Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

[INFOGRAPHIC] Q1 2021 Report Shows Users are More Savvy to COVID-19 Phishing Scams

KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. These are broken down into three different categories: social media related subjects, general subjects, ...
Continue Reading

[New Benchmarking Feature] Compare Your Organization’s Security Awareness Proficiency with Other Companies in Your Industry

We are excited to announce that the KnowBe4 Industry Benchmarking feature has been expanded to now include industry benchmark comparison data for Security Awareness Proficiency Assessment ...
Continue Reading

2021 Phishing Trends Face Alarming Predictions and Will Likely Include Automated Attacks

Researchers at INKY warn that targeted phishing attacks will continue throughout 2021, as some employees return to the office and others continue working from home. They predict that ...
Continue Reading

3 Ways To Protect Your Identity Online

Within security awareness training programs, cybersecurity experts promote various tactics and best practices to implement within personal and work environments to protect your identities ...
Continue Reading

[HEADS UP] DocuSign Issues Alert of Malicious New Hacking Tool

Earlier this week, DocuSign issued an alert that notified users of a new hacking tool. This tool is imitating DocuSign so then the bad guys can drop malware into victims' systems.
Continue Reading

H Layer Credentialing Announces Security Awareness and Culture Professional (SACP)® Certification

This is a very exciting development for the Cyber Security industry as a whole and particularly those of us that believe that Security Awareness Training is a critical step in a complete ...
Continue Reading

Australian Organizations Increase Cyber Security Spend to Nearly A$5B in 2021

The rise in cyberattacks in Australia is seeing its natural result – organisations realizing the need to put more budget focused on cybersecurity, with the largest portion going towards ...
Continue Reading

The Digital Workplace is a Cybersecurity Disaster!

New data reviewing how the 2020 shift to a remote workforce impacted organizational security shows all too well that since the pandemic onset, cybersecurity has become critically worse.
Continue Reading

APT Group Use Voice-Changing Software to Impersonate Women as Part of Espionage Attacks

The middle eastern threat group known as APT-C-23 are targeting male soldiers in the Israel Defense Forces in an attempt to get their victims to download and install malware.
Continue Reading

New Phishing Attacks Bypass Secure Email Gateways Using Some Very Creative Methods

Microsoft Security Intelligence warns of phishing attacks being sent from legitimate email addresses and IP ranges, taking advantage of gateway configuration settings to ensure delivery.
Continue Reading

LinkedIn Data of 500 Million Users Hacked, Up For Sale: Report

Microsoft-owned social network LinkedIn is reportedly the latest victim of a massive data breach where data of 500 million user profiles has been allegedly leaked by cybercriminals. The ...
Continue Reading

Phishing Attacks Using PDF Files Have Skyrocketed

Phishing attacks using PDF files have spiked over the past year, according to researchers at Palo Alto Networks’ Unit 42.
Continue Reading

The Clop #Ransomware gang is now pressuring  customers of victims threatening that their personal, confidential data will be exposed unless a ransom is paid

Brian Krebs just reported: "Some of the top ransomware gangs are deploying a new pressure tactic to push more victim organizations into paying an extortion demand: Emailing the victim’s ...
Continue Reading

The Growing WeTransfer Phishing Campaign Can Put Your Users at Risk

Researchers at Avanan have observed a phishing campaign that’s impersonating the WeTransfer file-sharing app in an attempt to steal users’ credentials. The email’s subject line states, ...
Continue Reading

[HEADS UP] New Phishing Attack With .TXT Attachment Can Steal All Your Secrets

The 360 security blog just came up with an eye opener. Recently, 360 Security Center’s threat monitoring platform has detected a new email phishing attack. This attack uses a ...
Continue Reading

[Security Culture Report 2021] A Global Security Culture Perspective During a Pandemic

The 2021 KnowBe4 Security Culture Report is the largest study of its kind, measuring organizations' security cultures and surveying more than 320,000 employees across 1,872 ...
Continue Reading

Key Findings From the 2021 SANS Security Awareness Report

Like most security professionals, there are a few industry reports that I really look forward to reading each year. Pretty high on that list is the SANS Security Awareness report. SANS ...
Continue Reading

UK Users Should Be Aware of Census-Themed Phishing Attacks

Users in the UK should be on the lookout for census-themed phishing attacks, according to Paul Ducklin at Naked Security. Participating in the census is mandatory in the UK, and people ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews