Keeping you informed. Keeping you aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.
Eastern European organized crime, not state-sponsored hackers, were behind the record breaking 2014 Yahoo data breach that exposed information about hundreds of millions of Yahoo user ...
When we talk with folks outside the security industry about what we see from the bad guys on a daily basis, we often get the response, "Wow! That's really sneaky." And it's true. The bad ...
Of course everyone knows that hacking into a computer is a federal crime, and infecting a system with ransomware already falls into that bucket. However, California’s SB-1137, signed into ...
Police have arrested a 147 million international fraud and money laundering ring, and jailed nine fraudsters jailed for over 27 years The gang targeted thousands of Lloyds and RBS ...
In Short: The Necurs botnet is one of the world's largest botnets with more than 6 million zombie machines tied into it. It's run by Russian organized cybercrime and responsible for ...
An employee sent this recent horror story to me (thanks Rachel). Remember there are three ways of learning. :-D Read it in a book, blog (or training session) understand it and apply it ...
By Eric Howes, KnowBe4 Principal Lab Researcher. Over the past few months we've discussed the rising use of price discrimination among purveyors of ransomware to maximize their returns on ...
You asked and we listened! We’ve enhanced our Phishing Campaign creation options to give you more flexibility and customization when phishing your users! You can now: Phish your users ...
It's all over the press. Here is a quote from Reuters: "Yahoo Inc said on Thursday information associated with at least 500 million user accounts was stolen from its network in 2014 by ...
Earlier this year we posted about Jsocket, a highly malicious Trojan that we spotted being delivered through phishing emails shared with us via the Phish Alert Button (PAB). Although ...
Phishing attacks using false Apple Store email messages, fake landing pages and sometimes fake login pages are still a very popular attack vector. They still make it through all the ...
By Eric Howes, KnowBe4 Principal Lab Researcher. Anyone who works a job in the computer security industry inevitably develops a kind of dark appreciation for the mad skills so often ...
Andra Zaharia (the picture is really her) from the Danish Heimdal Security wrote something interesting this morning that I thought you'd like to know:
KnowBe4's Templates Mistress Katie has been busy again adding a new batch of phishing templates to the collection of "System Templates" available to active subscribers.
Most scams on the internet are "short con" scams, compare them to hit & run. However, "long con" scams have started to show up that can take a few months to finally steal the money. ...
CNBC reported some pretty stunning breaking news. I cannot come up with a better case for new-school security awareness training for employees in accounting and HR. A lawsuit filed on ...
*|CyberHeistNews|* CyberheistNews Vol 6 #38 [ALERT] The FBI Warns That Ransomware Attacks Are Getting More Dangerous And Expensive In an alert published this week, the U.S. Federal Bureau ...
Intel Security's McAfee Labs Threat Report for September 2016 provides insight into the latest security statistics and trends, ranging from botnets to ransomware to malware "zoos." Large ...
SecurityAffairs just published a new discovery that you need to know about. A Brazilian Infosec research group, Morphus Labs, just discovered a new Full Disk Encryption (FDE) ransomware ...
In an alert published today, the U.S. Federal Bureau of Investigation (FBI) warned that recent ransomware variants have targeted and compromised vulnerable business servers (rather than ...
Here’s an example of a highly targeted ransomware attack, with bad guys using a phony Bank of Montreal (BMO) template to social engineer possible victims into clicking on a malicious ...
Intel Security today released its McAfee Labs Threats Report: September 2016, which assesses the growing ransomware threat; surveys the “who and how” of data loss; explains the practical ...
We are seeing a big phishing wave with a social engineering attack that threatens with a personalized lawsuit using the domain name of the targeted victim. This is an interesting payload ...
Kaspersky has a fascinating blog post on a new strain of ransomware called RAA that is not only fairly sophisticated, but incredibly abusive:
Hard drive manufacturer Seagate was sued by its own employees as the result of a successful CEO fraud attack where all the personal information of 10,000 existing and former employees ...
Larry Abrams at Bleepingcomputer reported on a new strain that raises some eyebrows. "A new version of the Stampado ransomware called Philadelphia has started being sold for $400 USD by a ...
We spotted an unusual phishing email which revealed a new scam your users will soon find in their inbox. Time to inoculate them before it becomes a problem! Many online service providers ...
For the last 9 years I have been a board member of the public/private Clearwater Downtown Partnership. And as many public organizations, all the board member information is freely ...
The following question was posted in the SANS Securing The Human forum. I thought it was a very good point and asked our VP Product Greg Kras for his perspective. First the question:
A customer sent us this: Hi, I wanted to share with you a funny story…. My boss calls me into her office, very serious like. She sits me down and asks “Did you use the company credit card ...
Hi All, KnowBe4 is looking for a few good people. Specifically we are hiring a QA Engineer and a Senior Ruby Developer. Know anyone? Send them to our Jobs page on the website. KnowBe4 is ...
By Eric Howes, KnowBe4 Principal Lab Researcher. Yesterday we spotted an unusual phishing email that we'd like to share with readers. If nothing else, it tells us that the increased ...
The Tampa Bay Business Journal published an interview with FBI Special Agent Lawrence Wolfenden. Wolfenden is a 25-year veteran of the FBI, the lead agency for investigating cyber attacks ...
Microsoft recently came across a threat that uses social engineering but delivers a different payload than the usual Office document with macros. Its primary purpose is to change a user’s ...
Larry Abrams at Bleepingcomputer reported on a new strain with a few unusual features: "A new ransomware that pretends to be from a fake organization called the Central Security Treatment ...
The Smoking Gun reported: "SEPTEMBER 2--The FBI’s Hillary Clinton investigation turned up evidence that her e-mail accounts were targeted in multiple “spear phishing” attacks, one of ...
Want someone's credentials? Just social engineer them. Phishing is still responsible for 91% of data breaches and has been for the last few years. A Russian cyber mafia has created a ...
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! You ...
Earlier in August, one of the world's largest cable manufacturers Leoni AG publicly confessed that it had fallen victim to a classic CEO Fraud attack that has cost the company a whopping ...
