Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

The Hard Evidence That Phishing Training and Testing Really Works Great

Security awareness training (SAT) and simulated phishing works to significantly reduce cybersecurity risk. We have the data, customer testimonials and government recommendations to prove ...
Continue Reading

91% of Every Ransomware Attack Today Includes Exfiltrating Your Data

New insight into ransomware attacks show that cyber attacks are a top concern for organizations – with many not aware they were a victim until after the attack.
Continue Reading

Your KnowBe4 Fresh Content Updates from May 2024

Check out the 60 new pieces of training content added in May, alongside the always fresh content update highlights, events and new features.
Continue Reading

Cybercriminals Target Hajj Pilgrims

Criminals are launching a variety of scams targeting Muslims around the world who are planning on making the Hajj pilgrimage to Mecca, according to researchers at Resecurity.
Continue Reading

Criminals Abuse Cloud Storage Platforms to Host Phishing Sites

Threat actors are abusing cloud storage platforms to host phishing sites that can more easily evade detection by security scanners, according to researchers at Enea. Criminals are ...
Continue Reading

Threat Actor Void Manticore Uses Cyber Weapon “Wipers” to Destroy Data and Systems

This Pro-Hamas hacktivist group has updated their payload arsenal to include updated versions of their BiBi Wiper malware, and two new wiper variants.
Continue Reading

KnowBe4 Free Tools Now Available On CISA’s Website

We are big fans of the U.S. Cybersecurity Infrastructure Security Agency (CISA), whose informal slogan of “An organization so committed to security that it’s in our name twice” is a ...
Continue Reading

China Threat Actor Targeting African and Caribbean Entities With Spear Phishing Attacks

The China-aligned threat actor “Sharp Dragon” is launching spear phishing attacks against government entities in African and Caribbean countries, according to researchers at Check Point.
Continue Reading

[FedRAMP Phishing Rule]: "Users are the last line of defense and should be tested."

If you want to sell cloud-based software to the U.S. Government, you need to be FedRAMP authorized. This is what they state in their Program Overview:
Continue Reading

CISA Releases Cybersecurity Resources for High-Risk Communities

Working to ensure all communities within the United States are educated and prepared, the Cybersecurity and Infrastructure Security Agency (CISA) has released a set of tools, services and ...
Continue Reading

As Many as 1 in 7 Emails Make it Past Your Email Filters

Fluctuations in consecutive quarterly reports demonstrates that organizations should be worried that their cyber defenses may not be strong enough to stop phishing attacks.
Continue Reading

Secure Your Site: Learn from the Top 10 Cybersecurity Experts of 2024

Companies have needed a website for the last 25 years at least. But where do you host your site? The techies at HostingAdvice decided to create an extremely thorough real-world review ...
Continue Reading

New Research Finds Phishing Scams Targeting Popular PDF Viewer

Several phishing campaigns are targeting users of the Foxit PDF Reader, according to researchers at Check Point. Foxit is a popular alternative to Adobe Acrobat Reader for viewing PDF ...
Continue Reading

From Boredom to Engagement: Gamification in Cybersecurity Awareness

As someone who can barely keep up when my 10-year-old shows me around his Minecraft worlds, I was a bit apprehensive about writing a review of our gamified cybersecurity awareness module. ...
Continue Reading

UK Cybersecurity Org Offers Advice for Thwarting BEC Attacks

The UK’s National Cyber Security Centre (NCSC) has issued guidance to help medium-sized organizations defend themselves against business email compromise (BEC) attacks, especially those ...
Continue Reading

Don't Let Criminals Steal Your Summer Fun

Summer has finally arrived in certain parts of the world, and with it come many exciting events — from the grandeur of the Olympics to the grass courts of Wimbledon, from the electrifying ...
Continue Reading

Malicious Use of Generative AI Large Language Models Now Comes in Multiple Flavors

Analysis of malicious large language model (LLM) offerings on the dark web uncovers wide variation in service quality, methodology and value – with some being downright scams.
Continue Reading

Announcing KnowBe4 Student Edition: Cybersecurity Education Tailored for the Next Generation

I recently heard another heartbreaking story of students who were scammed out of financial aid by a phishing attack. We have also heard stories of employment scams and social media based ...
Continue Reading

The Shadow War: Cognitive Warfare and the Politics of Disinformation

For better or for worse, we live in a world that is an anarchy of nations. Over the last few decades, warfare has transcended traditional battlefields. We may already be experiencing a ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews