Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Employees Don’t Take USB Security Seriously, Putting Organizations at Risk

USB devices continue to be a necessity for employees, an entry point for attackers, and an insecure medium to connect the two, spelling trouble for organizations.
Continue Reading

U.S. Department of Homeland Security Issues List of Office 365 Security Vulnerabilities and Best Practices

The latest Analysis Report covers both areas of concern around Office 365 configurations that impact security, and offers up some simple recommendations to shore up vulnerabilities.
Continue Reading

Tell us about your biggest security threats for a chance to win a $100 Amazon Gift Card!

  Once a year, KnowBe4 runs its  Security Threats and Trends Survey. We’re polling IT and Security executives, administrators and professionals like yourself on what technology and ...
Continue Reading

Q1 2019 Top-Clicked Phishing Email Subjects from KnowBe4 [INFOGRAPHIC]

Every quarter, KnowBe4 reports on the top-clicked phishing emails by subject lines in three categories: Social, General, and 'In the Wild'. The latter category results come from ...
Continue Reading

Financial Firms Spend $2,300 Per Employee Attempting to Address Cyber Security Concerns

A new joint study by Deloitte and the Financial Services Information Sharing and Analysis Center highlights the budget impacts establishing and maintaining cybersecurity.
Continue Reading

Volunteer Cyber Crime Fighters Band Together in New York

Kim Nash reported in the WSJ Pro CyberSecurity newsletter—which I warmly recommend, it is an excellent daily news update—that "more than 100 applicants seek to volunteer their ...
Continue Reading

KnowBe4 Acquires CLTRe; Shines Spotlight on Security Culture Measurement

I'm happy to announce our acquisition of CLTRe, which we feel demonstrates the importance of managing the human risk. We’re excited to welcome Kai and the CLTRe team to the KnowBe4 family ...
Continue Reading

[LIVE WEBINAR] Empowering Your Human Firewall: The Art & Science of Secure Behavior

You know that "security awareness" is key to a comprehensive security strategy. But just because someone is aware doesn't mean they care. So how can you design programs that work with, ...
Continue Reading

“Hack for Hire” Groups Offer Single Account Break-In Services For Just $750

  Along with everything else malicious that’s available “as-a-Service”, the latest addition takes the burden of trying to initially hack an organization off of the plate of would-be ...
Continue Reading

Global GozNym Takedown Shows The Anatomy Of A Modern Cybercrime Supply Chain

By Javvad Malik, our new Security Awareness Advocate for EMEA. A multi-national collaborative law enforcement effort has arrested individuals allegedly behind Nymaim and Gozi, also known ...
Continue Reading

[PODCAST] Hacking Humans Live At KB4CON 2019

Last week, we had the pleasure of hosting the first ever live episode of the Hacking Humans podcast at KB4-CON in Orlando, where Kevin Mitnick and I teamed up with Dave Bittner and Joe ...
Continue Reading

Account Takeover Attacks Increase as Cybercriminals Fine-Tune Their Brand Impersonation, Social Engineering, and Phishing Skills

The latest Spear Phishing Report from Barracuda highlights how cybercriminals are systematically improving their game… and are becoming more successful for it. The capturing of user ...
Continue Reading

6 Signs You’ve Successfully Created a Security Culture

Security culture is much more than just IT policies and processes; it requires buy-in and participation from every user. Learn 6 ways to tell if you’re on the right path to building a ...
Continue Reading

What's Wrong With The New Bill That Proposes Cyber Security Training for U.S. House Members?

A bill introduced last week requires all members, officers and employees of the U.S. House of Representatives to undergo cybersecurity training.
Continue Reading

InfraGard Recommends User Education

Education is crucial in defending against evolving social engineering attacks, according to Jack Plaxe, president of the Kentucky InfraGard Alliance. During a presentation last week, ...
Continue Reading

Phishing Attacks Top Verizon’s List of Threat Actions Used in Data Breaches

Verizon’s latest Data Breach Investigations Report provides valuable insight into exactly how attacks are carried out, what tactics are working, and how users are helping.
Continue Reading

[Heads-Up] If This Is True It's A Disaster. Three Major US Antivirus Companies Breached? ***UPDATED

ARSTECHNICA is getting me worried here. We were all at KB4-CON in Orlando the last few days, and during the conference word got to me that security researchers found out that high-profile ...
Continue Reading

[Spoiler!] That Free Avengers: Endgame Download You Found Online? It’s a Scam!

The lure of watching the latest Avengers movie is enough motivation for some to fall for this scam aimed at collecting your credit card data.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews