Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

KnowBe4 Named a Leader in the Fall 2024 G2 Grid Report for Security Awareness Training

We are thrilled to announce that KnowBe4 has been named a leader in the latest G2 Grid Report that compares security awareness training (SAT) vendors based on user reviews, customer ...
Continue Reading

What Spending 3 Hours in IKEA Taught Me About Cybersecurity Awareness

It was a Saturday morning, and I had grand plans. By "grand plans," I mean sitting on the sofa, watching reruns of "The IT Crowd," and pretending I didn't hear the lawn mower calling my ...
Continue Reading

44% of U.S. Organizations Experienced One or More Ransomware Attacks in the Last Year

As ransomware becomes more pervasive, new data provides insight into how well organizations are responding and the attack vector being used most.
Continue Reading

Meet SmartRisk Agent™: Unlock Your New Human Risk Management

Depending on who you ask, between 70 and 90 percent of cyber risk has human error as the root cause. That's why Human Risk Management (HRM) is so important. And here is the next major ...
Continue Reading

"Operation Kaerb" Takes Down Sophisticated Phishing-as-a-Service Platform “iServer”

A partnering of European and Latin American law enforcement agencies took down the group behind the mobile phone credential theft of 483,000 victims.
Continue Reading

Sextortion Scammers Attempt to Hit “Close to Home”

We live in a world where, despite the sharing of information online, we feel like those interactions will never reach home. But a new scam – covered on WTSP Tampa Bay’s Channel 10 news – ...
Continue Reading

Trinity Ransomware Targets the Healthcare Sector

The Trinity ransomware gang is launching double-extortion attacks against organizations in the healthcare sector, according to an advisory from the US Department of Health and Human ...
Continue Reading

Google App Scripts Become the Latest Way to Establish Credibility and Automate Phishing Attacks

Cybercriminals have found a new way of leveraging legitimate web services for malicious purposes, this time with the benefit of added automation of campaign actions.
Continue Reading

Hurricane Deepfakes Flood Social Media

As the recent hurricane Helene caused major damage and as hurricane Milton has left a path of destruction across Florida, deepfakes are spreading misinformation on social media.
Continue Reading

Attackers Abuse URL Rewriting to Evade Security Filters

Attackers continue to exploit URL rewriting to hide their phishing links from email security filters, according to researchers at Abnormal Security.
Continue Reading

[Cybersecurity Awareness Month] Keeping Your Mobile Devices Secure from the ‘Inside’ Out

As remote work and connecting while traveling has become the norm, mobile device security responsibilities have also increased.
Continue Reading

Free Phishing Platform Has Created More than 140,000 Spoofed Websites

A free phishing-as-a-service (PhaaS) platform named Sniper Dz has assisted in the creation of more than 140,000 phishing sites over the past year, according to researchers at Palo Alto ...
Continue Reading

What Bletchley Park Can Teach Us About Building a Strong Security Culture

During World War II, a group of brilliant minds led by Alan Turing gathered at Bletchley Park in England to crack the German Enigma code. This wasn't just a technological challenge, it ...
Continue Reading

North Korea's Secret IT Army and How to Combat It

Organizations around the world are unknowingly recruiting and hiring fake employees and contractors from North Korea. These sophisticated operatives aim to earn high salaries while ...
Continue Reading

Financial Services Industry Experiences a Massive Increase in Brand Abuse

Industry analysis of the domains used behind phishing and brand impersonation attacks show financial institutions are being leveraged at an alarming rate.
Continue Reading

Infostealer Threat Group “Marko Polo” Evolving Into an “Empire”

New research by Recorded Future provides insight into how advanced and sophisticated the threat group Marko Polo has become since launching in 2022.
Continue Reading

Cybercriminal Gang Targeting SMBs Using Business Email Compromise

Researchers at Todyl have published a report on a major cybercriminal group that’s conducting business email compromise (BEC) attacks against small and medium-sized businesses. Todyl ...
Continue Reading

Don’t Put Real Answers Into Your Password Reset Questions

This recent article on how a hacker used genealogy websites to help better guess victims' password reset answers made it a great time to share a suggestion: Don’t answer password reset ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews