Security Awareness Training Blog

Spear Phishing Blog

Learn about current spear phishing attacks, specific examples, and techniques the bad guys are currently using so your users don't fall for these attacks.

Savvy Hackers Use Spearphishing to steal Wall Street M&A info

What if you knew beforehand about mergers and acquisitions, and could trade with that inside information? Well that's been going on for more than a year.
Continue Reading

STATE DEPT COMPUTERS HACKED, EMAIL SHUT DOWN

Associated Press just reported that the State Department has taken the unprecedented step of shutting down its entire unclassified email system as technicians repair possible damage from ...
Continue Reading

New Flavor of Ransomware Is More User Friendly

It's been more than a year since the first vicious ransomware stuck up its ugly head.
Continue Reading

Small business thinks workers are weak cybersecurity link

The poll was conducted by Spiceworks Voice of IT on behalf of CloudEntr in September. The study collected 438 surveys from IT professionals at companies with 20 to 499 employees in ...
Continue Reading

Home Depot Hackers Also Steal 53 Million Email Addresses

As if it wasn't bad enough to lose 56 million credit card accounts, now Home Depot has to admit it also lost 53 million email addresses. This gives the bad guys a fabulous opportunity to ...
Continue Reading

Symantec: Crypto Ransomware Phishing Up 700 Percent in 2014

Very interesting data from Symantec. This is fresh from the press and shows Phishing, Spam and Malware trends. There is a PDF with a whole bunch more data, but these are the most relevant ...
Continue Reading

Cyber Criminals Use AEA-256 Crypto To Obfuscate Phishing Sites

The Register said: "Well, at least someone listened to Snowden about privacy... Phishing fraudsters have begun using industry-standard AES-256 encryption to disguise the content of ...
Continue Reading

KnowBe4's Email Exposure Check Discovers Data Breach

You are probably aware of the free one-time Email Exposure Check Pro (EEC Pro) we can run for you. We find all the email addresses of your domain that are out there available on the ...
Continue Reading

Phishing: 4.5 million Community Health patients records stolen

n">(Reuters) - Community Health Systems Inc, one of the biggest U.S. hospital groups, said it was the victim of a cyber attack that originated in China, resulting in the theft of ...
Continue Reading

Tenn. Firm Sues Bank Over $327K Cyberheist

Continue Reading

Scam Of The Week: See Robin Williams Last Words On Video

Last night, news broke that Robin Williams was found dead in his home in Marin County, CA. It is suspected that it was either a suicide or an overdose. This is a celebrity death that the ...
Continue Reading

Phishing Scam Of The Week: Free World Cup Trip To Brazil

The 2014 FIFA World Cup football (soccer) has kicked off this week, and so have phishing campaigns trying to trick you into scams for free tickets, realtime news and online streaming of ...
Continue Reading

CryptoLocker Clone Serves Up Energy Bill Spam Campaign

And here's another ransomware wannabe that has ripped off the CryptoLocker brand but is something totally different. A recent spam campaign sending out emails masquerading as an ...
Continue Reading

CryptoLocker Goes SpearPhishing

You may be familiar with a site called Spiceworks. They have free system admin and network management software, and their business model is advertising to the hundreds of thousands that ...
Continue Reading

Microsoft to XP You Are Dead To Us

Microsoft to XP: "You Are Dead To Us". This week, Redmond reminded all of us still running XP that we would not receive security updates on Patch Tuesday or any future patches of any kind.
Continue Reading

Phishing Attacks Work Best On Wednesday, Coming From IT

I had a look at the recent Mandiant M-Trends report. Interesting stuff. They observed that employees seem to fall for hacking tricks mostly on Wednesdays, and are most likely to click on ...
Continue Reading

ALERT - CryptoLocker Has A Competitor That Is Worse: CryptoDefense

As we said before, there is furious competition between cybergangs. Late February 2014 a copycat ransomware competitor to Cryptolocker was released which outdoes CryptoLocker. The malware ...
Continue Reading

Attacks Give Lift to Cyber Insurance

Today in the Wall Street Journal, reporter Leslie Scism quoted Bloomberg News that "Target's data breach 'was the equivalent of 10 free Super Bowl ads."
Continue Reading

Hackers hit Monster Jobs users with Gameover Zeus malware

Companies that are recruiting new employees are being targeted through Monster Jobs. The bad guys are using malware called Gameover Zeus, security firm F-secure reported in a blog post ...
Continue Reading

Target Breach: Where The Weak Points Were

Dave Kearns posted March 18 that he's been fascinated by the information that keeps coming out of the Taget Stores data breach. He's got a great analysis, and he ends off with words that ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews