Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Stu Sjouwerman

Chief Executive Officer & President

Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.


Recent Posts

FBI Warns of Spike in W2 Phishing But Two Central Texas Employers Fall For The Scam

The FBI has joined the IRS in warning that W2 tax form phishing is on the rise. The US tax filing deadline is now less than a month-and-a-half away, and tax-themed phishing is trending ...
Continue Reading

[On-Demand Webinar] What Most Computer Security Defenses Are Doing Wrong and How to Fix It

Most companies have huge gaps in their computer security defenses, and can be compromised at will by a determined hacker. The industry even has a term for it: “Assume Breach”. But it ...
Continue Reading

Another Ransomware Variant Strikes Colorado DOT Days after Initial Attack

Colorado’s Department of Transportation (CDOT) has suffered an infection from another variant of the same ransomware family that attacked it just days earlier. On 1 March, a variant of ...
Continue Reading

UK University Students Lose £100,000 to Phishing

Phishing technique aided by social engineering in the form of using social channels to friend victims and create fake events to get creds. UK university students have been conned out of ...
Continue Reading

Almost One Quarter Of Canadians Have Clicked On A Phishing Link

TORONTO, March 1, 2018 /CNW/ - Online payment fraud like phishing is a growing trend, and Canadians are worried about it. According to a new survey conducted by Interac Corp., Canadians ...
Continue Reading

Ad Network Uses Advanced Malware Technique To Conceal Cryptojacking Ads

I blogged a few days ago about a method to embed a crypto-mining script in a Word doc. Turns out an ad network has done an even better job! Arstechnica wrote: "Domain-name algorithms are ...
Continue Reading

Financial phishing accounts for over 50% of all phishing attacks for the first time

In 2017 Kaspersky Lab’s anti-phishing technologies detected over 246 million user attempts to visit different kinds of phishing pages. Of those, over 53 per cent were attempts to visit a ...
Continue Reading

Hackers Invade German Ministries of Defense and Foreign Affairs

Foreign hackers have invaded secure networks of various German government departments. According to German and Dutch media, the Ministries of Foreign Affairs and Defense were among the ...
Continue Reading

Organizations Are Failing To Learn From Phishing And Ransomware Attacks

Warwick Ashford, security editor at ComputerWeekly had an interesting observation after reading CyberArk's latest cyber threat report: "Organisations are failing to learn from cyber ...
Continue Reading

Defender Comes To Aid Of Older Microsoft Windows Versions

Antivirus companies are not going to like this. Microsoft blogged that their Windows Defender Advanced Threat Protection (ATP) security service soon will be coming to Win7 and Win8.1 ...
Continue Reading

Annabelle: The Terrifying New Ransomware Variant

A new ransomware variant called Annabelle has been discovered, which seems to have been designed to ‘show off the skills’ of the developer who created it, by being as difficult to deal ...
Continue Reading

Which phishing messages have a near 100% click rate?

Zeljika at HelpnetSecurity had a great summary of Wombat's latest State of the Phish report: "Training employees to spot phishing emails, messages and phone calls can’t be done just once ...
Continue Reading

The Class Action Litigation Consequences of Business Email Compromise Attacks

Sunil Shenoi, Seth Traxler and Gianni Cutri are partners at Kirkland & Ellis LLP and advise clients on a variety of data security issues, including responding to data security ...
Continue Reading

2,000 Systems Down Due To SamSam Ransomware Infection At Colorado Department of Transportation

February 22, the attack hit CDOT’s computers, encrypted files and demanded to pay the ransom in Bitcoins. Security officials shut down more than 2,000 employee computers while they ...
Continue Reading

Insider Trading Can Pose Cyber Security Risks Says SEC Chair Clayton

Securities and Exchange Commission Chair Jay Clayton warned today insider trading by executives from undisclosed hacks and weak protections can pose cyber security risks to the reputation ...
Continue Reading

Bad news: 43% of login attempts 'malicious' Good news: Er, umm...

The Register in the UK reported: "An extraordinary 43 per cent of all attempted online account logins are malicious, Akamai claims in its latest internet security report. "Credential ...
Continue Reading

Now *HERE* Is A Devious Combo pretexting / vishing / SMS Social Engineering Attack!

Someone on Reddit described how he was the victim of a very sophisticated social engineering attack. Wow, this is crafty. This is the story!: "I have different passwords for every website ...
Continue Reading

PHISHING SCHEMES NET HACKERS MILLIONS OF DOLLARS FROM FORTUNE 500

IBM has uncovered sophisticated CEO Fraud campaigns—aka Business Email Compromise—which are successfully targeting Fortune 500 companies. On Wednesday, researchers from IBM's X-Force ...
Continue Reading

Cryptojacking Scripts And Phishing Pages Could Soon Invade Your Word Documents

Let's open that doc file and watch the Matrix again. Catalin Cimpanu at Bleepingcomputer had the scoop on this concerning news: "Cryptojacking scripts that mine Monero via JavaScript code ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews