Stu Sjouwerman

Chief Executive Officer & President

Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

Books

Cyberheist E-Book

Find all of Stu's books on Amazon

Effective Social Engineering Matters More than Zero-Days

Jul 20, 2018 12:07:51 PM By Stu Sjouwerman

There's an interesting criminal campaign in progress against government targets in Ukraine. Note that we usually first see them there, and then they spread out to Western Europe and the ...

Samsam Ransomware infected thousands of LabCorp systems via brute force RDP

Jul 20, 2018 7:25:57 AM By Stu Sjouwerman

LabCorp contained the attack within 50 minutes, says they're at about 90-percent operational capacity

Russian Reminders: Phishing is Fruitful

Jul 19, 2018 5:16:40 PM By Stu Sjouwerman

The recent indictment by special counsel Robert Mueller of 12 Russian military officials for the hacking of Democratic servers and emails in 2016 is a powerful reminder – phishing works.

$250,000 CEO Fraud In A Municipal Finance Department

Jul 19, 2018 1:46:37 PM By Stu Sjouwerman

Local, state, and Federal authorities are investigating a phishing attack that victimized the city of Alamogordo, New Mexico. One of the city's procurement officers received what appeared ...

Can We Ever Truly Stop Ransomware?

Jul 18, 2018 3:57:02 PM By Stu Sjouwerman

A recent Class-Action lawsuit against EHR vendor Allscripts raises the question of where fault should lie when ransomware attacks are successful.

FBI Warns that Business Email Compromise (CEO Fraud) is a "$12 Billion Scam"

Jul 18, 2018 3:22:37 PM By Stu Sjouwerman

The FBI is again warning of the threat posed by business email compromise (BEC, aka CEO Fraud) and email account compromise (EAC). Together, says the Bureau, these have cost businesses ...

SANS: "Less Than Half of Cyberattacks Detected via Antivirus"

Jul 18, 2018 1:19:21 PM By Stu Sjouwerman

We have been saying here for a while that antivirus is dead, but SANS just confirmed it in a new report that starts with: "Companies are buying next-gen antivirus and fileless attack ...

UK SMEs: Know Your Enemy. Plan Your Defense

Jul 17, 2018 1:13:33 PM By Stu Sjouwerman

Organizations in the UK with 250 employees or less need a solid understanding of the attack potential, methods used, and how to prepare.

CyberheistNews Vol 8 #28

Jul 17, 2018 9:35:31 AM By Stu Sjouwerman

Ransomware Mid-Year Update: It’s Worse Than Ever

Jul 16, 2018 4:59:06 PM By Stu Sjouwerman

We’re finally getting a look at how much ransomware attacks have been seen in the wild in the first half of 2018 – and the numbers are astounding.

Another Hacking Scandal? Russians could be behind 'cyber caliphate'

Jul 16, 2018 7:13:30 AM By Stu Sjouwerman

The US Senate is asking the Justice Department to look into the possibility that an Islamic extremist hacking group was actually the work of the Russian government.

Russian Indictment: They Used Criminal Tradecraft like Spearphishing To Hack The Democratic Party

Jul 15, 2018 2:42:39 PM By Stu Sjouwerman

The email arrived in Hillary Clinton’s campaign chairman John Podesta’s inbox around March 19, 2016, during the height of the presidential primaries, spoofed to look like a standard ...

What Would You Like To Ask Kevin Mitnick About Social Engineering?

Jul 14, 2018 5:02:39 PM By Stu Sjouwerman

Here's your chance. Late August we'll do a live webinar with Kevin, and he asked me to find out what questions you have for him regarding social engineering, so we can cover them in this ...

Bad guys use Google's Golang to cross-compile multi-platform malware

Jul 14, 2018 4:34:36 PM By Stu Sjouwerman

Here is the bad news: The use of Google's Golang (also called Go) programming language allows attackers to cross-compile malware for use on multiple platforms, making potential attacks on ...

New Report: Mobile Phishing on the Rise

Jul 13, 2018 1:28:53 PM By Stu Sjouwerman

With users being three times more likely to click on a suspicious link on their mobile device, along with over half of mobile users tapping on a phishing URL, mobile phishing is a bigger ...

[Scam Of The Week] Amazon Prime Day Is Only 4 days away

Jul 12, 2018 4:35:15 PM By Stu Sjouwerman

It's a prime opportunity for the bad guys to send a raft of phishing attacks. We do have a "Free Amazon Prime Account" template that we just modified to fit a Prime Day-style scam. It's ...

From the Phishing Archives: Just How Far Will Cybercriminals Go for a Scam? Apparently into Outer Space.

Jul 12, 2018 11:08:53 AM By Stu Sjouwerman

The Nigerian Prince scam was found taking a turn upwards to the stars, seeking your help to bring a poor lonely astronaut home.

Do You Have A Millennial Security Awareness Training Gap?

Jul 12, 2018 11:04:51 AM By Stu Sjouwerman

Unlike previous generations, millennials have used (and trusted) technology all their lives. So, does it cause a gap in your organization’s Security Awareness Program?

North Korea Brings Light to a “Cool” Way to Spread Malware

Jul 12, 2018 11:02:27 AM By Stu Sjouwerman

In the midst of all the political talk about the recent summit between the United States and North Korea, one particular gift caught the eye of security experts.

Sextortion Phishing Campaign Uses Recipient's Hacked Passwords

Jul 12, 2018 10:31:33 AM By Stu Sjouwerman

Krebs on Security has posted a new item: "Here's a clever new twist on an old email scam that could serve to make the con far more believable. The message purports to have been sent from ...

Security Awareness Training Blog

View Topics