Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Phishing Attacks Surged in Q2 2021

Phishing activity increased dramatically in the second quarter of 2021, according to a recent report by Vade. The company observed 4.2 billion phishing emails in June alone.
Continue Reading

Milanote Exploited to Host Phishing Content

Researchers at Avanan warn that attackers are exploiting the collaboration and note-taking app Milanote to host phishing links.
Continue Reading

Remote Employees Adopt Bad Cybersecurity Habits While Working from Home

A new report focused on businesses looking to bring employees back to the office makes it very clear that security leaders are concerned, as remote workers have been anything but secure.
Continue Reading

U.S. State Department Issues a Reward for Information on Foreign Cybercriminals Targeting Critical Infrastructure

In the wake of cyberattacks targeting U.S. infrastructure organizations, the U.S. government is stepping up measures to identify foreign threat actors and bring them to justice.
Continue Reading

Updated Ransomware Simulator Now With 23 Latest Infection Scenarios

As ransomware techniques continue to evolve, two new ransomware strains, DearCry and Black Kingdom, were blamed for the huge Microsoft Exchange server attacks earlier this year, which ...
Continue Reading

Microsoft Takes Down Homoglyph Domains

Microsoft has taken legal action to shut down eighteen domains that were being used in business email compromise (BEC) attacks. The sites in question used homoglyphs to impersonate ...
Continue Reading

[HEADS UP] 2021 Tokyo Olympics Mean Olympic-Themed Phishing Attacks

Last year, we reported that authorities warned of the Tokyo Olympics phishing attacks. Then the global pandemic occurred, and the games were postponed. Well, now the games have ...
Continue Reading

Mint Mobile, Porting Numbers, and Identity Theft

US telecommunications company Mint Mobile warned some users that their phone numbers had temporarily been ported to another carrier by an unauthorized individual, which allowed the ...
Continue Reading

Microsoft Continues to be the Top Impersonated Brand in Phishing Attacks

New data from CheckPoint identifies those brands being used by threat actors to trick victims into opening attachments, clicking links, providing credentials, and giving up personal ...
Continue Reading

The Cost and Impact of Cybercrime Can Now Be Measured in a Single Minute

With the number of threat actors growing rapidly, along with an increased frequency of attacks, RiskIQ has put together a sobering perspective of how cybercrime impacts us in just 60 ...
Continue Reading

[INFOGRAPHIC] New Report Shows Users Are Falling for Security and HR-Related Phishing Attacks

KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. These are broken down into three different categories: social media related subjects, general subjects, ...
Continue Reading

New LuminousMoth APT Takes a Double-Infection Vector Approach to Attacks

Spotted by security researchers at Kaspersky Labs, this large-scale yet extremely targeted campaign of attacks focuses on government organizations within Southeast Asia.
Continue Reading

Nearly Every Organization Has Had an Insider-Caused Data Breach in the Last Year

Whether it’s from an accidental leak of data or falling victim to a phishing attack, new data from email security vendor Egress puts the insider’s role in breaches into critical ...
Continue Reading

Facebook Disrupts Iranian Social Engineering Operation

Facebook has taken down an operation by Iranian hackers targeting military, defense, and aerospace entities, particularly focused on the US.
Continue Reading

[On-Demand Webinar] 2021 Phishing By Industry Benchmarking Report

As a security leader, you have a lot on your plate. Even as you increase your budget for sophisticated security software, your exposure to cybercrime keeps going up. IT security seems to ...
Continue Reading

KnowBe4 Receives Four ISO Certifications From ISOQAR, A Certifying Organization

KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, announced that it has received four certifications – ISO 27001:2013, ISO ...
Continue Reading

84% of Organizations Experienced Ransomware and Phishing-Related Security Events in the Last 12 Months

New research from Trend Micro and Osterman Research highlights where organizations are strongest and weakest at stopping phishing attacks resulting in ransomware.
Continue Reading

CISA Publishes Darkside Malware Analysis Report and Updated Best Practice Guidance Against Ransomware

New details provide valuable insight into exactly how Darkside works to compromise and encrypt systems, with valuable guidance to avoid becoming a victim of ransomware.
Continue Reading

Cryptocurrencies and Email Extortion Trends

Researchers at GreatHorn have found that 98.7% of extortion emails ask for payment in Bitcoin. Most of these emails aren’t targeted, but enough people will likely fall for them that the ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews