Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

The Indispensable World of Red Teaming

In this mad, mad world of breaches, organizations are scrambling to keep their heads above water. It's like trying to navigate a minefield while blindfolded and riding a unicycle — one ...
Continue Reading

Vacation-Themed Scams Are Spiking

Scammers are now impersonating legitimate services like Booking.com and Kayak to target people planning their summer vacations. One out of every 33 vacation-themed domains registered last ...
Continue Reading

Happy 1st Birthday to Our KnowBe4 Community!

Happy 1st birthday to our KnowBe4 Community! We’re so excited to celebrate our community's first anniversary. It’s been filled with so many wholesome moments and learning opportunities.
Continue Reading

Brazilian Entities Increasingly Targeted by Nation-State Phishing Attacks

Mandiant has published a report looking at cyber threats targeting Brazil, finding that more than 85% of government-backed phishing activity comes from threat actors based in China, North ...
Continue Reading

The Overlooked Truth: User Experience in Cybersecurity

We live in a world where the term "cybersecurity" tends to make folks either shiver with anxiety or yawn with boredom. The narrative has always been about hacking, phishing, and all sorts ...
Continue Reading

Phishing Campaign Abuses Windows Search to Distribute Malware

Researchers at Trustwave warn that a phishing campaign is distributing malware via HTML attachments disguised as invoices. Notably, the HTML files abuse the Windows Search protocol to ...
Continue Reading

No Politician Too Small: School Board Candidates Targeted By Phishing and BEC Scams

Cybercriminals are broadening their targets to include even local political candidates, as an escalating series of phishing attacks was recently directed at school board candidates in ...
Continue Reading

Microsoft and KnowBe4 Collaborate on Ribbon Phish Alert Button for Outlook

Increasing phishing attacks are a constant threat to organizations, making it crucial for users to report suspicious emails.
Continue Reading

Unmasking the Threat: Why Phishing Scams are Surging in Japan

Japan has a large number of Forbes Global 2000 corporations--more than the UK, Germany, and France combined. Despite this economic strength, Japan faces an alarming and growing threat ...
Continue Reading

Phishing Campaign Targets Job Seekers With WARMCOOKIE Backdoor

A phishing campaign is impersonating recruiting firms to target job seekers with a new strain of malware, according to researchers at Elastic Security.
Continue Reading

The Global Reach of Cyber Threats: Why Security Awareness Training is More Important Than Ever

Based on news cycles within cybersecurity, it's easy to fall into the trap of thinking that threats only come from certain parts of the world or that they only target specific industries. ...
Continue Reading

Cybercriminals Use New V3B Phishing Kit to Mimic 54 Different Banks in the European Union

A new phishing-as-a-service toolkit that leverages credential interception and anti-detection capabilities has put EU banks at severe risk of fraud.
Continue Reading

Phishing With Deepfakes for HK$200 Million

My hacker story occurred not too long ago at the Hong Kong office of an undisclosed multinational corporation. The hackers pulled off a first-of-its-kind scam that leveraged a phishing ...
Continue Reading

New Research Shows An Alarming Trend of Phishing Attacks Doubling For US and European Organizations

Cybercriminals never sleep, and their aim keeps getting better. According to new research from Abnormal Security, phishing attacks targeting organizations in Europe shot up by a ...
Continue Reading

Beware: Major AI Chatbots Now Intentionally Spreading Election Disinformation

Just when you thought the disinformation landscape couldn't get any worse, a new report from Democracy Reporting International in Europe reveals that popular AI chatbots have started ...
Continue Reading

Sinister "More_eggs" Malware Cracks Into Companies by Targeting Hiring Managers

Job seekers, beware - cybercriminals have a nasty new way to slide their malicious code on corporate networks. Researchers have uncovered a devious phishing campaign that's distributing ...
Continue Reading

DarkGate Malware Being Spread Via Excel Docs Attached To Phishing Emails

A phishing campaign is spreading the DarkGate malware using new techniques to evade security filters, according to researchers at Cisco Talos.
Continue Reading

New HR-Themed Credential Harvesting Phishing Attack Uses Legitimate Signature Platform Yousign

A new phishing campaign is exploiting the eSignature platform Yousign.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews