Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

View Topics

Scam of The Week: LinkedIn Greeting Cards Carrying Malware

Dec 22, 2014 4:37:00 PM By Stu Sjouwerman
System admins hold the keys to the kingdom. The NSA is actively hunting for system admin credentials. A popular way to get you to click on something that installs zero-day malware on your ...
Continue Reading

Malware Used To Wipe Sony's Drives Was Quick And Dirty

Dec 22, 2014 9:44:20 AM By Stu Sjouwerman
It's still not clear (and it may never be discovered) how the Democratic People's Republic of (North) Korea (DPRK) hackers came in, perhaps they used all available threat vectors since ...
Continue Reading

Hackers Spear-phish ICANN And Compromise DNS Zone System

Dec 18, 2014 3:58:00 AM By Stu Sjouwerman
It does not get any worse than this. Or better than this, if you are a criminal hacker. Domain-name management organization ICANN announced it has been hacked and its DNS zone ...
Continue Reading

New Ransomware called KEYHolder from CryptorBit Cybergang

Dec 16, 2014 3:04:08 PM By Stu Sjouwerman
Bleeping Computer had the scoop again: " A new ransomware has been released called KEYHolder that is from the same developers of CryptorBit . Like CryptorBit, this infection encrypts your ...
Continue Reading

Breaking News 2 New Ransomware Strains

Dec 15, 2014 9:31:00 AM By Stu Sjouwerman
#1 OphionLocker The first one is a new strain of ransomware named OphionLocker. It encrypts your data using strong open source Crypto++ Elliptical Curve Cryptography and then ransoms the ...
Continue Reading

Experts: The Human Factor Key Challenge To Information Security

Dec 13, 2014 1:18:29 PM By Stu Sjouwerman
The lack of awareness and understanding of risks is one of the biggest challenges to information security, according to a panel of experts. Research showed that 93% of data breaches ...
Continue Reading

Ransomware Beats APT In Terms Of Severe Impact

Dec 13, 2014 12:37:00 PM By Stu Sjouwerman
MalwareBytes Research showed that in the year 2014, 82% of companies were attacked online. Their research also showed that browser vulnerabilities will be the biggest challenge going ...
Continue Reading

Phishing Lessons Learned in 2014? Employee Training Matters

Dec 6, 2014 11:33:51 AM By Stu Sjouwerman
Our friends at Wombat created a good summary why security awareness training is a must these days. Why?
Continue Reading

Top 10 InfoSec Pain Points

Dec 6, 2014 11:07:00 AM By Stu Sjouwerman
Continue Reading

Savvy Hackers Use Spearphishing to steal Wall Street M&A info

Dec 1, 2014 8:02:00 PM By Stu Sjouwerman
What if you knew beforehand about mergers and acquisitions, and could trade with that inside information? Well that's been going on for more than a year.
Continue Reading

Homeland Security: Security Education Deterred Cybercrime

Nov 26, 2014 12:56:00 PM By Stu Sjouwerman
Homeland Security Today has a good article which explains that cybersecurity education, including employee training and awareness programs, is vital in deterring cybercrime. The ...
Continue Reading

Software Support Cybercrime Scam

Nov 22, 2014 9:27:00 AM By Stu Sjouwerman
This week the FTC shut down a $120M tech support scam that consumer software buyers should be aware of. Two telemarketing firms were at the center of this FTC investigation, but there are ...
Continue Reading

STATE DEPT COMPUTERS HACKED, EMAIL SHUT DOWN

Nov 17, 2014 9:33:00 AM By Stu Sjouwerman
Associated Press just reported that the State Department has taken the unprecedented step of shutting down its entire unclassified email system as technicians repair possible damage from ...
Continue Reading

New Flavor of Ransomware Is More User Friendly

Nov 15, 2014 2:48:00 PM By Stu Sjouwerman
It's been more than a year since the first vicious ransomware stuck up its ugly head.
Continue Reading

SCAM of the Week: Free Pizza Delivers Malware

Nov 8, 2014 11:08:00 AM By Stu Sjouwerman
There is a current, active cybercrime campaign going, using the tempting lure of free pizza, researchers at Cloudmark warned. They spotted new spam emails claiming to be a campaign from ...
Continue Reading

PCI Publishes Guidance On Security Awareness Training

Nov 1, 2014 11:46:00 AM By Stu Sjouwerman
The Payment Card Industry Council thinks Security Awareness Training is so important that they just published a 25-page guidance paper that fully explains the why, how and what of ...
Continue Reading

Scam Of The Week: Ebola Phishing Grows In Volume

Oct 19, 2014 9:52:00 AM By Stu Sjouwerman
I have been warning here before that Ebola phishing attacks would be more and more prevalent, as a result of the mass-media spending increasing amounts of time covering this threat.
Continue Reading

Poll: Employees Clueless About Social Engineering

Oct 2, 2014 2:20:00 PM By Stu Sjouwerman
Fresh from Dark reading: "When it comes to social engineering, Pogo, the central character of a long-running American comic strip, said it best. "We have met the enemy and he is us."
Continue Reading

New Android Ransomware Strain Locks The Device Twice

Sep 22, 2014 3:07:00 PM By Stu Sjouwerman
Researchers in Russia discovered a new Android ransomware strain which does not lock the device just once but twice. It spreads by using a social engineering trick, disguising itself as a ...
Continue Reading

Home Depot, Target Breaches Exploited Old WinXP Flaw

Sep 20, 2014 2:12:00 PM By Stu Sjouwerman
The massive security breaches and theft of credit card information at The Home Depot and Target have something in common. They were both allowed by a vulnerability in XP embedded that was ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews