Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

View Topics

Your AntiVirus Does Not See NSA's Botnet

Nov 23, 2013 12:03:00 PM By Stu Sjouwerman
The revelations are getting wilder by the week. The NSA has its own botnet, they infected more than 50,000 computer networks worldwide with malicious software designed to steal sensitive ...
Continue Reading

Why you shouldn’t connect to just any free Wi-Fi

Nov 21, 2013 11:50:00 AM By Stu Sjouwerman
Our friends at MalwareBytes put up a great blog post that explains in detail why you should not just connect to any free Wi-Fi. The risk is that you will connect to a hostile Wi-Fi access ...
Continue Reading

Edward Snowden Used Social Engineering To Hack NSA

Nov 18, 2013 10:21:00 AM By Stu Sjouwerman
Ex-NSA contractor Edward Snowden used user names and passwords that colleagues at a spy base in Hawaii gave him to access some of the classified material he exfiltrated. Around 20-25 ...
Continue Reading

A Serious Legal Liability: Bad or No Security Awareness Training

Oct 28, 2013 7:45:00 AM By Stu Sjouwerman
Please read this article and then forward it to the head of your legal department or the person in your organization who is responsible for compliance. Recently, the Department of Health ...
Continue Reading

Spear phishing alert: Hong Kong Monetary Authority Invoice

Oct 12, 2013 9:23:00 AM By Stu Sjouwerman
Experts warn that cybercriminals are using fake Hong Kong Monetary Authority invoices to distribute a piece of malware. The emails are entitled “Invoice #3404196 – Remit File” and they ...
Continue Reading

More Likely to Fall for a Phishing Scam If You’re a Neurotic Woman?

Oct 7, 2013 9:48:00 AM By Stu Sjouwerman
Softpedia published an article I have a problem with. There is so much wrong with this that I don't even know where to start. They started out with:
Continue Reading

Inside The Adobe Databreach Disaster

Oct 7, 2013 9:21:00 AM By Stu Sjouwerman
Last week Adobe announced probably the worst news ever for a tech company. Both their source code and customer lists had been stolen. EPIC FAIL!
Continue Reading

Your Employees' Identity -Has- Been Stolen

Sep 30, 2013 9:21:00 AM By Stu Sjouwerman
There is the expression that there are two kinds of companies. The ones that know they are hacked and the ones that don't. It's safe to assume your network has already been compromised ...
Continue Reading

FBI: “Beta Bot” malware kills your anti-virus and steals data

Sep 20, 2013 2:13:00 PM By Stu Sjouwerman
This week, the FBI sent out a warning that a strain of malware known as "Beta Bot" can turn off your antivirus, stops access to the websites of antivirus vendors so that your antivirus ...
Continue Reading

Is Your Security Awareness Training Program Broken?

Sep 17, 2013 4:39:00 PM By Stu Sjouwerman
Steve Ragan over at CSO Magazine wrote:
Continue Reading

RAPID7 SECURING USER RISK

Sep 17, 2013 3:00:00 PM By Stu Sjouwerman
Rapid7 found 66% of IT professionals conduct user security awareness training to reduce the risk of successful phishing attacks.
Continue Reading

Scam Of The Week: Ransomware Uses Child Porn Threat

Sep 13, 2013 4:44:00 PM By Stu Sjouwerman
Getting caught viewing child porn is a huge deal and instantly makes you an outcast in most western countries. Cybercriminals have cooked up a new way to blackmail people out of their ...
Continue Reading

Scam Of The Week: "U.S. Starts Bombing Syria"

Sep 7, 2013 3:13:00 PM By Stu Sjouwerman
This one is crafty. There is a fake CNN spam being sent with a subject that reads: "The United States began bombing!" in Syria, but clicking on it will likely result in the workstation ...
Continue Reading

Kevin Mitnick Security Awareness Training 2014

Sep 3, 2013 5:57:00 PM By Stu Sjouwerman
Continue Reading

Kevin Mitnick Details Modern IT Threats; spear phishing and more

Sep 2, 2013 12:50:00 PM By Stu Sjouwerman
One of the most infamous hackers of all time talks about Website security and what users should do to protect themselves. In the world of computer security hackers, few are as well-known ...
Continue Reading

Cybercrime Automates Fake ID's For Spear-phishing

Aug 28, 2013 9:39:00 AM By Stu Sjouwerman
Today it was reported through several sources that a new Cybercrime-as-a-Service option is available: creation of fake scanned passports, ID cards, driver's licenses and fake scanned ...
Continue Reading

Are Your Email Addresses On A Russian Phishing Site?

Aug 18, 2013 11:34:00 AM By Stu Sjouwerman
We are finding many U.S. commercial email addresses at the Russianemailsworld.boommer.ru website. It is really a 'staging' area for emails to be posted by the criminal underground. They ...
Continue Reading

Spear-phishing attackers vandalize CNN, TIME and Wash Post

Aug 16, 2013 8:40:00 AM By Stu Sjouwerman
You would think that by now journalists and people in media and advertising would be on the alert for social engineering red flags. But no. Syrian hacktivists sent a spear-phishing attack ...
Continue Reading

Hackers put a bull's-eye on small business

Aug 15, 2013 10:05:00 AM By Stu Sjouwerman
Less than 500 employees? You’ve got a 20 percent chance of being hacked, and if it happens there’s a good chance your business is finished.
Continue Reading

We started trusting bad code from Day One

Aug 11, 2013 2:08:00 PM By Stu Sjouwerman
Vint Cerf – Photo by Charles Haynes
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews