blog-slider.jpg

KnowBe4

Security Awareness Training Blog


Keeping You Informed. Keeping You Aware.

[Live Webinar] The Science and Methodology Behind Social Engineering

[Live Webinar] The Science and Methodology Behind Social Engineering

No matter how much security technology we purchase, we still face a fundamental security problem: people. 
Poll: What Security Measures Are Most Effective In Fighting Ransomware?

Poll: What Security Measures Are Most Effective In Fighting Ransomware?

The Spiceworks staff wrote: "Years after CryptoLocker raised its ugly head — setting off an unfortunate security trend — ransomware continues to be a rather painful thorn in the side of IT professionals and organizations around the world. 

In 2017, we saw entire companies and government agencies shut down for days thanks to WannaCry and NotPetya, sometimes costing a single organization hundreds of millions of dollars. And things haven't gotten that much better recently.

For example, in March 2018, the city of Atlanta fell victim to ransomware that brought city services down (airport Wi-Fi, online bill pay systems, police warrant systems, job application forms, and more) and forced many employees to shut down their systems for five days. Similar attacks have been launched against cities in the U.S. and around the world.

CyberheistNews Vol 8 #16 [Heads-Up] Phishing Scam of the Week

CyberheistNews Vol 8 #16 [Heads-Up] Phishing Scam of the Week

Many of us will be at the RSA Conference in SanFran this week. Here are some quick tips!

Many of us will be at the RSA Conference in SanFran this week. Here are some quick tips!

Lance Spitzner said:

  1. Eat breakfast, it may be the last meal you get that day.
  2. Schedule the most important meetings in the morning.
  3. RSA gives you a back-pack. Don't use it at the con, there will be 35,000+ back-packs just like yours.
  4. Comfortable shoes

Here are a few more:

  1. Bring your own reusable water bottle and stay hydrated
  2. Comfortable clothes with those shoes!
  3. Extra pair of socks in your ruck
  4. Power down your phone and bring a burner instead with a cheap SIM card from the airport.
Britain braces for Russian cyber warfare targeting transport links, water supplies, hospitals and airports

Britain braces for Russian cyber warfare targeting transport links, water supplies, hospitals and airports

The UK Mirror reported that Britain is braced for a wave of crippling cyber attacks in Russian retaliation for the Syrian missile strikes. Here is an excerpt:

"Vital transport links, water supplies, gas networks, banks, hospitals and air traffic control could be targeted following the joint assault on Bashar al-Assad’s chemical weapons compounds on Friday night.

Experts believe hackers in Moscow are already trying to break into key computer networks that could bring the UK’s infrastructure to a halt.

Positive Technologies Social Engineering Report: 17 Percent Fall Foul To “Attacks”

Positive Technologies Social Engineering Report: 17 Percent Fall Foul To “Attacks”

Employees download malicious files, click phishing links, correspond with hackers, and even share contact information for their colleagues.

Positive Technologies has released a new report Social Engineering: How the Human Factor Puts Your Company at Risk, with statistics on the success rates of social engineering attacks, based on the 10 largest and most illustrative pentesting projects performed for clients in 2016 and 2017.

To verify the security of corporate systems, Positive Technologies testers imitated the actions of hackers by sending emails to employees with links to websites, password entry forms, and attachments. In total, 3,332 messages were sent. If the “attacks” had been real, 17 percent of these messages would have led to a compromise of the employee’s workstation and, ultimately, the entire corporate infrastructure.

27 percent of recipients clicked the link

[NEW WHITEPAPER] 10 Best Practices for Protecting Against Phishing, Ransomware and Email Fraud

[NEW WHITEPAPER] 10 Best Practices for Protecting Against Phishing, Ransomware and Email Fraud

Organizations have been victimized by a wide range of threats and exploits, most notably phishing attacks that have penetrated corporate defenses, targeted email attacks launched from compromised accounts, and sensitive or confidential information accidentally leaked through email.
 

A survey conducted among corporate decision makers in early 2018 discovered that nearly 28% of organizations had experienced a phishing attack that was successful in infecting their networks. Don’t let this happen to your organization.

Ransomware, Phishing, and Pretexting in the Annual Verizon Databreach Report

Ransomware, Phishing, and Pretexting in the Annual Verizon Databreach Report

Did you know, 43% of breaches result from social engineering attacks? What's more, according to a recent Verizon investigation, phishing emails account for 98% of all social engineering related incidents and breaches.

Ransomware and phishing attacks have garnered a great deal of recent attention in the cybersecurity community. As the Verizon Databreach Report has long warned, ransomware is the most common type of malware carried by phishing attacks. It's used in 56% of such incidents.

Ransomware is very effective for criminals. It exposes them to relatively little risk. But even as ransomware surges in criminal use and popularity, there are signs that businesses and local governments aren't investing in appropriate security against it.

State Department warns staff of surge in spear phishing attempts

State Department warns staff of surge in spear phishing attempts

Eric Geller at Politico reported: "The State Department on Thursday warned employees about a tidal wave of malicious messages attempting to trick staffers into opening a door for hackers.
 

“Personnel are advised to be alert for suspicious activity related to ongoing cyber operations targeting the Department,” the agency’s Cyber and Technology Security Directorate said in an email sent early Thursday morning to all workers.

Last month, more than 2,000 employees received emails, texts and social media messages designed to fool them into either downloading malware or handing over their login information, according to the email, which multiple sources provided to POLITICO.

How The World's Most Famous Hacker Tracks Down Lost Luggage...

How The World's Most Famous Hacker Tracks Down Lost Luggage...

The adventures of Kevin Mitnick and his girlfriend Kimberly.

Kevin called me and told me a story how they were crazy enough to track down a lost (stolen?) bag in Mexico city. His GF Kimberly wrote up the story. Enjoy!

"Travelling constantly around the world is always an adventure especially with four carry-on bags and five checked bags filled to the brim with electronics for Kevin’s live hacking keynote presentations. Landing in Guadalajara, Mexico earlier than expected was a pleasant surprise. The next couple of hours however, were an experience similar to a thriller movie.

Subscribe To Our Blog

Phish Your Users

Recent Posts




Get the latest about social engineering

Subscribe to CyberheistNews