Stu Sjouwerman

Chief Executive Officer & President

Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

Books

Cyberheist E-Book

Find all of Stu's books on Amazon

Phishing in the Service of Espionage

Jan 9, 2023 9:14:12 AM By Stu Sjouwerman

Reuters describes a cyberespionage campaign carried out by the hitherto little-known threat group researchers track as "Cold River." The group is circumstantially but convincingly linked ...

A Look Back at Mobile Government Cyberattacks Shows Increased Attacks and Weaker Security

Jan 6, 2023 2:43:01 PM By Stu Sjouwerman

A rise in the reliance on unmanaged mobile devices, matched with a lack of patching and increased attacks seeking solely to steal credentials was a perfect storm for government.

Ransomware and Fraudulent Funds Transfer are the Two Main Drivers of Cyber Loss

Jan 6, 2023 8:51:44 AM By Stu Sjouwerman

Representing more than half of all cyber loss, new data shows these attacks all begin with employees falling for social engineering, phishing, and business email compromise.

New Crypto Scam Targets Flipper Zero Buyers Impersonating Legitimate Shops

Jan 5, 2023 1:40:59 PM By Stu Sjouwerman

Interest in the handheld open-source multi-function cybersecurity tool by techies has risen to a new campaign seeking to steal crypto funds through illegitimate “sales” of the device.

Phishing Campaigns Impersonate the UK Government

Jan 5, 2023 8:34:42 AM By Stu Sjouwerman

The UK’s National Cyber Security Centre (NCSC) has outlined the top six most impersonated UK government agencies in 2022. The most impersonated entity was the National Health Service ...

These grim figures show that the ransomware problem isn't going away

Jan 5, 2023 8:32:40 AM By Stu Sjouwerman

ZDNet summarized the problem as follows: "Up to 1,981 schools, 290 hospitals, 105 local governments and 44 universities and colleges were hit with ransomware in the US alone during 2022, ...

CyberheistNews Vol 13 #01 [Heads Up] Giant LastPass Breach Can Supercharge Spear Phishing Attacks

Jan 4, 2023 9:30:00 AM By Stu Sjouwerman

Using AI Large Language Models to Craft Phishing Campaigns

Jan 4, 2023 8:41:49 AM By Stu Sjouwerman

Researchers at Check Point have shown that Large Language Models (LLMs) like OpenAI’s ChatGPT can be used to generate entire infection chains, beginning with a spear phishing email. The ...

There is a New Trend in Social Engineering with a Disgusting Name; "Pig-butchering"

Jan 3, 2023 1:52:21 PM By Stu Sjouwerman

The technique began in the Chinese underworld, and it amounts to an unusually protracted form of social engineering. The analogy is with fattening up a pig, then butchering it for all ...

Finance and Insurance Is the Sector Most Impacted by Data Breaches In 2022

Dec 30, 2022 2:40:01 PM By Stu Sjouwerman

Analysis of the year’s breaches shows Finance and Insurance businesses are the most targeted and have lost a material count of records as a result.

One Out of 10 Threats Still Make It All the Way to the Endpoint

Dec 30, 2022 2:34:39 PM By Stu Sjouwerman

Despite good intentions, layered security measures, and efficacy claims by security solution vendors, new data shows that email-based threats are still getting all the way to the Inbox.

Your KnowBe4 Fresh Content Updates from December 2022

Dec 30, 2022 9:21:35 AM By Stu Sjouwerman

Check out the 36 new pieces of training content added in December, alongside the always fresh content update highlights and new features.

Phishing Activity Rose 130% in the Second Half of 2022, Representing Three-Quarters of All Email-Based Attacks

Dec 29, 2022 10:22:48 AM By Stu Sjouwerman

New data focused on cyberattacks in the second half of the year-to-date shows phishing taking the overwhelming lead as the initial attack vector of choice.

CyberheistNews Vol 12 #52 [Heads Up] Top 10 Cyber Security Predictions for Next Year. Read It, This Is a Good One

Dec 28, 2022 9:30:15 AM By Stu Sjouwerman

[Eye Opener] Insurance policy doesn’t cover ransomware attack, Ohio Supreme Court says

Dec 28, 2022 7:15:35 AM By Stu Sjouwerman

Dec. 27, 2022, The Ohio Supreme Court ruled in favor of an insurance company, determining that its contract to cover any direct physical loss or damage to property did not encompass ...

Attackers Pose as Facebook Support Using Legitimate Facebook Posts to Bypass Security Solutions

Dec 27, 2022 9:24:49 AM By Stu Sjouwerman

Impersonating Facebook using its own platform against them, a new phishing attack takes advantage of victim’s inability to distinguish legitimate from illegitimate.

QBot Malware Attacks Use SVG files to Perform HTML Smuggling

Dec 27, 2022 9:20:16 AM By Stu Sjouwerman

QBot malware phishing campaigns have adopted a new distribution method using SVG files to perform HTML smuggling that locally creates a malicious installer for Windows.

Microsoft Warns of Signed Drivers Being Used to Terminate AV and EDR Processes

Dec 22, 2022 4:17:28 PM By Stu Sjouwerman

The malicious abuse of several developer program accounts in Microsoft’s Windows Hardware Developer Program allowed threat actors to have malware evade detection.

The Number of Phishing Attacks Grows 15% in One Quarter, Reaching an All-Time High

Dec 22, 2022 9:44:33 AM By Stu Sjouwerman

New data shows that while ransomware remains somewhat flat, massive increases in business email compromise and response-based email attacks were seen last quarter.

New Polymorphic Wiper Malware Leaves Attacked Environments “Unrecoverable”

Dec 22, 2022 9:44:21 AM By Stu Sjouwerman

As an apparent method of political commentary on the war in Ukraine, the new Azov wiper uses a mix of intermittent overwriting and trojanizing Windows binaries to annihilate its’ victims.

Security Awareness Training Blog

View Topics