Social Engineering Heaven: Combine AshMad Hack With OPM Data

Sep 5, 2015 10:52:00 AM By Stu Sjouwerman

The Office of Personnel Management has just closed a 133 million dollar contract to protect 21.5 million OPM data breach victims for three years. Wow, "Barn, Horse" anyone? This is an ...

Off With Their Heads! Execs get the ax for data breaches

Aug 19, 2015 5:28:00 PM By Stu Sjouwerman

Until last year, executives were able to pass the buck to IT in case a data breach hit the organization. However, several recent high-profile resignations are now putting the focus on ...

IT Confessions: The Deadly Six Sins Of Data Security

Aug 15, 2015 10:26:00 AM By Stu Sjouwerman

Massive hacks continue to fill the front page of major media outlets. The recent hack of the Federal Office of Personnel Management (OPM) by Chinese state-sponsored hackers again showed ...

Leaked NSA slides: Chinese hackers wreaking havoc on USA

Aug 2, 2015 9:24:00 AM By Stu Sjouwerman

I have been talking for years at this blog about the Chinese hacking into the U.S. for mainly espionage, using highly sophisticated social engineering and spear-phishing attacks. This ...

AshleyMadison: Second Nightmare Phishing Problem

Jul 20, 2015 8:06:00 AM By Stu Sjouwerman

8/19/2015 UPDATE: Yesterday the full 10 Gigabyte database was released on the Internet, with all records including confidential files related to the company itself. People that registered ...

Blackhat 2015 Survey: End-User Wins Easily As IT's Big Worry

Jul 17, 2015 3:50:00 PM By Stu Sjouwerman

According to the 2015 Black Hat Attendee Survey, nearly three quarters (73 percent) of top security professionals think it likely that their organizations will be hit with a major data ...

U.K.-hedge fund loses a million dollars in social engineering attack

Jul 13, 2015 1:42:06 PM By Stu Sjouwerman

A British hedgefund lost more than a million dollars in a social engineering attack on their Chief Financial Officer Thomas Meston, and there is an expensive court case going on because ...

Scam Of The Week: Internet Capacity Warning

Jul 12, 2015 10:58:00 AM By Stu Sjouwerman

OK, so here is the latest scam of the week, possibly fueled by the recent news that we have run out of IPv4 addresses in the U.S. Employees receive an email which claims to be from the ...

A New, Innovative Ransomware Attack Spreads Using Google Drive

Jul 10, 2015 8:56:00 AM By Stu Sjouwerman

An Eastern European cybercrime gang has started a new TorrentLocker ransomware campaign where whole websites of energy companies, government organizations and large enterprises are being ...

Spear Phishing Attack Results In $5.3 Million Bitcoin Cyberheist

Jul 9, 2015 2:20:00 PM By Stu Sjouwerman

"Newly leaked, confidential documents have revealed details into a cyberattack aimed at Bitstamp, a company that fundamentally deals as a cryptocurrency trader, according to a report in ...

OPM Phishing Attack: "Your Data Was Hacked, How To Protect Yourself"

Jul 3, 2015 10:24:04 AM By Stu Sjouwerman

And yes, as we predicted, there are now phishing attacks that mimic Office of Personnel Management (OPM) data breach notifications. The breach has expanded to millions more records. It ...

The Seven Deadly Social Engineering Vices Updated

Jun 17, 2015 12:09:00 PM By Stu Sjouwerman

You may not be aware that there is a scale of seven deadly vices connected to social engineering (SE). The deadliest SE attacks are the ones that have the highest success rates, often ...

Annoying New Ransomware Attack Uses Girl Resumes

Jun 12, 2015 4:22:00 PM By Stu Sjouwerman

The SANS InfoSec Forums noted that since Monday May 25th a new version of CryptoWall 3.0 ransomware started, using both malicious spam and the Angler exploit kit (EK). The attack wave has ...

Some Interesting Security Awareness Computer-Based Training Numbers

May 30, 2015 9:37:00 AM By Stu Sjouwerman

You may know Gartner, the 800-pound gorilla in the IT Analyst space. When a market is mature enough they create their so-called Magic Quadrant (MQ) with the leading vendors in that ...

Adult Friend Finder Hack Is Nightmare Phishing Problem

May 23, 2015 10:21:00 AM By Stu Sjouwerman

Guys, we have a real phishing problem with this Adult Friend Finder (AFF) hack. This particular adult site is one of the most heavily-trafficked websites in the U.S. and has 40 million ...

Tesla Attack Caused By Social Engineering

Apr 29, 2015 10:28:23 AM By Stu Sjouwerman

A few days ago, you may have read the news that Tesla Motors had their website and Twitter accounts hijacked by pranksters. OpenDNS has a blog post that goes into great technical detail.

So, What Is The Real Reason The White House Got Hacked?

Apr 11, 2015 9:58:00 AM By Stu Sjouwerman

According to a new CyberEdge research survey of 19 sectors, including government, spearphishing is the biggest concern to IT security pros, more worrisome than even malware. And only 20 ...

New Ransomware CrypVault Makes Files Look Like They Are Quarantined

Apr 8, 2015 11:38:00 AM By Stu Sjouwerman

New Ransomware CrypVault Evades AV With Simple Batch Scripts A new ransomware strain dubbed CRYPVAULT by Trend Micro is being spread as an email attachment. It's currently focusing on ...

KnowBe4 Offers White House Free Security Awareness Training

Apr 8, 2015 7:47:00 AM By Stu Sjouwerman

April 7, 2015 - CNN reported that The White House said it noticed suspicious activity in the unclassified network that serves the executive office of the president. The KnowBe4 Blog ...

Facebook sends simulated phishing attacks to their employees

Apr 7, 2015 1:31:00 PM By Stu Sjouwerman

Fortune reported: "Each fall, Facebook hosts an event called Hacktober in which its security experts attempt to trick employees into falling for common hacking tricks such as phishing ...

Security Awareness Training Blog

Social Engineering Blog

View Topics