Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Stu Sjouwerman

Recent Posts

KnowBe4's Top-Clicked Phishing Email Results for Q4 2021 Compare the U.S. and EMEA [INFOGRAPHIC]

KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. We analyze the top categories, general subjects (in both the United States and Europe, Middle East and ...
Continue Reading

A Cyberespionage Group Uses Social Engineering

A sophisticated China-aligned threat actor is using social engineering to carry out cyberespionage and financially motivated attacks, according to researchers at Trend Micro.
Continue Reading

North Korean Cryptocurrency Theft Relies on Social Engineering

A North Korean threat actor being called “BlueNoroff,” a subunit of Pyongyang’s Lazarus Group, has been targeting cryptocurrency startups with financially motivated attacks, researchers ...
Continue Reading

KnowBe4 Named a 2021 Gartner Peer Insights™ Customers’ Choice for Security Awareness Computer-Based Training

KnowBe4 is excited to announce that we have been recognized as an overall Customers’ Choice in the December 2021 Gartner Peer Insights ‘Voice of the Customer’: Security Awareness ...
Continue Reading

Nuclear Ransomware 3.0: We Thought It Was Bad and Then It Got Even Worse

We thought it was bad enough when traditional ransomware started to steal data in its second generation of evolution, now dubbed "double extortion". The third stage of ransomware is ...
Continue Reading

Fifty FIFA eSports Accounts Were Hacked Via Social Engineering

Video game maker Electronic Arts (EA) has stated that around fifty high-profile accounts for the soccer game FIFA 22 were hacked after attackers manipulated the company’s customer service ...
Continue Reading

FBI: Beware of a New Google Voice Authentication Scam – Even if You Don’t Use Google Voice!

A new advisory warns of a scam that can affect literally anyone designed as a precursor to additional vishing scams and/or to perform Gmail account takeovers.
Continue Reading

Payment Fraud Moves to the Real World with Fake QR Codes on Parking Meters

Scammers are using the professional-looking stickers to point those parking to an alternate pay site to collect credit card details in the perfect situation where victims would be none ...
Continue Reading

U.S. Government Warns of More Cyberattacks Targeting Critical Infrastructure

A new joint cybersecurity advisory from CISA, the FBI, and the NSA cautions organizations against Russian-based attacks and provides mitigations to be implemented.
Continue Reading

It’s a Fact: Cyberattacks Continue Because Your Users Forget

The weakest part of your cybersecurity can be identified by looking at how cyberattacks take place, and how well your defenses stand up. But did you know the answer comes from the year ...
Continue Reading

“Information Disorder”: Giving a Name to One of the Most Impactful Parts of Phishing Scams

At the core of every phishing scam is a combination of a bunch of lies and (sometimes) a few truths. A new focus on better defining the misuse of information provides insight into why ...
Continue Reading

Over 200 Ransomware Strains Detected in Last Part of 2021

With the news focused on just a few key ransomware strains, it’s understandable to think you’ll never be a target. But newly-released data shows who’s doing the attacking and who’s being ...
Continue Reading

KnowBe4 Named a Leader in the Winter 2022 G2 Grid Report for Security Awareness Training

The latest G2 Grid Report compares Security Awareness Training (SAT) vendors based on user reviews, customer satisfaction, popularity and market presence.
Continue Reading

Business Email Compromise Attack Leads to Millions in Non-Profit Loss

A business email compromise attack at Illinois’s Office of the Special Deputy Receiver led to a loss of $6.85 million, Ray Long at the Chicago Tribune reports. Long describes the Office ...
Continue Reading

Ransomware Attacks Could Result in Higher Cybersecurity Stocks

Ransomware attacks have been dominant for hackers. And according to Investor's recent article, this means good news for cybersecurity stocks.
Continue Reading

Your KnowBe4 Fresh Content Updates from December 2021

Check out the 38 new pieces of training content added in December, alongside the always fresh content update highlights and new features.
Continue Reading

Hive Ransomware-as-a-Service Races to the Top as Affiliates Breach 350 Organizations in Just 4 Months

A mere blip on the ransomware radar a quarter ago, the massive onslaught of attacks using Hive Ransomware demonstrates how dangerous the “as-a-Service” model really is.
Continue Reading

Over 1200 Man-in-the-Middle Phishing Toolkits Designed to Intercept 2FA Found in the Wild

An academic partnership between Stony Brook University and Palo Alto Networks uncovered a massive use of tools that will steal authentication cookies mid-stream instead of credentials.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews