Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Planning with Purpose: 10 Tips to Develop Your Year-Long Security and Compliance Training Program

Our team at KnowBe4 recently got together to talk about planning for annual security and compliance training.
Continue Reading

Cybercriminals Sent 1.76 Billion Social Media Phishing Emails in 2023

As social media phishing reaches new heights, new data reviewing 2023 shows a massive effort by cybercriminals to leverage impersonation of social media brands.
Continue Reading

Email-Based Cyber Attacks Increase 222% as Phishing Dominates as the Top Vector

Analysis of the second half of 2023 shows attackers are getting more aggressive with email-based phishing attacks in both frequency and execution.
Continue Reading

New Research: Ransomware Incidents Spike 84% in 2023

Newly-released data covering cyberthreats experienced in 2023 sheds some light on how very different last year was and paints a picture of what to expect of cyber attacks in 2024.
Continue Reading

Phishing Campaign Targets Mexican Taxpayers With Tax-Themed Lures

A phishing campaign is targeting users in Mexico with tax-themed lures, according to researchers at Cisco Talos. The phishing emails direct users to a website that attempts to trick them ...
Continue Reading

Game-Changer: Biometric-Stealing Malware

I have been working in cybersecurity for a long time, since 1987, over 35 years. And, surprisingly to many readers/observers, I often say I have not seen anything new in the ...
Continue Reading

When Threat Actors Don’t Have a Viable Email Platform to Phish From, They Just Steal Yours

New analysis of a phishing campaign shows how cybercriminals use brand impersonation of the platforms they need to compromise accounts and takeover legitimate services.
Continue Reading

Credential Theft Is Mostly Due To Phishing

According to IBM X-Force’s latest Threat Intelligence Index, 30% of all cyber incidents in 2023 involved abuse of valid credentials. X-Force’s report stated that abuse of valid ...
Continue Reading

[SCARY] You knew about OSINT, but did you know about ADINT?

WIRED just published a scary (long) article. I am summarizing it here and highly recommend you read the whole thing.
Continue Reading

Emails Are Responsible for 88% of Malicious File Deliveries

Emails are still the most common delivery method for malicious files, according to Check Point’s Cyber Security Report for 2024.
Continue Reading

Annual Ransomware Payments Surpass $1 Billion

For the first time, analysis of ransomware payments made in a single year tops $1,000,000,000. This signals a massive return to more frequent, sophisticated, and successful attacks.
Continue Reading

Swiss Government Identified 10,000 Phishing Websites Impersonating 260 Brands

Attacks targeting Swiss residents increased 10% last year, according to newly-released data that shows a growth in not just phishing attacks, but brand impersonation at purely a national ...
Continue Reading

Your KnowBe4 Compliance Plus Fresh Content Updates from February 2024

Check out the February updates in Compliance Plus so you can stay on top of featured compliance training content.
Continue Reading

Face off: New Banking Trojan steals biometrics to access victims’ bank accounts

Venturebeat had the scoop on a fresh Group-IB report. They discovered the first banking trojan that steals people’s faces. Unsuspecting users are tricked into giving up personal IDs and ...
Continue Reading

Nearly One in Three Cyber Attacks In 2023 Involved The Abuse of Valid Accounts

Thirty percent of all cyber incidents in 2023 involved abuse of valid credentials, according to IBM X-Force’s latest Threat Intelligence Index. This represents a seventy-one percent ...
Continue Reading

Data Breach at French Healthcare Payment Processor Puts 20 Million Policyholders at Risk

A single account being phished caused millions of French healthcare policyholder records to be breached.
Continue Reading

Your KnowBe4 Fresh Content Updates from February 2024

Check out the 29 new pieces of training content added in February, alongside the always fresh content update highlights, events and new features.
Continue Reading

Exposed: Global Espionage Unleashed by China's Police in Groundbreaking Leak

[DEVELOPING STORY] I get my news from a very wide variety of sources. One is the venerable SpyTalk news that lives in Substack. They just reported something pretty astounding. Here are ...
Continue Reading

QR-Code Attacks Target the C-Suite 42 Times More than Standard Employees

QR-code attacks leveraging QR-codes are kicking into high gear and becoming a common method used in phishing attacks, according to new data from Abnormal Security.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews