Stu Sjouwerman

Chief Executive Officer & President

Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

Books

Cyberheist E-Book

Find all of Stu's books on Amazon

HP Enterprise Reveals It was hacked by the same Russians that broke into Microsoft

Jan 25, 2024 11:24:46 AM By Stu Sjouwerman

In a new SEC disclosure, Hewlett Packard Enterprise (HPE) announced on Wednesday that it fell prey to the same Russian intelligence group, known as Midnight Blizzard or Cozy Bear, that ...

New Evasive Phishing Technique “Legacy URL Reputation Evasion" (LURE)

Jan 25, 2024 8:59:50 AM By Stu Sjouwerman

Researchers at Menlo Security observed a 198% increase in browser-based phishing attacks over the past six months.

Social Engineering Attacks Rising in the Trucking Industry

Jan 25, 2024 8:59:28 AM By Stu Sjouwerman

Spear phishing and voice phishing (vishing) are on the rise in the trucking industry, according to a new report from the National Motor Freight Traffic Association (NMFTA).

New Deepfake Video Scam has “Taylor Swift” Offering Free French Cookware

Jan 25, 2024 8:59:23 AM By Stu Sjouwerman

A new wave of ads utilizing video of well-known celebrities seemingly promoting video games, fake giveaways, and more are starting to popup, and fans are falling for this trap.

Use of Generative AI Apps Jumps 400% in 2023, Signaling the Potential for More AI-Themed Attacks

Jan 24, 2024 8:20:31 AM By Stu Sjouwerman

As the use of Cloud SaaS platforms of generative AI solutions increases, the likelihood of more “GPT” attacks used to gather credentials, payment info and corporate data also increases.

North Korean Threat Actor Targeting Cybersecurity Researchers With Spear Phishing Attacks

Jan 24, 2024 8:20:21 AM By Stu Sjouwerman

A suspected North Korean state-sponsored threat actor called “ScarCruft” is launching spear phishing attacks against cybersecurity professionals, according to researchers at SentinelOne.

Myth of Massive Data Breach Busted: Big Headlines Mask a Minor Threat

Jan 23, 2024 4:21:14 PM By Stu Sjouwerman

Ok, I'll admit it, I was swept up in the moment last week and wrote a short blog post that more or less summarized the tsunami of news about that huge data breach initially reported by ...

CyberheistNews Vol 14 #04 'Swatting' Becomes the Latest Extortion Tactic in Ransomware Attacks

Jan 23, 2024 9:48:02 AM By Stu Sjouwerman

Facebook Phishing Scams Target Concerned Friends and Family

Jan 22, 2024 2:06:13 PM By Stu Sjouwerman

BleepingComputer describes a phishing scam that’s been running rampant on Facebook for the past several months, in which threat actors use hacked accounts to post links to phony articles ...

Russian State-Sponsored Threat Actor Targets High Profile Individuals in Phishing Campaign

Jan 22, 2024 2:00:15 PM By Stu Sjouwerman

The Russian state-sponsored threat actor “COLDRIVER” is launching phishing campaigns against “high profile individuals in NGOs, former intelligence and military officers, and NATO ...

Russian Hackers Win Big: Microsoft's Senior Exec Team Emails Breached

Jan 20, 2024 9:45:06 AM By Stu Sjouwerman

In a Friday regulatory filing, Microsoft has reported that its corporate email accounts were compromised by a Russian state-sponsored hacking group known as Midnight Blizzard, also ...

Facebook Work-From-Home “Job” Posting Scam Goes the Extra Mile to Trick Victims

Jan 19, 2024 12:50:46 PM By Stu Sjouwerman

A new job posting scam found by IT security company Qualysys is focused on capturing victim’s identity details, accessing victim’s Facebook accounts, and committing fraud. In this new ...

More Than Half of Data Breaches in the U.K.’s Legal Sector are Due to Insider Error

Jan 18, 2024 2:32:22 PM By Stu Sjouwerman

A new analysis of data breaches in the United Kingdom's legal sector shows that organizations need to be looking inward more and look for ways to elevate the security awareness of ...

Scammers Target Owners of Missing Pets

Jan 18, 2024 9:33:32 AM By Stu Sjouwerman

Some particularly cold-hearted scammers are targeting users of lost pet forums with phony ransom demands, the BBC reports.

‘Swatting’ Becomes the Latest Extortion Tactic in Ransomware Attacks

Jan 18, 2024 8:38:31 AM By Stu Sjouwerman

Rather than stick to traditional ransomware extortion methods that revolve around the attack itself, a new form of extortion known as Swatting puts the focus on the victim organization’s ...

Ninety-Four Percent of Organizations Sustained Phishing Attacks Last Year

Jan 18, 2024 8:18:57 AM By Stu Sjouwerman

A survey by Egress has found that 94% of organizations were hit by phishing attacks in 2023, Infosecurity Magazine reports. Additionally, 91% of firms experienced data loss and ...

Malicious APKs Drain Bank Accounts

Jan 16, 2024 2:00:08 PM By Stu Sjouwerman

A phishing campaign is targeting Chinese users in an attempt to distribute malicious apps, according to researchers at Palo Alto Networks’s Unit 42.

Cryptocurrency Drainer Distributed Through Phishing

Jan 16, 2024 1:59:42 PM By Stu Sjouwerman

Mandiant has published a report on “CLINKSINK,” a cryptocurrency Drainer-as-a-Service (DaaS) that’s targeting users of the Solana currency.

LinkedIn is Being Used for Dating – It’s a Recipe for Disaster

Jan 16, 2024 10:20:50 AM By Stu Sjouwerman

A new article explains how business professionals are beginning to be not-so-professional and seeking to make personal connections. It’s only a matter of time before cybercriminals jump ...

CyberheistNews Vol 14 #03 Red Flags for Phishing: Verizon Outlines Latest Scams to Watch Out For

Jan 16, 2024 9:00:00 AM By Stu Sjouwerman

Security Awareness Training Blog

View Topics