Tag: security awareness training

[Heads Up] Microsoft: Ransomware Gangs That Don’t Threaten To Leak Your Data Steal It Anyway

That means you can from now on count a ransomware infection as a data breach with all the consequences that this brings. Moreover, the so-called “human-operated” ransomware gangs have stepped up their attacks amid the pandemic to maximize their ill-gotten profits. In fact, Redmond also reported that they launched more of the file-encrypting malware on […]

WSJ: “Losing $450,000 in Three Days: Hackers Trick Victims Into Big Wire Transfers”

Rachel Louise Ensign wrote a great story for the WSJ about CEO Fraud, also known by the FBI as Business Email Compromise. I’m quoting an extract and I strongly recommend sending a link to the original WSJ article to your C-levels as it’s excellent ammo to get budget for new-school security awareness training. “In 2018, […]

[Heads-up] Will Proposed New Laws *Ban* Making Ransomware Payments?

The ransomware scourge has become much worse the last 12 months. Highly organized cybercrime gangs have iterated their attacks into a massive extortion racket. They are focusing on easy prey, and recently dozens of local governments, school systems and non-profits have been infected, apart from very visible large companies that suffered weeks of downtime. To […]

5 Tips to Prevent CEO Fraud

Every day, employees are regularly receiving spoofed emails. Even C-level executives are receiving fraudulent requests to transfer money or provide sensitive information. This form of social engineering is known as CEO fraud and it’s becoming more and more common. Ingenious Tricks The spike in the number of CEO fraud attempts indicates that cyber criminals are […]

Cyber-Insurance Premiums Jump as High as 25% and May Now Require Co-Insurance

With enough claims under the belts of insurance companies covering data ransoms, data theft, and other types of cyberattack, the risk appears to be shifting somewhat back to the policyholder. Let me make this clear: insurance companies are in business to stay in business. Sure, they’re willing to take on a certain amount of risk […]

New Phishing Attack Emerges Targeting ADP Users Wanting Their W2

For those looking to get their taxes done early, watch out for emails impersonating ADP offering a link to retrieve your W2 early! While everyone pretty much hates taxes, obtaining all your necessary paperwork is something most want to take care of well-ahead of tax time. A new phishing attack purports to be ADP – […]

[Heads-up] The Evil Ryuk Ransomware Strain Now Uses Wake-on-Lan To Encrypt Your *Offline* Devices

You must have heard of RYUK before. It’s one of the most nasty, evil ransomware strains attributed to the North Korean state sponsored cyber criminals. They are an APT—Advanced Persistent Threat— and go in silent, live undetected on your network for months, and then one very bad day they encrypt all devices on the network […]

Defending Against Ransomware is a Team Effort

Ransomware operators have grown very skilled in targeting exactly what will compel an organization to pay up, according to Andrew Brandt, principal researcher at Sophos. On the CyberWire’s Hacking Humans podcast, Brandt explained that organizations of all sizes are at risk from targeted ransomware attacks. Earlier ransomware attacks, like WannaCry in 2017, went after any […]

Leaving Windows 7 in Production Puts You at High Risk of Ransomware Attack

Microsoft end-of-support for Windows 7 means systems will remain unpatched, creating an opportunity for future ransomware attacks to wreak havoc. It’s time for a brief history lesson: Remember WannaCry? It was so successful because of unpatched systems. And this week marked the end of support for all Windows 7 devices. Estimated to represent as much […]

Auto Dealership Becomes Latest Victim of Ransomware Attack Costing Up to $500,000

The opening of a seemingly benign email from a coworker by an unsuspecting employee set in motion an attack that brought operations to a halt and resulted in some costly remediation. The Arrigo Automotive Group in West Palm Beach, FL became the latest victim of a ransomware attack that crippled most of the computers across […]