Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Stu Sjouwerman

Recent Posts

"Elaborate" Identity Takeover Fraud Hits Australian Businesses

A new procurement scam has netted at least $1.5 million from Australian companies in New South Wales over the past few weeks, according to 10 daily. The scammers are posing as ...
Continue Reading

[NEW FEATURE] KnowBe4 User Event API Helps You Tailor Security Awareness Training Based on Custom User Risk Events

You already know the importance of frequent year-round simulated phishing attacks and security awareness training for your users to help you build a more resilient and secure ...
Continue Reading

CyberheistNews Vol 9 #26 [Heads-up] The U.S. Launched A Cyber Attack On Iran, And We're Expecting Spear Phishing Strike Backs

CyberheistNews Vol 9 #26 [Heads-up] The U.S. Launched A Cyber Attack On Iran, And We're Expecting Spear Phishing Strike Backs The tension in the Middle-East apparently prompted a ...
Continue Reading

Is Compliance Security’s Worst Enemy?

KnowBe4’s Data-Driven Defense Evangelist, Roger Grimes, explains why compliance and security are not aligned, and why compliance actually hurts security.
Continue Reading

Phishing Attacks Go Mobile as Cybercriminals Leverage Push Notifications

Taking advantage of the inherent trust in mobile content, the bad guys are using a mixture of phishing text messages and look-alike sites to trick users into giving up credentials.
Continue Reading

[Heads-up] The U.S. Launched A Cyber Attack On Iran, And We're Expecting Spear Phishing Strike Backs

The tension in the Middle-East apparently prompted a game-changing move by the U.S. President.  Washington Post sources say exactly 10 years after Stuxnet, the President approved a ...
Continue Reading

UK Forensic Crime Labs Shut Down Due To Ransomware Attack

Every police force across England and Wales has been forced to prioritize evidence for forensic testing following a criminal cyber attack affecting one of the primary forensic service ...
Continue Reading

FBI Alert: Last Week Conflict With Iran Can Cause Spear Phishing Retaliation

This blog post has been superseded by a more recent one.  You can find this new post here.
Continue Reading

Phishing Campaign Impersonates Email Alerts From DHS

An ongoing email-based phishing scam is attempting to fool recipients into opening malicious attachments disguised as notifications from the U.S. Department of Homeland Security (DHS), ...
Continue Reading

Why Do Organizations Still Under-report Cybercrime?

It’s estimated that organizations aren’t engaging with Law Enforcement when becoming a victim of a cybercrime in large numbers. We cover 5 reasons why organizations don’t.
Continue Reading

New Survey Uncovers Primary Challenges in Creating A Security Culture

New survey data from security vendor nCipher uncovers why organizations are finding it difficult to engage users to participate willingly in security-minded processes and behaviors.
Continue Reading

The Fake French Minister In A Silicone Mask Who Stole Millions

Identity theft is said to be the world's fastest-growing crime, but in sheer chutzpah there can be few cons to match the story of the fake French minister and his silicone mask.
Continue Reading

Maryland governor signs order to boost cybersecurity after Baltimore ransomware attack

The Hill reported: "Maryland Gov. Larry Hogan (R) on Tuesday signed an executive order aimed at strengthening the state’s cybersecurity capabilities, a month after a debilitating ...
Continue Reading

Bogus Emails: 3.4 Billion Are Sent Every Day...

Research from Valimail shows that at least 3.4 billion phony emails are sent every day, Help Net Security reports. Despite this staggering number, most organizations still aren’t ...
Continue Reading

How Hackers Emptied Church Coffers with a Phishing Attack and Social Engineering Phone Call

Cyber thieves aren't bound by a code of ethics. They look for weak targets and high rewards, which is exactly what Saint Ambrose Catholic offered.
Continue Reading

Massive Cyberheist Bankrupts Medical Debt Collector

AMCA, a medical billing collections agency that was hacked last year in an incident believed to impact millions of medical patients is now seeking a federal bankruptcy court’s protection ...
Continue Reading

Hit by Ransomware Attack, Florida City Agrees to Pay Hackers $600,000

It was all over the press, and even made it in the New York Times: "The leaders of Riviera Beach, Fla., looking weary, met quietly this week for an extraordinary vote to pay nearly ...
Continue Reading

[NEW FEATURES] Branded Certificates and End User Surveys

We are excited to announce the release of two new features in the KnowBe4 platform. Branded Certificates and End User Training Surveys!
Continue Reading

Subdomain Scam Hits Australian Government Seeking Money to “Register” Bogus Domain Names

Employees of agencies within the Australian government have been receiving targeted emails offering to register what amounts to a subdomain of a legitimate look-alike domain.
Continue Reading

U.S. May Face Cyberwar with Russia After Purported U.S. Attacks on Russian Power Grid

The hacking of Russia’s power grid by the U.S. has led to a formal warning from the Kremlin that could escalate into an all-out cyberwar with attacks on U.S. businesses, agencies, and ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews