Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Human Risk Management Blog

Keeping you informed. Keeping you aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

Apr 15, 2025 11:03:55 AM By Stu Sjouwerman

UK Organizations Cite Phishing as the Most Disruptive Type of Cyberattack

Phishing was the most prevalent and disruptive type of attack experienced by UK organizations over the past twelve months, according to the British government’s Cyber Security Breaches ...

Apr 15, 2025 9:00:00 AM By Stu Sjouwerman

CyberheistNews Vol 15 #15 [HEADS UP] North Korea Expands Its Fraudulent IT Worker Operations

Apr 14, 2025 9:53:50 AM By Stu Sjouwerman

Hidden Threats in Our Power Grid: The Chinese Transformer Backdoor Scandal

America's critical infrastructure faces an unprecedented threat, and it's already installed in hundreds of locations across the nation.

Apr 11, 2025 6:49:55 PM By Stu Sjouwerman

Warning: QuickBooks Phishing Campaign Targets Taxpayers

Cybercriminals are capitalizing on tax season by launching phishing campaigns targeting QuickBooks users, Malwarebytes reports.

Apr 11, 2025 6:49:08 PM By Martin Kraemer

Europe's Energy Sector at Risk: The Critical Need for Cybersecurity

Reliable energy is the backbone of any modern society. It powers our homes, industries, and economies. But what happens when this essential infrastructure becomes a target for ...

Apr 10, 2025 3:05:03 PM By KnowBe4 Threat Lab

Beware the Tax Trap: Seasonal Urgency Drives a Spike in Tax-Related Phishing Scams

Cybercriminals are quick to exploit seasonal events — and tax season is no exception. It’s a yearly honeypot for cybercriminals, who take advantage of heightened stress, tight deadlines, ...

Apr 10, 2025 3:04:40 PM By James McQuiggan

Shadow AI: A New Insider Risk for Cybersecurity Teams to Tackle Now

Disclaimer: Don't get me wrong, I love using generative AI daily for research and writing. This is about how other users could be using it when they don't know what they don't know and ...

Apr 10, 2025 3:04:15 PM By Stu Sjouwerman

64% of Australian Organizations Hit by Ransomware Were Forced to Halt Operations

Illumio’s recent Global Cost of Ransomware Study found that 64% of Australian companies hit by ransomware had to shut down operations as a result.

Apr 10, 2025 3:03:48 PM By Perry Carpenter

Seeing (and Hearing) Isn’t Believing: My SEC Presentation on AI-Driven Scams

On March 6, I had the opportunity to speak and provide testimony at the SEC Investor Advisory Committee’s panel on Retail Investor Fraud in America—a critical discussion about how AI is ...

Apr 10, 2025 10:13:28 AM By Stu Sjouwerman

Securing Employee Identities: Expert Tips for Identity Management Day 2025

With this week being Identity Management Day on April 8th, it's the perfect reminder for organizations to focus on protecting their employees' digital identities.

Apr 10, 2025 10:13:12 AM By Stu Sjouwerman

Russian Threat Actor Launches Spear-Phishing Campaign Against Ukrainians

The Russian threat actor Gamaredon is targeting Ukrainians with spear-phishing documents related to troop movements, according to researchers at Cisco Talos.

Apr 9, 2025 9:10:47 AM By Stu Sjouwerman

[HEADS UP] North Korea Expands Its Fraudulent IT Worker Operations

North Korea’s fraudulent employment operations have expanded to hit countries around the world, with a particular focus on Europe, according to researchers at Google’s Threat Intelligence ...

Apr 9, 2025 9:09:57 AM By James Dyer

The Real Deal: How Cybercriminals Exploit Legitimate Domains

When it comes to secure email gateways (SEGs), the narrative is quite simple. For years, organizations have relied on SEGs as the foundation of their email security.

Apr 8, 2025 9:00:00 AM By Stu Sjouwerman

CyberheistNews Vol 15 #14 [Heads Up] QR Code Phishing is Getting More Stealthy Fast

Apr 7, 2025 10:20:24 AM By Stu Sjouwerman

Your KnowBe4 Compliance Plus Fresh Content Updates from March 2025

Check out the March updates in Compliance Plus so you can stay on top of featured compliance training content.

Apr 7, 2025 10:19:19 AM By Stu Sjouwerman

Upgraded Phishing-as-a-Service Platform Drives a Wave of Smishing Attacks

A phishing-as-a-service (PhaaS) platform dubbed ‘Lucid’ is driving a surge in SMS phishing (smishing) attacks, according to researchers at Prodaft.

Apr 7, 2025 10:18:53 AM By Stu Sjouwerman

Online Gaming Platform Steam Tops List of Most Imitated Brands For the First Time

Steam was the most impersonated brand in phishing attacks during the first quarter of 2025, according to a new report from Guardio. The researchers note that the gaming platform’s surge ...

Apr 4, 2025 10:16:15 AM By Stu Sjouwerman

Your KnowBe4 Fresh Content Updates from March 2025

Check out the 58 new pieces of training content added in March, alongside the always fresh content update highlights, new features and events.

Apr 3, 2025 1:19:14 PM By Stu Sjouwerman

Phishing Attacks Lead to Theft in the Shipping Industry

Phishing attacks are driving a surge in “double brokering” scams in the shipping industry, according to Christian Reilly, Cloudflare’s Field CTO for EMEA.

Apr 3, 2025 1:18:58 PM By Stu Sjouwerman

[Heads Up] QR Code Phishing is Getting More Stealthy Fast

Attackers are using new tactics in QR code phishing (quishing) attacks, according to researchers at Palo Alto Networks’ Unit 42.

Subscribe

Search Our Blog


New call-to-action

Subscribe To Our Blog

Posts By Topic

View all

Get the latest insights, trends and security news. Subscribe to CyberheistNews.