Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Stu Sjouwerman

Chief Executive Officer & President

Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.


Recent Posts

New Defray Ransomware Demands $5,000 In Customized Spear Phishing Attacks

This newly discovered ransomware strain is targeting healthcare, education, manufacturing and tech sectors in the US and UK, using customized spear phishing emails. Defray is demanding a ...
Continue Reading

The RopeMaker Exploit Can CHANGE An Already Delivered Email

Our friends at Mimecast are warning against something scary! This is a sobering example of why scanners and filters will always be behind in the security arms race... They wrote: "Most ...
Continue Reading

Health Care Systems Remain Targets of Ransomware And Phishing Attacks in 2017

Health care networks and providers are squarely in the cross hairs of ransomware cyber criminals and if the current rate of attacks continue it will likely exceed last years' events ...
Continue Reading

Microsoft Wakes Up To The Fact That Cyber Security Risk Is A Business Risk [VIDEO]

The 800-pound Redmond Gorilla asks: "Should your security focus be on systems or people?" They wrote: "In the latest Modern Workplace episode, “Cyber Intelligence—The Human Element,” we ...
Continue Reading

Enigma Hacked Before ICO Date -- CEO Had Not Changed A Compromised Password

Wherever there’s a lot of money to be made cyber thieves are not far behind. Think sharks surrounding a bait ball. Enigma is a financial data marketplace founded by a team from MIT which ...
Continue Reading

Inside The New York Hospital That Was Down For 6 Weeks Due To Ransomware

If you ever needed ammo to convince budget holders that you need more IT security resources, this is the link to send them. It is a great discussion-starter how an attack like this would ...
Continue Reading

[On-Demand Webinar] How To Phish Like the Bad Guys

Despite all the spectacular news stories about advanced persistent threats and targeted hacks from nation-states, the most common security challenge facing enterprises today continues to ...
Continue Reading

SyncCrypt Uses Graphic File to Cloak Ransomware in ZIP Phishing Payload

Emisoft Security researcher xXToffeeXx discovered another new phishing threat adept at bypassing Antivirus using a variation of the game played by PowerPoint PPSX attachment phishing ...
Continue Reading

Criminals Use Social Engineering To Make Victims Install Malicious Chrome Extensions

The attackers did reconnaissance on their targets, using social networks which people inside the organization were involved in making financial transactions. These victims were then ...
Continue Reading

Here Is A Cool And Useful INFOGRAPHIC About Social Engineering

Kevin Mitnick, KnowBe4's Chief Hacking Officer retweeted a link to well-executed infographic about Social Engineering, and here it is, courtesy of the team at Smartfile.com
Continue Reading

New Study: Phishing Is Still The Top Threat Faced By Organizations

The new 2017 SANS Threat Landscape survey from the well-known research and education specialist finds that security professionals rate phishing at 72 percent, spyware at 50 percent, ...
Continue Reading

Ukrainian Coder May Be First Potential Witness of DNC Phishing Attack

A lengthy and fascinating article in the New York Times by Andrew E. Kramer and Andrew Higgens on August 16, 2017 reported that a Ukranian coder known to his friends on the “dark web” as ...
Continue Reading

Large Insurance Company Settles for $5.5 Million over "Failed To Patch" Data Breach

A large insurance company (Nationwide) agreed to pay a total of $5.5 Million to settle charges brought by 32 states resulting from the loss of critical consumer information attributable ...
Continue Reading

This Is A First: Spear Phishing Attack Uses Compromised PowerPoint Slide Deck

Bad guys are exploiting the CVE-2017-0199 vulnerability to bypass endpoint security software and deliver the Remcos remote access Trojan via Microsoft PowerPoint decks. This particular ...
Continue Reading

Survey of 2600 IT Pros: "Password Procedures Still Are A Cyber Security Fail"

After the NIST passwords bombshell, we surveyed 2,600 IT professionals to find out how they were managing passwords. The answers show that IT Pros are generally receptive to the proposed ...
Continue Reading

The Cyber Security Of Our Electricity Grid

Guest Blogger Craig Reeds commented on the safety of our Electricity Grid. "Over the last couple of years, there has been a lot of discussion about the security of the electric grid. We ...
Continue Reading

OK, Who -Is- This Stu Guy Anyway? [VIDEO]

I had a freelance video PR crew follow me one day at Black Hat, and here are two short clips that will give you an idea of who the heck I am.
Continue Reading

APT28 Uses Spear Phishing and NSA EternalBlue Exploit To Attack Hotel Wi-Fi

Russian APT28 (aka the Fancy Bear hacking group) is harnessing EternalBlue; NSA's Windows SMB exploit which made the WannaCry ransomware and Petya so effective — and are using it to ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews