Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

More Carrots and Fewer Sticks

Aug 27, 2024 7:30:00 AM By Roger Grimes
This blog was co-written by Perry Carpenter and Roger A. Grimes. As I sit in the 2024 Seattle Convene conference this week and listen to speaker after speaker talk about their successful ...
Continue Reading

Ransomware Recovery Costs Have Doubled for State and Local Governments

Aug 27, 2024 7:30:00 AM By Stu Sjouwerman
Thirty-four percent of state and local government entities were hit by ransomware in 2024, a new report from Sophos has found. While this is a decrease compared to the attack rate in ...
Continue Reading

KnowBe4 Expands Children’s Interactive Cybersecurity Activity Kit for 2024/2025 School Year

Aug 26, 2024 8:00:00 AM By John Just
Can you believe it’s already back-to-school time for many? Where has the summer gone?
Continue Reading

Business Email Compromise Scams Rise 20%, Making up Nearly Half of all Spam Emails

Aug 23, 2024 3:07:33 PM By Stu Sjouwerman
New research on email threats points to AI-based tools to assist in generating BEC content. And the overwhelming targeted role may or may not surprise you.
Continue Reading

The Number of Email-Based Cyber Attacks Detected Surge 239% in 1H 2024

Aug 23, 2024 3:07:30 PM By Stu Sjouwerman
New data shows the most prevalent and obvious path into an organization – email – continues to be exploited by a growing number of cybercriminals.
Continue Reading

Malvertising Campaign Impersonates Dozens of Google Products

Aug 23, 2024 8:48:25 AM By Stu Sjouwerman
A malvertising campaign is abusing Google ads to impersonate Google’s entire product line, according to researchers at Malwarebytes. The malicious ads are designed to lure victims into a ...
Continue Reading

Deceptive AI: A New Wave of Cyber Threats

Aug 23, 2024 8:48:22 AM By Javvad Malik
As artificial intelligence (AI) technology advances, its influence on social media has become more and more pervasive and riddled with challenges. In particular, the ability for humans to ...
Continue Reading

US Political Campaigns Targeted by Iranian Spear Phishing Attacks

Aug 21, 2024 4:02:10 PM By Stu Sjouwerman
Researchers at Recorded Future’s Insikt Group warn that the Iranian state-sponsored threat actor “GreenCharlie” is launching spear phishing attacks against US political campaigns.
Continue Reading

Phishing Scammers Leverage Microsoft Dynamics 365 to Target US Government Contractors

Aug 21, 2024 4:02:07 PM By Stu Sjouwerman
Analysis of a phishing campaign targeting thousands of government contractors, dubbed “Operation Uncle Sam,” takes advantage of some sophisticated steps to avoid detection.
Continue Reading

Threat Actors Abuse URL Rewriting to Mask Phishing Links

Aug 21, 2024 2:33:55 PM By Stu Sjouwerman
Threat actors are abusing a technique called “URL rewriting” to hide their phishing links from security filters, according to researchers at Perception Point.
Continue Reading

Cybersecurity in 2024: Reflecting on the Past, Preparing for the Future

Aug 21, 2024 2:33:51 PM By Martin Kraemer
As Europe is returning from summer breaks, it is time to reflect on the first half of 2024 and look forward to the rest of the year.
Continue Reading

CyberheistNews Vol 14 #34 [HEADS UP] Real Social Engineering Attack on KnowBe4 Employee Foiled

Aug 20, 2024 9:00:00 AM By Stu Sjouwerman
Continue Reading

The Long Road to Recovery Following a Ransomware Attack

Aug 19, 2024 1:58:51 PM By Javvad Malik
When it comes to the duration of a ransomware attack and the subsequent recovery process, the numbers are staggering and vary wildly. Partly because there’s no single source which ...
Continue Reading

U.K. Management Almost Twice as Likely to Fall for Phishing Attacks Versus Entry-Level Employees

Aug 19, 2024 1:58:47 PM By Stu Sjouwerman
Highlights from a new survey focused on employee compliance reveals just how targeted and susceptible U.K. businesses are to phishing attempts.
Continue Reading

Ransomware Group Known as ‘Royal’ Rebrands as BlackSuit and Is Leveraging New Attack Methods

Aug 19, 2024 8:34:46 AM By Stu Sjouwerman
The ransomware threat group formerly known as "Royal" has rebranded itself as BlackSuit and updated their attack methods, warns the FBI.
Continue Reading

Is Disabling Clickable URL Links Enough?

Aug 19, 2024 8:34:42 AM By Roger Grimes
Recently, we had a customer reach out to ask if disabling clickable uniform resource locator (URL) links in emails was enough protection by itself to potentially not need employee ...
Continue Reading

[PROVED] Unsuspecting Call Recipients Are Super Vulnerable to AI Vishing

Aug 16, 2024 3:04:50 PM By Perry Carpenter
Heads-up: I just proved that unsuspecting call recipients are super vulnerable to AI vishing
Continue Reading

File-Sharing Phishing Attacks Increased by 350% Over the Past Year

Aug 15, 2024 12:28:38 PM By Stu Sjouwerman
File-sharing phishing attacks have skyrocketed over the past year, according to a new report from Abnormal Security.
Continue Reading

Ransomware Payments Decline While Data Exfiltration Payments Are On The Rise

Aug 15, 2024 12:28:35 PM By Stu Sjouwerman
The latest data from Coveware shows a slowing of attack efficacy, a decrease in ransom payments being made, and a shift in initial access tactics.
Continue Reading

Latest Phishing Scam Uses Cross-Site Scripting Attack to Harvest Personal Details

Aug 15, 2024 10:55:02 AM By Stu Sjouwerman
Cross-Site Scripting (XSS) is alive and well, and used in attacks to obfuscate malicious links in phishing emails to redirect users to threat-actor controlled websites.
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews