Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Stu Sjouwerman

Chief Executive Officer & President

Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.


Recent Posts

QR Code Phishing is Still on the Rise. The SEG is Dead.

Organizations need to be aware of the threat posed by QR code phishing (quishing), according to researchers at Trend Micro.
Continue Reading

Nearly All Ransomware Attacks Now Include Exfiltration of Data…But Not All Are Notified

Organizations are falling victim to ransomware attacks where data is stolen, but the victim isn’t being told about it. I have a theory as to why this is happening.
Continue Reading

How The Whole World Now Knows About Fake North Korean IT Workers

Wow! Last week's blog post went viral, reaching major media outlets and receiving over 125,000 views within days. Responses from around the world praised our transparency and commitment ...
Continue Reading

New Phishing Scam Leverages Chat To Add Credibility And Ensure Success

A new phishing scam is leveraging trusted aspects of ecommerce to make their scams look legitimate.
Continue Reading

Phishing Campaigns Continue To Exploit CrowdStrike Outage

As expected, threat actors are taking advantage of the global IT outage caused by a faulty CrowdStrike update last Friday, SC Media reports.
Continue Reading

Russian Super-Threat Group Fin7 Comes Back from the Dead

Declared “dead” by the U.S. Attorney’s Office in 2023, the Russian cyber crime group Fin7 is impersonating some of the top global brands.
Continue Reading

Your KnowBe4 Fresh Content Updates from July 2024

Check out the 26 new pieces of training content added in July, alongside the always fresh content update highlights, events and new features.
Continue Reading

Your KnowBe4 Compliance Plus Fresh Content Updates from July 2024

Check out the July updates in Compliance Plus so you can stay on top of featured compliance training content.
Continue Reading

North Korean Fake IT Worker FAQ

Frequently Asked Questions About KnowBe4's Fake IT Worker Blog July 23, 2024, I wrote a blog post about how KnowBe4 inadvertently hired a skillful North Korean IT worker who used the ...
Continue Reading

Phishing Campaigns Abuse Cloud Platforms to Target Latin America

Several threat actors are abusing legitimate cloud services to launch phishing attacks against users in Latin America, according to Google’s latest Threat Horizons Report.
Continue Reading

Crypto Data Breach Continues to Fuel Phishing Scams Years Later

According to security researchers at Cisco Talos, emails impersonating legitimate officers at the Cyprus Securities and Exchange Commission are being sent to prior Opteck customers that ...
Continue Reading

How a North Korean Fake IT Worker Tried to Infiltrate Us

Incident Report Summary: Insider Threat First of all: No illegal access was gained, and no data was lost, compromised, or exfiltrated on any KnowBe4 systems. This is not a data breach ...
Continue Reading

Phishing Attacks Will Likely Follow Last Week’s Global IT Outage

Organizations should expect to see phishing attacks exploiting the global IT outage that occurred last Friday, the Business Post reports.
Continue Reading

CrowdStrike Phishing Attacks Appear in Record Time

I have been the CEO of an anti-virus software developer. We had a special acronym for catastrophic events like this, a so-called "CEE". As in Company Extinction Event. But first: Our ...
Continue Reading

78% of Organizations Are Targets of Ransomware Attacks Two or More Times in Twelve Months

New data puts the spotlight on the frequency and impact of modern ransomware attacks, highlighting the overconfidence organizations are showing in their ability to defend and respond to ...
Continue Reading

Cyber Threats Targeting the 2024 Paris Olympics

Our friends at the CyberWire reported: "ZeroFox and Fortinet have both published reports on threats facing the 2024 Olympics in Paris. ZeroFox says the primary cybersecurity threat will ...
Continue Reading

Change Healthcare Ransomware Attack May Cost Nearly $2.5 Billion

The ransomware attack against UnitedHealth Group’s Change Healthcare platform is expected to cost the company up to $2.45 billion, more than a billion dollars more than was previously ...
Continue Reading

7 in 10 Organizations Experienced a Business Email Compromise Attack in the Last 12 Months

Despite ransomware getting the lion’s share of the tech pub headlines, business email compromise (BEC) attacks are alive and well… and having a material impact.
Continue Reading

New Ransomware Threat Group Calls Attack Victims to Ensure Payments

Analysis of new ransomware group Volcano Demon provides a detailed look into how and why calling victims ups the chances of ransomware payment.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews