Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Stu Sjouwerman

Chief Executive Officer & President

Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.


Recent Posts

A Must See for KnowBe4 Customers and Partners: Geoff White to Keynote KB4-CON EMEA 2024

As a valued KnowBe4 customer and partner, we're thrilled to bring you exciting news about our upcoming KB4-CON EMEA 2024 in London.
Continue Reading

North Korean Hackers Target Software Developers With Phony Coding Tests

Researchers at ReversingLabs warn that North Korea’s Lazarus Group is targeting software developers with phony job interviews.
Continue Reading

SANS Releases Guide to Address Rise in Attacks on Manufacturing and Industrial Control Systems

Increased ransomware attacks on industrial control systems (ICS), mixed with general ICS insecurity found across the manufacturing sector, has given rise to a guide specifically ...
Continue Reading

CyberheistNews Vol 14 #38 [CODE RED] A Must-See New Webinar: How To Block North Korean Infiltrators

Phishing Attack Takes a Two-Step Approach to Leverage Legitimate Sites and Evade Detection. [4-Minute Survey] Share Your Thoughts on AI in InfoSec With Me? Email not displaying? | View ...
Continue Reading

New Ransomware Threat Group, RansomHub, is so Effective, the NSA is Already Warning You About Them

The latest evolution of the ransomware service model, RansomHub, has only been around since February of this year, but its affiliates are already successfully exfiltrating data.
Continue Reading

BEC Scams Have Caused $55 Billion in Losses Over the Past Ten Years

Business email compromise (BEC) attacks have caused more than $55 billion in losses between 2013 and 2023, according to an advisory from the U.S. Federal Bureau of Investigation (FBI).
Continue Reading

[4-Minute Survey] Share Your Thoughts on AI in InfoSec With Me?

Can you help me with your input? I'd love your thoughts about AI in InfoSec. This is a super short survey that asks about any AI tools you use or would like, how you feel about AI ...
Continue Reading

Authorized Push Payment Fraud Responsible for Over Half of U.K. Frauds and Scams

Research from The Financial Ombudsman Service, a U.K. based organization dedicated to helping citizens with free financial advice, has found an increase in Authorized Pushed Payment (APP) ...
Continue Reading

Attackers Using HTTP Response Headers to Redirect Victims to Phishing Pages

Researchers at Palo Alto Networks’ Unit 42 warn that attackers are using refresh entries in HTTP response headers to automatically redirect users to phishing pages without user ...
Continue Reading

Your Lawyers Are Increasingly Targeted by Phishing Attacks, Ransomware

Researchers at Bitdefender warn that law firms are high-value targets for ransomware gangs and other criminal threat actors. Attackers frequently use phishing to gain initial access to an ...
Continue Reading

Losses From Investment Scams have Increased Six-Fold Since 2021

The Better Business Bureau (BBB) has observed a six-fold increase in losses from investment scams over the past three years. The BBB has received more than 4,000 reports of investment ...
Continue Reading

Election-Themed Scams Are on the Rise

Researchers at Malwarebytes warn of a surge in election-themed scams ahead of November’s presidential election in the US. These attacks can be expected to increase as the election grows ...
Continue Reading

Use of Malicious Links Surges by 133% in Q1, Setting the Tone for the First Half of 2024

Threat actors are opting for malicious links over attachments in email-based attacks because it gives them a critical advantage that many solutions can’t address.
Continue Reading

Phishing Attack Takes a Two-Step Approach to Leverage Legitimate Sites and Evade Detection

Analysis of a new phishing attack demonstrates how attackers may take a longer path to reach their malicious goals while staying “under the radar” of security products.
Continue Reading

Manufacturing Sector Is the Latest Target of Advanced Credential Harvesting Attacks

A new attack runs slow and steady, focused on compromising large manufacturing companies using contextual social engineering to trick victims into giving up credentials.
Continue Reading

Phishing is Still the Top Initial Access Vector

Phishing remains a top initial access vector for threat actors, according to researchers at ReliaQuest. Phishing and other social engineering tactics can bypass security technologies by ...
Continue Reading

Threat Actors Increasingly Exploit Deepfakes for Social Engineering

The availability of deepfake technology has given threat actors a valuable tool for social engineering attacks, according to researchers at BlackBerry.
Continue Reading

Organizations in the Middle East Targeted By Malware Impersonating Palo Alto GlobalProtect VPN

A social engineering campaign is targeting entities in the Middle East using malware that impersonates Palo Alto Networks’ GlobalProtect VPN, according to researchers at Trend Micro.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews