Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

New Phishing Campaign Uses Blackmail to Lure Victims

Bitdefender has observed a phishing campaign that tries to blackmail users into sending money by claiming their computer has been hacked. The emails contain real passwords that have been ...
Continue Reading

Visit KnowBe4 at Black Hat USA 2021 - Virtual & In Person Event

Are you attending  Black Hat USA 2021  (either in person or virtually) ? Be sure to stop by the   KnowBe4 booth   August 4th - 5th  to find out how to secure your last line of defense: ...
Continue Reading

Two of the Most Common and Successful Ransomware Attack Methods are Exposed

Researchers at Coveware recently analyzed ransomware attacks during Q2 of this year and noticed a similar trend in ransomware attack methods by cybercriminals.
Continue Reading

Ransomware Attacks This Year Are Already Higher Than 2020

According to the 2021 Cyber Threat Report by SonicWall, 304.7 million ransomware attacks occured in the first half of 2021, already surpassing the total number of ransomware attacks for ...
Continue Reading

Happy 22nd Annual SysAdmin Day from KnowBe4!

It’s the 22nd annual SysAdmin Day, a day when we celebrate all of the incredible System Administrators! While your job may not be easy (and sometimes not glamorous), your work on the ...
Continue Reading

Scammers Use Milanote App to Host Phishing Content and Avoid Detection by Secure Email Gateways

The “Evernote for creatives” collaborative platform is being used to legitimately host malicious links that point victims to phishing links, bypassing detection mechanisms.
Continue Reading

The World’s Most Impersonated Brand in Phishing Attacks Is… (and it’s NOT Microsoft!)

Despite so much news surrounding phishing attacks pretending to be from Microsoft’s Office 365 platform, a new report from Vade Secure provides a global perspective to impersonation.
Continue Reading

Over 700 Ransomware Victim Organizations are Named on Data Leak Sites in Q2

This massive increase in the number of victim organizations being named demonstrates the harsh reality of how far ransomware threat actors will actually go if ransoms aren’t paid.
Continue Reading

Image Inversion as a Phishing Technique

Researchers at WMC Global have found that a phishing kit is using images with inverted colors to avoid detection.
Continue Reading

Cybercriminals Are Growing More Organized

The cybercriminal underground is becoming increasingly organized, according to researchers at HP. The criminal underground functions like a regular economy, with people selling goods and ...
Continue Reading

Warning: A New Ransomware Cartel Has Formed Sharing Techniques, Code, and Infrastructure

In a new twist, security researchers at Analyst1 have identified four Russian ransomware gangs that actively work together to coordinate attacks, data leaks, and more.
Continue Reading

U.K. Employees Pose a Major Cybersecurity Risk to Business as They Return to the Office

After well over a year of getting used to working from home, as U.K. employees look to head back into the office, new data shows they don’t see themselves as a cyber risk (which makes ...
Continue Reading

77% of Organizations Are Unable to Access Systems or Networks Post-Ransomware Attack

The fallout after a ransomware attack is more devastating than previously thought. New data spells out what you should really expect after being hit with ransomware.
Continue Reading

Phishing Attacks Surged in Q2 2021

Phishing activity increased dramatically in the second quarter of 2021, according to a recent report by Vade. The company observed 4.2 billion phishing emails in June alone.
Continue Reading

Milanote Exploited to Host Phishing Content

Researchers at Avanan warn that attackers are exploiting the collaboration and note-taking app Milanote to host phishing links.
Continue Reading

Mission Possible: Turning Compliance Into Tangible Security

The average compliance document is dozens to hundreds of pages long and includes numerous controls. And you’re expected to meet all those controls to regulatory satisfaction. The problem ...
Continue Reading

Remote Employees Adopt Bad Cybersecurity Habits While Working from Home

A new report focused on businesses looking to bring employees back to the office makes it very clear that security leaders are concerned, as remote workers have been anything but secure.
Continue Reading

U.S. State Department Issues a Reward for Information on Foreign Cybercriminals Targeting Critical Infrastructure

In the wake of cyberattacks targeting U.S. infrastructure organizations, the U.S. government is stepping up measures to identify foreign threat actors and bring them to justice.
Continue Reading

Updated Ransomware Simulator Now With 23 Latest Infection Scenarios

As ransomware techniques continue to evolve, two new ransomware strains, DearCry and Black Kingdom, were blamed for the huge Microsoft Exchange server attacks earlier this year, which ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews