Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

View Topics

FBI Alert: Ransomware Infection Leads To Wire Transfer Fraud

Jan 24, 2015 4:05:00 PM By Stu Sjouwerman
OK, Heads-up! Here is the deal. The FBI and the Internet Crime Complaint Center (IC3) two days ago warned about a new version of a man-in-the-middle scam that targets your CEO, CTO, CFO, ...
Continue Reading

Defense In Depth: Your Answer To Social Engineering

Dec 31, 2014 1:04:36 PM By Stu Sjouwerman
Organizations defend their networks on each of the six levels in the green graph you see. End-user Internet Security Awareness Training resides in the outer layer: ‘Policies, Procedures, ...
Continue Reading

New ransomware called "extortionware" in 2015? Not so much...

Dec 30, 2014 4:17:00 PM By Stu Sjouwerman
TK Keanini, CTO, Lancope wrote a 2015 Predictions editorial over at SC Magazine. He said he expects more malware like CryptoLocker and CryptoWall over the next 12 months, but also ...
Continue Reading

A new strain of "ransomware" is striking

Dec 30, 2014 3:02:49 PM By Stu Sjouwerman
Mitch Lipka of CBS Moneywatch wrote:
Continue Reading

Scam of The Week: LinkedIn Greeting Cards Carrying Malware

Dec 22, 2014 4:37:00 PM By Stu Sjouwerman
System admins hold the keys to the kingdom. The NSA is actively hunting for system admin credentials. A popular way to get you to click on something that installs zero-day malware on your ...
Continue Reading

Malware Used To Wipe Sony's Drives Was Quick And Dirty

Dec 22, 2014 9:44:20 AM By Stu Sjouwerman
It's still not clear (and it may never be discovered) how the Democratic People's Republic of (North) Korea (DPRK) hackers came in, perhaps they used all available threat vectors since ...
Continue Reading

Hackers Spear-phish ICANN And Compromise DNS Zone System

Dec 18, 2014 3:58:00 AM By Stu Sjouwerman
It does not get any worse than this. Or better than this, if you are a criminal hacker. Domain-name management organization ICANN announced it has been hacked and its DNS zone ...
Continue Reading

New Ransomware called KEYHolder from CryptorBit Cybergang

Dec 16, 2014 3:04:08 PM By Stu Sjouwerman
Bleeping Computer had the scoop again: " A new ransomware has been released called KEYHolder that is from the same developers of CryptorBit . Like CryptorBit, this infection encrypts your ...
Continue Reading

Breaking News 2 New Ransomware Strains

Dec 15, 2014 9:31:00 AM By Stu Sjouwerman
#1 OphionLocker The first one is a new strain of ransomware named OphionLocker. It encrypts your data using strong open source Crypto++ Elliptical Curve Cryptography and then ransoms the ...
Continue Reading

Experts: The Human Factor Key Challenge To Information Security

Dec 13, 2014 1:18:29 PM By Stu Sjouwerman
The lack of awareness and understanding of risks is one of the biggest challenges to information security, according to a panel of experts. Research showed that 93% of data breaches ...
Continue Reading

Ransomware Beats APT In Terms Of Severe Impact

Dec 13, 2014 12:37:00 PM By Stu Sjouwerman
MalwareBytes Research showed that in the year 2014, 82% of companies were attacked online. Their research also showed that browser vulnerabilities will be the biggest challenge going ...
Continue Reading

Phishing Lessons Learned in 2014? Employee Training Matters

Dec 6, 2014 11:33:51 AM By Stu Sjouwerman
Our friends at Wombat created a good summary why security awareness training is a must these days. Why?
Continue Reading

Top 10 InfoSec Pain Points

Dec 6, 2014 11:07:00 AM By Stu Sjouwerman
Continue Reading

Savvy Hackers Use Spearphishing to steal Wall Street M&A info

Dec 1, 2014 8:02:00 PM By Stu Sjouwerman
What if you knew beforehand about mergers and acquisitions, and could trade with that inside information? Well that's been going on for more than a year.
Continue Reading

Homeland Security: Security Education Deterred Cybercrime

Nov 26, 2014 12:56:00 PM By Stu Sjouwerman
Homeland Security Today has a good article which explains that cybersecurity education, including employee training and awareness programs, is vital in deterring cybercrime. The ...
Continue Reading

Software Support Cybercrime Scam

Nov 22, 2014 9:27:00 AM By Stu Sjouwerman
This week the FTC shut down a $120M tech support scam that consumer software buyers should be aware of. Two telemarketing firms were at the center of this FTC investigation, but there are ...
Continue Reading

STATE DEPT COMPUTERS HACKED, EMAIL SHUT DOWN

Nov 17, 2014 9:33:00 AM By Stu Sjouwerman
Associated Press just reported that the State Department has taken the unprecedented step of shutting down its entire unclassified email system as technicians repair possible damage from ...
Continue Reading

New Flavor of Ransomware Is More User Friendly

Nov 15, 2014 2:48:00 PM By Stu Sjouwerman
It's been more than a year since the first vicious ransomware stuck up its ugly head.
Continue Reading

SCAM of the Week: Free Pizza Delivers Malware

Nov 8, 2014 11:08:00 AM By Stu Sjouwerman
There is a current, active cybercrime campaign going, using the tempting lure of free pizza, researchers at Cloudmark warned. They spotted new spam emails claiming to be a campaign from ...
Continue Reading

PCI Publishes Guidance On Security Awareness Training

Nov 1, 2014 11:46:00 AM By Stu Sjouwerman
The Payment Card Industry Council thinks Security Awareness Training is so important that they just published a 25-page guidance paper that fully explains the why, how and what of ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews