Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Checkups and Checklists: Cyber Risk Isn’t Just a Technical Problem

There are many things in our lives we must prepare for to be ready. For other things, we wing it, or we're not prepared to deal with it at the moment.
Continue Reading

What Is AI?

What is AI really? Throughout this article, I will remove the hype and get to the most honest answer ever.
Continue Reading

How to Recognize Fraudulent North Korean Job Applicants

Researchers at Socure warn of an ongoing wave of employment fraud driven by North Korean IT operatives attempting to secure positions at foreign companies.
Continue Reading

How a Fake Cybersecurity Firm Became a Real Threat

Picture this: it's 2021. You're an IT professional, scrolling through LinkedIn, when a message pings. "Bastion Secure," a new cybersecurity company, is hiring. The pay? Excellent.
Continue Reading

Human Risk Management: Cybersecurity as a Business Enabler

Reducing human risk in cybersecurity requires a human-first approach that relies on effective training and practice for people to gain security knowledge, practice secure behavior, and ...
Continue Reading

OpenAI Report Describes AI-Assisted Social Engineering Attacks

OpenAI has published a report looking at AI-enabled malicious activity, noting that threat actors are increasingly using AI tools to assist in social engineering attacks and influence ...
Continue Reading

KnowBe4 Wins Big with 2025 TrustRadius Top Rated Awards

We’re proud to share that KnowBe4 has once again been recognized as a leader in cybersecurity, receiving multiple 2025 TrustRadius Top Rated Awards across our product suite.
Continue Reading

Spear-Phishing Campaign Targets Financial Executives

Researchers at Trellix warn of a spear-phishing campaign that’s targeting CFOs around the world with phony employment offers.
Continue Reading

Warning: Crooks Are Using Vishing Attacks to Compromise Salesforce Instances

A criminal threat actor tracked as “UNC6040” is using voice phishing (vishing) attacks to compromise organizations’ Salesforce instances, according to researchers at Google’s Threat ...
Continue Reading

What Are The Key Components Of A Successful Human Risk Management Program?

When it comes to cybersecurity, organizations face an ever-present and often underestimated threat: human risk.
Continue Reading

Fake MFA Reset Warning Message

A KnowBe4 co-worker of mine recently got this SMS phishing message (i.e., smish).
Continue Reading

FBI Alert: Extortion Gang Targets Law Firms With Social Engineering Attacks

The FBI is warning that the Silent Ransom Group (SRG) is targeting law firms with IT-themed social engineering attacks and callback phishing emails.
Continue Reading

Copyright-Themed Phishing Lures Target Europe

A phishing campaign is targeting European countries with lures themed around copyright infringement, researchers at Cybereason warn.
Continue Reading

The Worsening Landscape of Educational Cybersecurity

Last year, KnowBe4's report "Exponential Growth in Cyber Attacks Against Higher Education Institutions" illustrated the growing cyber threats facing universities and colleges.
Continue Reading

New Unrestricted AI Tool Can Assist in Cybercrime

Researchers at Certo warn that a new AI chatbot called “Venice[.]ai” can allow cybercriminals to easily generate phishing messages or malware code.
Continue Reading

Your KnowBe4 Compliance Plus Fresh Content Updates from May 2025

Check out the May updates in Compliance Plus so you can stay on top of featured compliance training content.
Continue Reading

Beyond Credentials: When Every Data Point Becomes a Weapon

You know what's interesting about data breaches? Everyone focuses on credit card numbers and financial data, but the reality is that every piece of information has value to someone.
Continue Reading

French Users Targeted by Major Phishing Campaign

Researchers at IBM Security warn that a major phishing campaign is targeting users in France, incorporating leaked personal data to make the emails more convincing.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews