A New Spear Phishing Attack Uses Compromised Government Servers And DNS

Oct 15, 2017 9:02:54 AM By Stu Sjouwerman

Cisco's Talos malware researchers posted about a highly sophisticated, targeted spear phishing attack using malicious Word attachments, spoofed to look like it was from the U.S. ...

Third Quarter 2017 Top-Clicked Phishing Email Subjects [INFOGRAPHIC]

Oct 11, 2017 5:16:00 PM By Stu Sjouwerman

KnowBe4 customers run millions of phishing tests per year, and we report quarterly on the latest top-clicked phishing email subjects in 3 separate categories: subjects related to social ...

A Phishing Attack in the Clouds May Rain On Your Parade

Sep 1, 2017 5:02:27 PM By Stu Sjouwerman

According to MeriTalk, an editorial and events organization that focuses on Federal IT and government computing technologies, governments are moving some, or all of their IT to the Cloud, ...

New Defray Ransomware Demands $5,000 In Customized Spear Phishing Attacks

Aug 26, 2017 10:42:45 AM By Stu Sjouwerman

This newly discovered ransomware strain is targeting healthcare, education, manufacturing and tech sectors in the US and UK, using customized spear phishing emails. Defray is demanding a ...

Ukrainian Coder May Be First Potential Witness of DNC Phishing Attack

Aug 17, 2017 4:53:23 PM By Stu Sjouwerman

A lengthy and fascinating article in the New York Times by Andrew E. Kramer and Andrew Higgens on August 16, 2017 reported that a Ukranian coder known to his friends on the “dark web” as ...

This Is A First: Spear Phishing Attack Uses Compromised PowerPoint Slide Deck

Aug 15, 2017 9:36:32 AM By Stu Sjouwerman

Bad guys are exploiting the CVE-2017-0199 vulnerability to bypass endpoint security software and deliver the Remcos remote access Trojan via Microsoft PowerPoint decks. This particular ...

APT28 Uses Spear Phishing and NSA EternalBlue Exploit To Attack Hotel Wi-Fi

Aug 13, 2017 10:28:43 AM By Stu Sjouwerman

Russian APT28 (aka the Fancy Bear hacking group) is harnessing EternalBlue; NSA's Windows SMB exploit which made the WannaCry ransomware and Petya so effective — and are using it to ...

Top White House officials fall for prankster social engineering tricks

Aug 10, 2017 7:25:48 AM By Stu Sjouwerman

A UK-based email prankster used social engineering tactics to fool several top White House officials into responding to his messages, including the Trump administration’s cybersecurity ...

Second Quarter 2017 Top-Clicked Phishing Email Subjects [INFOGRAPHIC]

Jul 14, 2017 5:33:06 PM By Stu Sjouwerman

KnowBe4 customers run millions of phishing tests per year, and we report at least quarterly on the latest top-clicked phishing email subjects so our customers know what the highest-risk ...

Netflix, ABC Hacker Promises More Phishing: "Hollywood Is Under Attack"

Jun 7, 2017 7:29:36 AM By Stu Sjouwerman

The Hollywood Reporter (THR) talked directly to TheDarkOverlord hacking collective that claims to have studio films. They said: "We're in the business of earning vast amounts of internet ...

Top Secret NSA Doc Shows Russians Spear-Phishing Election Officials

Jun 6, 2017 8:00:18 AM By Stu Sjouwerman

The Intercept reported that the GRU (Russian Military Intelligence, the FSB's counterpart) executed a cyberattack on at least one U.S. voting software supplier and sent spear-phishing ...

The New Ransom Target: Entertainment Files. Who Is The Next Phishing Victim?

May 21, 2017 7:18:35 AM By Stu Sjouwerman

Remember the James Bond movie Goldfinger? It was based on Ian Fleming's seventh novel, which first featured the timeless quote: "Once is happenstance, twice is coincidence, the third time ...

Facebook and Google Were Victims of 100 Million-Dollar Phishing Scam

Apr 29, 2017 10:52:22 AM By Stu Sjouwerman

We have been reporting on this massive Cyberheist for a while now, but Fortune Magazine decided to unleash their investigative reporters and find out exactly who those two mysterious ...

A Single Spear Phishing Click Caused The Yahoo Data Breach

Mar 18, 2017 10:51:01 AM By Stu Sjouwerman

A single click was all it took to launch one of the biggest data breaches ever. One mistaken click. That's all it took for a Canadian hacker aligned with rogue Russian FSB spies to gain ...

Verizon Wanted A 925 Million Discount Because Of Yahoo Hacking. CEO Mayer gets 23 Million Parachute

Mar 14, 2017 7:47:12 AM By Stu Sjouwerman

A newly filed Schedule A proxy statement at the Securities and Exchange Commission shows that Verizon requested a discount of 925 million dollar off the original 4.83 billion purchase ...

SEC Phishing Emails Target Execs For Inside Info

Mar 11, 2017 3:07:06 PM By Stu Sjouwerman

A sophisticated phishing attack is trying to get confidential corporate information. Bad guys are sending spoofed emails claiming to be from the Security and Exchange Commission, and ...

VISA warns for Flokibot Spear Phishing Infections

Mar 1, 2017 2:31:10 PM By Stu Sjouwerman

VISA warned all its merchants that multiple infosec firms reported on the emerging threat of a new malware variant identified as “Flokibot.”

Bad News: Your Antivirus Detection Rates Have Dramatically Declined In 12 Months

Jan 15, 2017 9:05:58 AM By Stu Sjouwerman

We all had the nagging suspicion that antivirus is not cutting it anymore, but the following numbers confirm your intuition. I have not seen more powerful ammo for IT security budget to ...

Russian Breach US Grid? Nah, Someone Fell For Social Engineering And Enabled Macros

Dec 31, 2016 10:38:19 AM By Stu Sjouwerman

Breathlessly, the Washington Post reports that the Russian Grizzly Steppe malware was found within the system of a Vermont power utility. Nah, they just dodged a bullet. This time someone ...

AI-powered ransomware is coming, and it's going to be terrifying

Oct 12, 2016 8:09:30 AM By Stu Sjouwerman

Business Insider started an article with the following: "Imagine you've got a meeting with a client, and shortly before you leave, they send you over a confirmation and a map with ...

Security Awareness Training Blog

Spear Phishing Blog

View Topics