Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

How a North Korean Fake IT Worker Tried to Infiltrate Us

Incident Report Summary: Insider Threat TLDR: KnowBe4 needed a software engineer for our internal IT AI team. We posted the job, received resumes, conducted interviews, performed ...
Continue Reading

Phishing Attacks Will Likely Follow Last Week’s Global IT Outage

Organizations should expect to see phishing attacks exploiting the global IT outage that occurred last Friday, the Business Post reports.
Continue Reading

[Security Masterminds Podcast] Securing Software Over 50 Years: Reflections from an Industry Veteran

Does the challenge of keeping up with cybersecurity trends sound familiar? You may have been told to update your antivirus software and hope for the best, only to find that your digital ...
Continue Reading

CrowdStrike Phishing Attacks Appear in Record Time

I have been the CEO of an anti-virus software developer. We had a special acronym for catastrophic events like this, a so-called "CEE". As in Company Extinction Event. But first: Our ...
Continue Reading

78% of Organizations Are Targets of Ransomware Attacks Two or More Times in Twelve Months

New data puts the spotlight on the frequency and impact of modern ransomware attacks, highlighting the overconfidence organizations are showing in their ability to defend and respond to ...
Continue Reading

CISA’s Red Team Exercise Shows Value of Phishing, but Misses the Best Recommendation

Phishing is used to completely compromise the victim’s environment after other repeated methods failed.
Continue Reading

Cyber Threats Targeting the 2024 Paris Olympics

Our friends at the CyberWire reported: "ZeroFox and Fortinet have both published reports on threats facing the 2024 Olympics in Paris. ZeroFox says the primary cybersecurity threat will ...
Continue Reading

Change Healthcare Ransomware Attack May Cost Nearly $2.5 Billion

The ransomware attack against UnitedHealth Group’s Change Healthcare platform is expected to cost the company up to $2.45 billion, more than a billion dollars more than was previously ...
Continue Reading

Chile Leads Latin America With New Cybersecurity Governance

Chile took a major step toward a more resilient cyber landscape for its citizens and the Latin American region on Tuesday, March 26, 2024, when Chile’s president of the Republic, Gabriel ...
Continue Reading

7 in 10 Organizations Experienced a Business Email Compromise Attack in the Last 12 Months

Despite ransomware getting the lion’s share of the tech pub headlines, business email compromise (BEC) attacks are alive and well… and having a material impact.
Continue Reading

New Ransomware Threat Group Calls Attack Victims to Ensure Payments

Analysis of new ransomware group Volcano Demon provides a detailed look into how and why calling victims ups the chances of ransomware payment.
Continue Reading

Malvertising Campaign Impersonates Microsoft Teams

Researchers at Malwarebytes warn that a malvertising campaign is targeting Mac users with phony Microsoft Teams ads. The ads are meant to trick users into installing Atomic Stealer, a ...
Continue Reading

[NEW FREE TOOL]: Reveal Your Network's Hidden Weaknesses with KnowBe4's BreachSim Data Exfiltration Simulator

As cyber threats evolve, the target has become crystal clear: your data. A staggering 90% of ransomware attacks now include a data exfiltration component. With this in mind, KnowBe4 has ...
Continue Reading

SEC Fines Publicly Traded Company $2.125 Million For Negligence Before, During, and After a Ransomware Attack

According to the filing, the organization in question failed to devise controls to adequately detect, respond to, and disclose an attack that included data exfiltration and service ...
Continue Reading

Espionage-Intent Threat Groups Are Now Using Ransomware as a Diversion Tactic in Cyberattacks

A new report focused on cyber espionage actors targeting government and critical infrastructure sectors highlights the strategic use of ransomware for distraction or misattribution.
Continue Reading

IRS Warns of Phishing Attacks Targeting Car Dealerships

The US Internal Revenue Service (IRS) has issued an advisory warning of phishing campaigns targeting car dealerships. The IRS says car dealers should be on the lookout for targeted ...
Continue Reading

From Reactive to Proactive: Cyber Insurance is Driving Optimal Security Investments for Organizations

New data shows that only 3 percent of organizations are solely relying on their current cyber defenses when adding on cyber insurance, indicating that organizations are beginning to ...
Continue Reading

Phishing Continues to Be the Primary Entry to Ransomware Attacks

Phishing remains a top initial access vector for ransomware actors, according to researchers at Cisco Talos. The threat actors often use phishing to steal legitimate credentials so they ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews