Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

A Master Class on Cybersecurity: Roger Grimes Teaches Password Best Practices

Sep 28, 2022 3:51:33 PM By Stu Sjouwerman
What really makes a “strong” password? And why are you and your end-users continually tortured by them? How do hackers crack your passwords with ease? And what can/should you do to ...
Continue Reading

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

Sep 28, 2022 9:48:23 AM By Stu Sjouwerman
Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.
Continue Reading

American Airlines Traces Breach to Phishing Incident

Sep 28, 2022 9:05:46 AM By Stu Sjouwerman
American Airlines has disclosed that an attacker used phishing attacks to breach the company’s systems, BleepingComputer reports.
Continue Reading

Top 5 Deepfake Defenses

Sep 28, 2022 8:54:46 AM By Jelle Wieringa
Imagine you're on a conference call with your colleagues. Discussing the latest Sales numbers. Information that your competitors would love to get a hold of.
Continue Reading

CyberheistNews Vol 12 #39 [HEADS UP] Bank of America Warns About Recent Scams That Request Zelle Payment Due to 'Suspicious Activity'

Sep 27, 2022 9:30:00 AM By Stu Sjouwerman
Continue Reading

87% of Organizations Rank Cyberattacks as the Number One Threat to Their Business

Sep 27, 2022 9:00:49 AM By Stu Sjouwerman
New data sheds a shocking light on just how inexperienced organizations are today in addressing cybersecurity needs – and the impact attacks are having on their business.
Continue Reading

FBI: Cyber Criminals Will Continue Targeting Healthcare Payment Processors Through Phishing Campaigns and Social Engineering

Sep 27, 2022 9:00:42 AM By Stu Sjouwerman
Despite the pandemic being largely considered over, a recent Private Industry Notification focused on the Healthcare industry indicates that organizations should remain vigilant.
Continue Reading

Fake Emails Purporting to be from UK Energy Regulator

Sep 27, 2022 9:00:35 AM By Stu Sjouwerman
A phishing campaign is impersonating UK energy regulator Ofgem, according to Action Fraud, the UK’s cybercrime reporting centre.
Continue Reading

Try the New Compliance Audit Readiness Assessment Today for the HIPAA Security Rule

Sep 27, 2022 8:44:03 AM By Stu Sjouwerman
When it's time to complete a compliance audit of your cybersecurity readiness plan, are you thinking, "Ugh, is it that time again?"
Continue Reading

Recent Optus Data Breach Teaches the Importance of Recognizing Social Engineering

Sep 26, 2022 10:00:46 AM By Stu Sjouwerman
Optus, one of Australia's largest telecommunications companies, recently suffered a data breach that affected over 9.8 million customers.
Continue Reading

Sentence in a Catphishing Case

Sep 26, 2022 9:59:32 AM By Stu Sjouwerman
A convict serving twenty-five years in South Carolina for voluntary manslaughter and attempted armed robbery, Darnell Kahn, has now also been convicted in a US court on Federal sextortion ...
Continue Reading

You Need Aggressive Cyber Training, Not "So, So" Training

Sep 26, 2022 8:00:00 AM By Stu Sjouwerman
According to nearly every study conducted over the last decade, social engineering is involved in the vast majority of cyber attacks. The figures range from about 30% to 90% of all ...
Continue Reading

Retail is in Trouble: 77% Of Retail Organizations Have Been Hit by Ransomware

Sep 23, 2022 1:58:17 PM By Stu Sjouwerman
With Retail seeing and feeling the impact of more ransomware attacks than nearly every other industry, a new report focuses in on what the repercussions look like for this sector… and ...
Continue Reading

“Browser-in-the-Browser” Phishing Technique Spotted in New Steam Account Attack

Sep 23, 2022 1:58:10 PM By Stu Sjouwerman
Luring victims using a realistic- and legitimate-looking fake browser window to steal Steam accounts, this new type of social engineering may be a sign of things to come.
Continue Reading

Phishing Campaign Targets GitHub Users

Sep 23, 2022 9:15:50 AM By Stu Sjouwerman
GitHub has issued an alert warning of a phishing campaign targeting users by impersonating the popular DevOps tool CircleCI, BleepingComputer reports. The phishing emails inform users ...
Continue Reading

[New Feature] Managing Your Risk and Compliance Tasks Just Got Easier with KCM’s Jira Integration

Sep 23, 2022 8:00:00 AM By Stu Sjouwerman
We’re thrilled to announce that Atlassian Jira integration support is now available with KnowBe4’s KCM GRC platform.
Continue Reading

Security Practices Are Improving, But Cybercriminals Are Keeping Up

Sep 21, 2022 2:48:10 PM By Stu Sjouwerman
A survey by the Spanish GetApp software rating site has found that the number of organizations using phishing simulations has risen from 30% in 2019 to 70% in 2022. Despite this positive ...
Continue Reading

Phishing Attacks Reach an All-Time High, Quadrupling That of Early 2020

Sep 21, 2022 10:20:31 AM By Stu Sjouwerman
New quarterly data from the Anti-Phishing Working Group shows unprecedented phishing activity with increases in BEC, use of social media, vishing, and smishing.
Continue Reading

Do Not Use Easily Phishable MFA and That Is Most MFA!

Sep 21, 2022 9:25:43 AM By Roger Grimes
Everyone should use multifactor authentication (MFA), where they can, to protect valuable information. Everyone!
Continue Reading

CyberheistNews Vol 12 #38 [HEADS UP] New Uber Security Breach 'Looks Bad', Caused by Social Engineering

Sep 20, 2022 9:30:00 AM By Stu Sjouwerman
Continue Reading
Subscribe

Search Our Blog


Cybersecurity Awareness Month 2022 Free Resource Kit

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews