Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Phishing Golden Hour

In emergency healthcare settings, the “golden hour” is the time between when a patient suffering a life threatening event (e.g., heart attack, stroke, aneurysm, etc.) is most likely to ...
Continue Reading

My lazy Sunday afternoon was interrupted...

My lazy Sunday afternoon was interrupted with what appeared to be a prank, a social engineering attempt, or something else that remains to be identified. 
Continue Reading

Paying the Ransom After a Ransomware Attack May Become More Complicated, Thanks to the U.S. Treasury

With many organizations considering to pay the ransom should they experience an attack, new guidance from the U.S. Treasury may put a damper on an organization’s ability to pay.
Continue Reading

[Heads Up] Apparently Slack Phishing Got So Bad They Had To Do Something About It

Slack has announced a slew of new security features, certificates and integrations, including a verification system that adds an additional layer to protect against phishing scams.
Continue Reading

Cybercriminals Target Execs in Microsoft 365 Credential Attack to Launch Internal BEC Scams

A new phishing attack spotted in the wild by security researchers at Trend Micro demonstrates how compromised data in an initial cyberattack is purposed in subsequent attacks.
Continue Reading

Many US States Requiring Training on COVID-19 Before Return to Work

Many states across the US are now mandating that organizations provide training to your employees before they can return to work. Definitely check your local state guidelines but KnowBe4 ...
Continue Reading

Legitimate Accounts for Illegitimate Business Email Compromise

Cybercriminals frequently use email accounts from legitimate services like Gmail to carry out business email compromise (BEC) attacks, Help Net Security reports. Researchers at Barracuda ...
Continue Reading

KnowBe4 Celebrates 10 Years by Planting 10,000 Trees Worldwide

We're celebrating 10 years as a company today!  To celebrate this milestone, we'll be planting 10,000 trees around the world to celebrate our 10th anniversary and the addition of its ...
Continue Reading

[NEW] See How You Can Get Audits Done in Half the Time at Half the Cost

You told us you have challenging compliance requirements, not enough time to get audits done, and keeping up with risk assessments and third-party vendor risk is a continuous problem.
Continue Reading

SBA Phishing: Malicious Actors "Return to Roots" in the Hunt for Money

By Eric Howes, KnowBe4 Principal Lab Researcher. The COVID-19 pandemic continues to dominate news headlines as well as the development of malicious email attacks designed to separate ...
Continue Reading

Cyberattacks Involving Both Data Exfiltration and Ransomware to Ensure Ransom Payment Increase 152%

Ransomware authors are realizing the benefit of either stealing data or just implying they have and threatening to publish the data publicly in order to increase their chances of being ...
Continue Reading

Dark Patterns and the Craft of Online Persuasion

People should learn how to spot the tactics companies (and, more importantly, criminals) use to persuade customers (or marks), especially when those tactics are used deceitfully, ...
Continue Reading

Nearly Half of Dutch Listed Companies Do Not Provide Information on Cybersecurity in Annual Report

Many publicly traded companies in the Dutch AEX, AMX and AScX indices fail to be transparent on cybersecurity efforts in their annual reports. While the Netherlands is a highly digitized ...
Continue Reading

The U.N. counterterrorism chief says a 350% increase in phishing websites was reported in Q1 2020

UNITED NATIONS -- A 350% increase in phishing websites was reported in the first quarter of the year, many targeting hospitals and health care systems and hindering their work responding ...
Continue Reading

Ransomware Payments Increase by a Massive 60% as Email Phishing Rises in Frequency as Primary Attack Vector

The newest ransomware data paints a pretty bleak picture for organizations with “big game” attacks and six- and seven-figure ransom demands becoming the norm.
Continue Reading

Leaked U.S.-UK Trade Documents Show How Devastating Compromised Email Can Be

An ongoing criminal investigation highlights how classified documents stolen by Russian hackers from former U.K. trade minister Liam Fox may have been used to impact the British 2019 ...
Continue Reading

Five Reasons Why Ransomware Attacks Should Be Your Biggest Worry and Aren’t Going Anywhere

No other cyberattack has evolved like ransomware. Today’s attacks are more pervasive, invasive, impactful, damaging, and costly. Learn why and what to do about it.
Continue Reading

The Importance of Identifying and Focusing on the Malicious Behavior

Identifying malicious behavior is a more effective long-term strategy than trying to block individual malicious actors, according to Johnathan Hunt, Vice President of Security at GitLab. ...
Continue Reading

New Compliance Management Features Now Available in the KCM GRC Platform

We're excited to announce new updates and features to our KCM GRC platform to make managing your compliance projects even easier! KCM GRC helps you get your audits done in half the time, ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews