Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Researchers Discover Most Microsoft 365 Admins Don't Enable Multi-Factor Authentication

Researchers from CoreView recently discovered that 97% of all total Microsoft 365 users do not utilize multi-factor authentication (MFA). A staggering 78% of Microsoft 365 admins do not ...
Continue Reading

"Berserk Bear", The Russian Hackers Playing ‘Chekhov’s Gun’ With US Infrastructure

In an advisory warning published last week by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the government notified the public of a ...
Continue Reading

Could A Botched Ransomware Attack Have Caused The Massive Mauritius Oil Spill?

I found a super interesting and at the same time scary article at Forbes by Nishan Degnarain about the cyber vulnerabilities of these massive oil tankers and container ships. It's ...
Continue Reading

[NEW BOOK] Hacking Multi-Factor Authentication

I’m excited to announce the release of my 12th book, Hacking Multifactor Authentication.
Continue Reading

[HEADS UP] Remote Workers Disregard Security Awareness Training

According to new research from Mimecast, remote workers are increasingly putting their organizations at risk by failing to follow security awareness training best practices.
Continue Reading

Couple Avoids Becoming a Victim to Publishers Clearing House Scam

An elderly couple in Tennessee avoided falling victim to a scam by recognizing the signs of social engineering, WREG reports. Kay and Bill Pritchett received six different phone calls ...
Continue Reading

[HEADS UP] Cybercriminals Threaten Patients in Clinic Data Breach

In a recent report by BBC News, patients in a large clinic in Finland have been blackmailed using social engineering after their data was stolen.
Continue Reading

[HEADS UP] Fraudsters are Exploiting High Demand Air Freight

Scammers are exploiting the high demand for air freight brought on by the COVID-19 pandemic, the Loadstar reports. Charter veteran Steve Manser told the publication that fraudsters are ...
Continue Reading

All Con, All the Way Down: Bad Guys Spoof Phishing Link Hover Texts

At the heart of almost every phishing email is a spoof. In malicious emails spoofing is the art of deceptively imitating something or someone trusted by users in order to gain their ...
Continue Reading

[INFOGRAPHIC] 20 Ways to Build Your Security Fortress From Anywhere

If you and your users are working remotely  in the office, it’s essential to be aware of new cybersecurity threats. Here at KnowBe4, we’re committed to help your users make smarter ...
Continue Reading

Members of the Cybercrime Group Responsible for NotPetya Indicted by U.S. Government

Six members of the Russian hacker group known as Sandworm who have carried out some of the most well-known cyberattacks in the last 6 years appear to have been brought to justice.
Continue Reading

REvil Ransomware Gang Flexes Its Hiring Muscle With a $1 Million Deposit on a Hacking Hiring Website

Nothing says ransomware is a profitable business more than throwing down a million dollars in an attempt to attract and hire the most talented hackers on the planet.
Continue Reading

[HEADS UP] Cybercriminal Sells Info on 186 Million U.S. Voters

In a recent report by NBC News, cybersecurity company TrustWave found a bad guy selling voter registration data on 186 million Americans.
Continue Reading

The Ultimate Cyber Security Tip

It’s Cyber Security Awareness Month, and the security advice is flowing out from all corners of the web to advise your users on remaining secure. However, all this information can be ...
Continue Reading

[HEADS UP] Australia Warns Citizens of JobKeeper Phishing Email

The Australian Taxation Office has advised Australians to delete a particular email and to not provide any personal information.
Continue Reading

Cybersecurity Awareness Month Weekly Tip: Social Media Safety

Each week during Cybersecurity Awareness Month, we’re going to be sharing in-depth weekly cybersecurity tips from our informative evangelists to help your users make smarter security ...
Continue Reading

Middle Management is the Next Target for Phishing Attacks

Mid-level managers need to be particularly wary of targeted phishing attacks, according to Jenn Gast at INKY. Gast explains that criminals can easily conduct open-source research on a ...
Continue Reading

Lessons Learned: An IT Pro’s Experience Building his Last Line of Defense

This is the true story of an IT Manager who was tired of his users clicking everything and wanted to teach them a lesson… in a good way.
Continue Reading

Threatening Election Emails Land in Florida Inboxes

If you checked the news this morning, you probably noticed a story getting plenty of play on mainstream news sites: threatening election-themed emails sent to recipients in three states, ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews