KnowBe4

Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.

Increase in Office 365 Attacks and Data Breaches Should Be Expected as We Approach the 2019 Tax Season

Experts warn of uptick in phishing attacks against businesses leveraging Office 365 as the tax season begins, tensions run high, and opportunities to trick off-guard users will be plenty.
Continue Reading

[THIS IS NOT A DRILL] KB4 Training Template Used As Phishing In The Wild

It's a known fact that once your market share is big enough, the bad guys are going after you. Used to be that viruses and malware were only developed for Windows, but when Apple got to ...
Continue Reading

It Only Takes 1 Phish: Wichita State University Employees Get Fooled Into Losing Their Paychecks

Three employees of the university fell prey to a common scam asking for their credentials, giving cybercriminals access to change banking details.
Continue Reading

Brand-New Tool: Password Exposure Test Identifies Risky Users

The bad guys are constantly coming out with new ways to hack into your network and steal your organization’s confidential information.
Continue Reading

Awareness Training is the Key to a Culture of Security

Here’s a follow-up to an earlier post of ours, with amplification of points well-worth making.
Continue Reading

Scam Of The Week: "When Users Add Their Names to a Wall of Shame"

Eric Howes, KnowBe4 Principal Lab Researcher, found out about another insidious bad guy trick: "If you work in IT there has undoubtedly come a dark moment when you wondered to yourself ...
Continue Reading

Your Boss NEEDS To Read This WSJ Article About Our Power Grid And How The Russians Hacked It With Phishing

In a Jan 10, 2019 article, the Wall Street Journal reconstructed the worst known hack into the USA's power grid revealing attacks on hundreds of small contractors.
Continue Reading

Email Security Gap Analysis: Survey Finds Phishing Is The No. 1 Attack That Worries IT Pros Most

There are a few companies that frequently report on so-called "email security gap analysis" numbers: Mimecast, Proofpoint and Cyren. They are all IT security companies that have email ...
Continue Reading

Finra punishes former Schwab broker for lying about role in $800,000 CEO Fraud scam

A former broker for Charles Schwab & Co.was fined $5,000 and suspended for 90 days by Finra for lying to Schwab about a CEO Fraud attack in which he wired nearly $800,000 to someone ...
Continue Reading

New Data Suggests that Negligent Employees May Be the Reason Data Breaches are So Successful

When it comes to root causes of data breaches, it’s not your firewall, your endpoint protection, your antivirus, nor your patching that’s failing you; it’s your employees.
Continue Reading

Banking Cyber Heists Celebrate Their 25th Birthday!

2019 marks the 25th anniversary of the very first cyber-heist, netting one of the first cybercriminals $10 million from Citibank. The tactics have changed, but the target hasn’t.
Continue Reading

Lowlife Scammers exploit Sick Children in Latest Ransomware Attack

The outrageous attack combination of ransomware, claims to donate to charity, and even details of children’s names, diagnoses, and pictures proves there is no low cybercriminals won’t go ...
Continue Reading

The Government may be shut down, but the bad guys are not

By Eric Howes, KnowBe4 Principal Lab Researcher.  Once again we are starting tax season, and malicious actors are spinning up phishing campaigns to exploit the myriad opportunities ...
Continue Reading

Ohio’s New Data Security Law Seeks to Minimize the Risk of Data Breach Impacting Insurers and Their Customers

Following in the footsteps of North Carolina, the new Ohio law looks to regulate the cybersecurity practices, reporting, and notifications of its insurance industry.
Continue Reading

It Only Takes 1 Phish: “Unremarkable” Phishing Attack Results in a Breach in the European Union’s Diplomatic Communications Network

A three-year-long cyber-attack led to the successful breach of the all communications between all EU member states, putting countries and their futures at risk.
Continue Reading

The Dark Overlord Ransoms 9/11 Files Showing How Law Firms Can be at Risk of Data Breach

The actions by the cybercriminal organization The Dark Overlord demonstrate how law firms need to take data security and cyber readiness seriously.
Continue Reading

[Heads-up] Double Trouble: Ransomware And File Thief Combined In Nasty Hybrid Malware

A new malware attack has been detected in the wild. This nasty combines two known pieces of malware: the Vidar data harvesting malware followed by GandCrab ransomware.
Continue Reading

International Legal Tech Association: "KnowBe4 Is The Biggest Winner In Awareness Content"

The International Legal Technology Association is the premier peer-driven association for technologists in the legal field. The ILTA's most prestigious publication each year is their ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews