F-Secure Cautions about Fresh Olympic-themed Spam

Jun 4, 2012 7:31:17 AM By Stu Sjouwerman

F-Secure the security company based in Finland has recently cautioned that spam mails themed on the Olympics are targeting Internauts while carrying web-links to one malevolent PDF file ...

Fake LinkedIn Emails To Reset Your Password

Jun 4, 2012 7:26:56 AM By Stu Sjouwerman

Since LinkedIn had their IPO, they have been in the news a lot more, even if only to compare them with the recent Facebook IPO Debacle. But the better known you are, the bigger target you ...

Malicious PowerPoint File Contains Exploit, Drops Backdoor

Jun 4, 2012 6:24:38 AM By Stu Sjouwerman

TrendLabs discovered a malicious MS PowerPoint document that arrives attached to email messages. The file contains an embedded Flash file, which exploits a software bug found in specific ...

Chinese hacker brings grief to Calgarys Catholic school system

May 29, 2012 4:01:09 AM By Stu Sjouwerman

Hackers will find any mail server that is not protected and/or configured correctly and use it to send out as much spam as possible. This gets the unsuspecting organization blacklisted ...

VIDEO The Top 5 Online Security Traps And How To Avoid Them

May 24, 2012 3:38:50 AM By Stu Sjouwerman

GFI is one of the few antivirus vendors that understands the importance of prevention and end-user training. They produced this useful video that in two minutes illustrates the top 5 ...

Gmail Security Hole Allows Hackers To Automate Social Engineering Trick

May 23, 2012 5:03:39 AM By Stu Sjouwerman

Christopher Mims over at Technology Review was the first one to report on this. A large Gmail security hole could lead to mass harvesting of accounts, as hackers can automate this social ...

Fake Facebook Account Cancelation Requests Lead to Malware

May 22, 2012 9:57:14 AM By Stu Sjouwerman

Softpedia reported: "A shady-looking email, apparently originating from Facebook, has been seen in inboxes, informing users that the social media network has received an account ...

Hackers Target the Weakest Link: The End User

May 22, 2012 6:03:59 AM By Stu Sjouwerman

I was interviewed by Jeremy Quittner yesterday. Here is how he started his article in American Banker today: "It took Stu Sjouwerman, the founder and chief executive of security firm ...

Guessable Passwords: The Unpatchable Exploit

May 21, 2012 6:46:16 AM By Stu Sjouwerman

Monday morning, I found a tweet by @INFOSECSchool with the above title. I admit, it's a catchy phrase and sure enough, IF you allow easy passwords, it's an invitation to get hacked. This ...

Fake Amex ID Verification

May 21, 2012 6:11:47 AM By Stu Sjouwerman

[caption id="" align="alignleft" width="260" caption="Fake Amex ID Verification"][/caption] OK, here is another one to warn everyone about, especially the employees that have a ...

Russia's most effective cybercriminals

May 16, 2012 10:53:39 AM By Stu Sjouwerman

Rod Rasmussen over at SecurityWeek has a really interesting article about a Russian cyber gang driving a massive wave of fraud: "Tucked away in a small town outside Moscow, Russia one of ...

Gartner considers security awareness training an essential tool for all companies

May 12, 2012 8:34:07 AM By Stu Sjouwerman

Linda Musthaler, at NetworkWorld just wrote an excellent article about training workers to be cyber safe. One paragraph was especially noteworthy: “In 2012 we’re already seeing a sharp ...

I am a malware coder and botnet operator

May 11, 2012 3:20:23 AM By Stu Sjouwerman

This is a discussion on Reddit, where a (presumably Polish) malware coder and botnet operator very candidly answers questions from people. This is a fascinating but rather technical read, ...

News - FBI warns against malware installed via hotel networks

May 9, 2012 3:59:59 AM By Stu Sjouwerman

The Internet Crime Complaint Center had this 'Intelligence Note': "Recent analysis from the FBI and other government agencies demonstrates that malicious actors are targeting travelers ...

The Average Cyberespionage Attack Goes On For 416 Days

May 6, 2012 3:03:48 AM By Stu Sjouwerman

WIRED Mag has a great article by Kim Zetter. It boils down to the fact that high-level hackers are able to get and stay in your network. And even if you are able to kick them out, they ...

Symantec Report Says User Behavior is Root of Most Breaches

May 4, 2012 8:51:55 AM By Stu Sjouwerman

Tracy Kitten over at BankInfoSecurity spotted something interesting in Symantec's recent Internet Security Threat Report. This is the upshot: "Which Internet security threats pose the ...

$1,000 Walmart Gift Card Scam Inflates Your Phone Bill

May 4, 2012 3:04:56 AM By Stu Sjouwerman

We have seen crooked Walmart gift card offers before, but now and then I run across one that's craftier than earlier versions. And as usual, you do not get the gift card, but a high dose ...

Proof: Antivirus Only Defends Against Low-skilled Attackers

May 3, 2012 4:40:59 AM By Stu Sjouwerman

The SANS Computer Forensics and Incident Response team built a real-life network for their students so they could learn how to hack into the network. They put McAfee enterprise endpoint ...

Bogus PayPal payment alert causes malware infection

May 2, 2012 3:12:03 AM By Stu Sjouwerman

Gary Warner just reported: "A new malicious spam campaign has just launched this morning targeting Paypal users. This malware campaign attempts to "social engineer" users into clicking a ...

Cybercrime uses hidden file extensions to trick users

May 2, 2012 3:00:26 AM By Stu Sjouwerman

Symantec contributor Fred Gutierrez shows clearly in this blog post why it can be deadly to click on a .JPG file: "Cybercriminals have continuously evolved their methods throughout the ...

Security Awareness Training Blog

Social Engineering Blog

View Topics