Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

[Scary] A New Real Cash Scam Sweeps Across the U.S. Warn Your Family and Friends!

Apr 17, 2025 4:32:24 PM By Roger Grimes
Right now, today, thousands of people are being tricked into going to their banks or credit unions to withdraw large sums of cash and will give or send it to a complete stranger, never to ...
Continue Reading

Lack of Security Awareness Tops List of Obstacles to Cyber Defense

Apr 17, 2025 1:37:19 PM By Stu Sjouwerman
Most organizations cite low security awareness among employees as the biggest barrier to defending against cyberattacks, according to a new survey by CyberEdge Group.
Continue Reading

The Continued Abuse of Legitimate Domains: A Spike in the Exploitation of Google Drive to Send Phishing Attacks

Apr 17, 2025 1:36:59 PM By KnowBe4 Threat Lab
First QuickBooks, then Microsoft, and now Google—will the hijacking of legitimate third-party platform communications stop escalating in 2025? Our Threat Labs researchers predict the ...
Continue Reading

How Does Human Risk Management Differ from Security Awareness Training?

Apr 16, 2025 12:13:48 PM By Stu Sjouwerman
In today's cybersecurity landscape, organizations face an ever-present and often underestimated threat: human risk. Despite significant advancements in technological defenses, human error ...
Continue Reading

AI-Powered Spear Phishing Can Now Outperform Human Attackers

Apr 16, 2025 12:13:09 PM By Stu Sjouwerman
Researchers at Hoxhunt have found that AI agents can now outperform humans at creating convincing phishing campaigns.
Continue Reading

UK Organizations Cite Phishing as the Most Disruptive Type of Cyberattack

Apr 15, 2025 11:03:55 AM By Stu Sjouwerman
Phishing was the most prevalent and disruptive type of attack experienced by UK organizations over the past twelve months, according to the British government’s Cyber Security Breaches ...
Continue Reading

CyberheistNews Vol 15 #15 [HEADS UP] North Korea Expands Its Fraudulent IT Worker Operations

Apr 15, 2025 9:00:00 AM By Stu Sjouwerman
Continue Reading

Hidden Threats in Our Power Grid: The Chinese Transformer Backdoor Scandal

Apr 14, 2025 9:53:50 AM By Stu Sjouwerman
America's critical infrastructure faces an unprecedented threat, and it's already installed in hundreds of locations across the nation.
Continue Reading

Warning: QuickBooks Phishing Campaign Targets Taxpayers

Apr 11, 2025 6:49:55 PM By Stu Sjouwerman
Cybercriminals are capitalizing on tax season by launching phishing campaigns targeting QuickBooks users, Malwarebytes reports.
Continue Reading

Europe's Energy Sector at Risk: The Critical Need for Cybersecurity

Apr 11, 2025 6:49:08 PM By Martin Kraemer
Reliable energy is the backbone of any modern society. It powers our homes, industries, and economies. But what happens when this essential infrastructure becomes a target for ...
Continue Reading

Beware the Tax Trap: Seasonal Urgency Drives a Spike in Tax-Related Phishing Scams

Apr 10, 2025 3:05:03 PM By KnowBe4 Threat Lab
Cybercriminals are quick to exploit seasonal events — and tax season is no exception. It’s a yearly honeypot for cybercriminals, who take advantage of heightened stress, tight deadlines, ...
Continue Reading

Shadow AI: A New Insider Risk for Cybersecurity Teams to Tackle Now

Apr 10, 2025 3:04:40 PM By James McQuiggan
Disclaimer: Don't get me wrong, I love using generative AI daily for research and writing. This is about how other users could be using it when they don't know what they don't know and ...
Continue Reading

64% of Australian Organizations Hit by Ransomware Were Forced to Halt Operations

Apr 10, 2025 3:04:15 PM By Stu Sjouwerman
Illumio’s recent Global Cost of Ransomware Study found that 64% of Australian companies hit by ransomware had to shut down operations as a result.
Continue Reading

Seeing (and Hearing) Isn’t Believing: My SEC Presentation on AI-Driven Scams

Apr 10, 2025 3:03:48 PM By Perry Carpenter
On March 6, I had the opportunity to speak and provide testimony at the SEC Investor Advisory Committee’s panel on Retail Investor Fraud in America—a critical discussion about how AI is ...
Continue Reading

Securing Employee Identities: Expert Tips for Identity Management Day 2025

Apr 10, 2025 10:13:28 AM By Stu Sjouwerman
With this week being Identity Management Day on April 8th, it's the perfect reminder for organizations to focus on protecting their employees' digital identities.
Continue Reading

Russian Threat Actor Launches Spear-Phishing Campaign Against Ukrainians

Apr 10, 2025 10:13:12 AM By Stu Sjouwerman
The Russian threat actor Gamaredon is targeting Ukrainians with spear-phishing documents related to troop movements, according to researchers at Cisco Talos.
Continue Reading

[HEADS UP] North Korea Expands Its Fraudulent IT Worker Operations

Apr 9, 2025 9:10:47 AM By Stu Sjouwerman
North Korea’s fraudulent employment operations have expanded to hit countries around the world, with a particular focus on Europe, according to researchers at Google’s Threat Intelligence ...
Continue Reading

The Real Deal: How Cybercriminals Exploit Legitimate Domains

Apr 9, 2025 9:09:57 AM By James Dyer
When it comes to secure email gateways (SEGs), the narrative is quite simple. For years, organizations have relied on SEGs as the foundation of their email security.
Continue Reading

CyberheistNews Vol 15 #14 [Heads Up] QR Code Phishing is Getting More Stealthy Fast

Apr 8, 2025 9:00:00 AM By Stu Sjouwerman
Continue Reading

Your KnowBe4 Compliance Plus Fresh Content Updates from March 2025

Apr 7, 2025 10:20:24 AM By Stu Sjouwerman
Check out the March updates in Compliance Plus so you can stay on top of featured compliance training content.
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews