After Servers

Nov 12, 2019 11:52:31 AM By Stu Sjouwerman

Danny Palmer at ZDnet alerted on the following: "An unconventional form of ransomware is being deployed in targeted attacks against enterprise servers – and it appears to have links to ...

TrickBot Malware Uses Highly Personalized Fake Sexual Harassment Complaints as Phishing Bait

Nov 12, 2019 7:00:00 AM By Stu Sjouwerman

Fake sexual harassment complaints appearing to come from the U.S. Equal Employment Opportunity Commission (EEOC) are the latest baits used by attackers to disseminate TrickBot banking ...

People Need to Work Together to Spot Con Artists

Nov 12, 2019 6:53:06 AM By Stu Sjouwerman

It might not be possible to resist a good con artist, according to award-winning author, journalist, and champion poker player Maria Konnikova. On the CyberWire’s Hacking Humans podcast, ...

Phishing Resistance for Charities

Nov 11, 2019 2:19:55 PM By Stu Sjouwerman

81% of charities say they’ve been targeted by a phishing attack this year, according to Ed Macnair, writing for UK Fundraising. Meanwhile, only 37% of charities think their IT and ...

Security Awareness Training Blog

Social Engineering Blog

View Topics