Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Human Risk Management Blog

Keeping you informed. Keeping you aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

Apr 29, 2025 10:46:50 AM By Roger Grimes

What Is Device Code Phishing?

Ever since Microsoft’s initial announcement on February 13, 2025, about a Russian nation-state phishing campaign using "device code phishing," many people have been wondering what it is. ...

Apr 29, 2025 10:46:20 AM By Stu Sjouwerman

Criminals Exploit the Death of Pope Francis to Launch Scams

Scammers are exploiting the death of Pope Francis to launch social engineering attacks, according to researchers at Check Point.

Apr 29, 2025 10:45:38 AM By John Just

AJ from The Inside Man Now Coaching Your Users Real-time with Security Coach

Do your users love The Inside Man? See more of beloved character AJ, now in SecurityCoach!

Apr 29, 2025 9:00:00 AM By Stu Sjouwerman

CyberheistNews Vol 15 #17 [Warning] The Cyber "Broken Windows Theory" You Can't Afford to Ignore

Apr 25, 2025 4:04:29 PM By Stu Sjouwerman

Introducing the KnowBe4 Academy: Your Path to Mastering Human Risk Management

We're thrilled to announce the launch of KnowBe4 Academy—a comprehensive learning ecosystem designed specifically for security administrators, IT professionals and team members who manage ...

Apr 25, 2025 4:04:00 PM By Stu Sjouwerman

Social Engineering Campaign Abuses Zoom to Install Malware

A social engineering campaign is abusing Zoom's remote control feature to take control of victims’ computers and install malware, according to researchers at security firm Trail of Bits.

Apr 24, 2025 3:38:15 PM By Stu Sjouwerman

Half of Organizations Lack Protection Against Email Spoofing

A new report from Valimail has found that 50% of organizations lack effective protection against email spoofing.

Apr 24, 2025 3:37:39 PM By Javvad Malik

How Organizational Culture Shapes Cyber Defenses

Recently, I received an email at work from a company with whom I've had previous interactions. The email lacked context and contained an attachment, immediately raising suspicion.

Apr 23, 2025 3:26:08 PM By Stu Sjouwerman

Warning: Ransomware Remains a Top Threat for SMBs

A new report from Sophos found that ransomware attacks accounted for over 90% of incident response cases involving medium-sized businesses in 2024, as well as 70% of cases involving small ...

Apr 23, 2025 3:25:42 PM By Stu Sjouwerman

Breaking the Stigma: 90% of Employees Agree that Phishing Simulations Improve their Security Awareness

According to our independent survey of individuals across the UK, USA, Netherlands, France, Denmark, Sweden, the DACH region, and Africa who use a laptop as part of their work, 90.1% find ...

Apr 22, 2025 9:02:13 AM By Javvad Malik

Broken Cyber Windows Theory

Have you ever walked down a street with broken windows, burnt out cars, graffiti and felt a bit uneasy? There's a reason for that, and it's not just about aesthetics.

Apr 22, 2025 9:01:39 AM By Stu Sjouwerman

Threat Actors Are Increasingly Abusing AI Tools to Help With Scams

Cybercriminals are increasingly using AI tools to assist in malicious activities, according to Microsoft’s latest Cyber Signals report.

Apr 22, 2025 9:00:00 AM By Stu Sjouwerman

CyberheistNews Vol 15 #16 [Scary] A New Real Cash Scam Sweeps Across the U.S. Warn Your Family and Friends!

Apr 18, 2025 4:33:27 PM By Javvad Malik

Powering Down Vulnerability: Securing the Energy Sector's Supply Chain

The energy sector stands as a critical pillar of our society. From the electricity powering our homes to the fuel driving our industries, reliable energy is essential. However, the very ...

Apr 18, 2025 4:32:52 PM By Stu Sjouwerman

China Cybercriminals Behind Toll-Themed Smishing Attacks Surge in the US and UK

Resecurity warns that a China-based cybercriminal gang dubbed the “Smishing Triad” is launching a wave of road toll-themed SMS phishing (smishing) attacks against users across the US and ...

Apr 17, 2025 4:32:24 PM By Roger Grimes

[Scary] A New Real Cash Scam Sweeps Across the U.S. Warn Your Family and Friends!

Right now, today, thousands of people are being tricked into going to their banks or credit unions to withdraw large sums of cash and will give or send it to a complete stranger, never to ...

Apr 17, 2025 1:37:19 PM By Stu Sjouwerman

Lack of Security Awareness Tops List of Obstacles to Cyber Defense

Most organizations cite low security awareness among employees as the biggest barrier to defending against cyberattacks, according to a new survey by CyberEdge Group.

Apr 17, 2025 1:36:59 PM By KnowBe4 Threat Lab

The Continued Abuse of Legitimate Domains: A Spike in the Exploitation of Google Drive to Send Phishing Attacks

First QuickBooks, then Microsoft, and now Google—will the hijacking of legitimate third-party platform communications stop escalating in 2025? Our Threat Labs researchers predict the ...

Apr 16, 2025 12:13:48 PM By Stu Sjouwerman

How Does Human Risk Management Differ from Security Awareness Training?

Security doesn’t fail because of tools. It fails when human risk goes unmanaged.

Apr 16, 2025 12:13:09 PM By Stu Sjouwerman

AI-Powered Spear Phishing Can Now Outperform Human Attackers

Researchers at Hoxhunt have found that AI agents can now outperform humans at creating convincing phishing campaigns.

Subscribe

Search Our Blog


New call-to-action

Subscribe To Our Blog

Posts By Topic

View all

Get the latest insights, trends and security news. Subscribe to CyberheistNews.