Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Stu Sjouwerman

Chief Executive Officer & President

Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.


Recent Posts

New Training Module: Safe Travels for Road Warriors

I'm excited to announce a new module that has been quite some time in the making! A 12-minute animated course with lots of interactivity for those that travel for business—and some very ...
Continue Reading

Employee Negligence – Your Organization's (bigger than you think) Nightmare

A new study shows a vast majority of C-level executives see employee negligence as one of their most pressing security risks.
Continue Reading

CyberheistNews Vol 8 #29

Continue Reading

New Policy Feature Added to the KnowBe4 Platform

KnowBe4 is excited to announce the introduction of the new Policy feature. The Policy feature gives you as an Admin the ability to store, distribute, and track various policy ...
Continue Reading

Scam of the Day: Sextortion, Old Passwords, and You

The “Sextortion” phishing scam makes use of compromised password data, recipient gullibility, and visits to porn websites to separate victims from their money. The scam message comes from ...
Continue Reading

Scam Of The Week: *Another* New CEO Fraud Phishing Wrinkle

So, here's a new CEO Fraud phish: see these fresh screen shots from emails reported to us through the free KnowBe4 Phish Alert Button. Bad guys spoof the managing partner and CPA and an ...
Continue Reading

Effective Social Engineering Matters More than Zero-Days

There's an interesting criminal campaign in progress against government targets in Ukraine. Note that we usually first see them there, and then they spread out to Western Europe and the ...
Continue Reading

Samsam Ransomware infected thousands of LabCorp systems via brute force RDP

LabCorp contained the attack within 50 minutes, says they're at about 90-percent operational capacity
Continue Reading

Russian Reminders: Phishing is Fruitful

The recent indictment by special counsel Robert Mueller of 12 Russian military officials for the hacking of Democratic servers and emails in 2016 is a powerful reminder – phishing works.
Continue Reading

$250,000 CEO Fraud In A Municipal Finance Department

Local, state, and Federal authorities are investigating a phishing attack that victimized the city of Alamogordo, New Mexico. One of the city's procurement officers received what appeared ...
Continue Reading

Can We Ever Truly Stop Ransomware?

A recent Class-Action lawsuit against EHR vendor Allscripts raises the question of where fault should lie when ransomware attacks are successful.
Continue Reading

FBI Warns that Business Email Compromise (CEO Fraud) is a "$12 Billion Scam"

The FBI is again warning of the threat posed by business email compromise (BEC, aka CEO Fraud) and email account compromise (EAC). Together, says the Bureau, these have cost businesses ...
Continue Reading

SANS: "Less Than Half of Cyberattacks Detected via Antivirus"

We have been saying here for a while that antivirus is dead, but SANS just confirmed it in a new report that starts with: "Companies are buying next-gen antivirus and fileless attack ...
Continue Reading

UK SMEs: Know Your Enemy. Plan Your Defense

Organizations in the UK with 250 employees or less need a solid understanding of the attack potential, methods used, and how to prepare.
Continue Reading

CyberheistNews Vol 8 #28

Continue Reading

Ransomware Mid-Year Update: It’s Worse Than Ever

We’re finally getting a look at how much ransomware attacks have been seen in the wild in the first half of 2018 – and the numbers are astounding.
Continue Reading

Another Hacking Scandal? Russians could be behind 'cyber caliphate'

The US Senate is asking the Justice Department to look into the possibility that an Islamic extremist hacking group was actually the work of the Russian government.
Continue Reading

Russian Indictment: They Used Criminal Tradecraft like Spearphishing To Hack The Democratic Party

The email arrived in Hillary Clinton’s campaign chairman John Podesta’s inbox around March 19, 2016, during the height of the presidential primaries, spoofed to look like a standard ...
Continue Reading

What Would You Like To Ask Kevin Mitnick About Social Engineering?

Here's your chance. Late August we'll do a live webinar with Kevin, and he asked me to find out what questions you have for him regarding social engineering, so we can cover them in this ...
Continue Reading

Bad guys use Google's Golang to cross-compile multi-platform malware

Here is the bad news: The use of Google's Golang (also called Go) programming language allows attackers to cross-compile malware for use on multiple platforms, making potential attacks on ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews