TrickBot Malware Uses Highly Personalized Fake Sexual Harassment Complaints as Phishing Bait

Nov 12, 2019 7:00:00 AM By Stu Sjouwerman

Fake sexual harassment complaints appearing to come from the U.S. Equal Employment Opportunity Commission (EEOC) are the latest baits used by attackers to disseminate TrickBot banking ...

People Need to Work Together to Spot Con Artists

Nov 12, 2019 6:53:06 AM By Stu Sjouwerman

It might not be possible to resist a good con artist, according to award-winning author, journalist, and champion poker player Maria Konnikova. On the CyberWire’s Hacking Humans podcast, ...

Phishing Resistance for Charities

Nov 11, 2019 2:19:55 PM By Stu Sjouwerman

81% of charities say they’ve been targeted by a phishing attack this year, according to Ed Macnair, writing for UK Fundraising. Meanwhile, only 37% of charities think their IT and ...

Mac users warned that disabling all Office macros doesn’t actually disable all Office macros

Nov 11, 2019 9:57:58 AM By Stu Sjouwerman

Graham Cluley warned: "It’s been almost 25 years since macro malware first reared its head, and it would be nice to think that the defences Microsoft has built into its Office suite in ...

What if the Santa’s Elves knew better?

Nov 10, 2019 12:10:33 PM By Joanna Huisman

By Joanna Huisman, KnowBe4's new SVP Strategic Insights & Research. It’s that time of the year again when children all over the world take pause to try and figure out which side of ...

New articles and updates from the KnowBe4 Technical Content Team

Nov 9, 2019 9:36:51 AM By Stu Sjouwerman

Here are all of the major items and updates our Technical Content Engineers have added to our knowledge base and KMSAT product in the last couple of months.

Specially Crafted ZIP Files Used to Bypass Secure Email Gateways

Nov 8, 2019 7:00:00 AM By Stu Sjouwerman

Attackers are always looking for new tricks to distribute malware without them being detected by antivirus scanners and secure email gateways. This was illustrated in a new phishing ...

The Direct Deposit Phish: Revisiting the Scene of the Crime

Nov 8, 2019 7:00:00 AM By Stu Sjouwerman

By Eric Howes, KnowBe4 Principal Lab Researcher. Well over a year ago we reported on the rise of a new form of CEO fraud in which malicious actors persuaded unwitting employees working in ...

Here Is A New Term For Your Cybercrime Glossary: Vendor Email Compromise (VEC)

Nov 8, 2019 6:49:08 AM By Stu Sjouwerman

Agari’s latest Email Fraud & Identity Deception Trends report highlights the growing threat of vendor email compromise (VEC), according to SecurityWeek. This is a variety of business ...

The Most Fascinating Layer in a SOC: The Human Layer

Nov 7, 2019 8:00:00 AM By Jelle Wieringa

During my travels, the topic of security operations comes up often. And nearly every security professional I talk to is either contemplating or already implementing some form of ...

Exactly Why Is Replying to Phishing Attacks A Really Bad Idea?

Nov 7, 2019 7:00:00 AM By Stu Sjouwerman

PhishLabs warns that replying to a phishing email, even if you know it’s a scam, can lead to further attacks. Most phishing campaigns are automated and replying to them puts you on a ...

The Cold War Was Like Being Hit With A Club. Cyber War is Being Stung With A Syringe

Nov 5, 2019 3:16:53 PM By Stu Sjouwerman

America's Cold War with Russia was fought with the threat of mutually assured destruction using atomic weapons. Being hit with a nuke is very much like being whacked over the head with a ...

APWG Q3 Report: Phishing Attacks at Highest Level in Three Years

Nov 5, 2019 10:38:28 AM By Stu Sjouwerman

According to the APWG’s new Phishing Activity Trends Report, the number of phishing attacks continued to rise into the autumn of 2019. The total number of phishing sites detected by APWG ...

CyberheistNews Vol 9 #45 [Heads-Up] Scam of the Week: Phishing Attacks Using Better Benefits and Pay Raise Bait

Nov 5, 2019 9:49:31 AM By Stu Sjouwerman

Security in Three Keynotes

Nov 5, 2019 8:00:00 AM By Javvad Malik

I had the pleasure of attending (ISC)2 Congress this year in Orlando with my colleague and fellow advocate James McQuiggan.

You Need To Start Thinking Differently About This Whole "Insider Threat" Concept

Nov 5, 2019 5:40:59 AM By Stu Sjouwerman

In order to defend against insider threats, you need an accurate picture of the problem. The CyberWire’s Carole Theriault spoke to a number of industry experts about insider threats and ...

Ransomware Attack Blocks Hundreds Of Law Firms From Their Trial Records

Nov 4, 2019 2:03:25 PM By Stu Sjouwerman

I could not come up with a better scenario to get sued by a pack of angry lawyers. Reams of digital legal documents have been held hostage under a ransomware threat to TrialWorks, a ...

Healthcare Industry Names KnowBe4 As The 2019 Top Rated Platform For Cybersecurity Training & Education

Nov 4, 2019 10:22:19 AM By Stu Sjouwerman

Black Book Market Research LLC surveyed over 2,876 security professionals from 733 provider organizations to identify gaps, vulnerabilities and deficiencies that persist in keeping ...

American Nikkei Employee Falls For Social Engineering Scam And Loses 29 Million Dollars

Nov 4, 2019 7:48:46 AM By Stu Sjouwerman

Phil Muncaster at InfoSec Mag had the (painful) scoop: "Media giant Nikkei has become the latest firm to suffer a humiliating Business Email Compromise (BEC), after it admitted losing ...

A Transformational Rant: Why People Question the Value of Security Awareness

Nov 4, 2019 7:45:00 AM By Perry Carpenter

In my last post, I spent a bit of time discussing the “technology vs. training” debate; and based on the feedback received, I can tell that this is a debate that many of you have had to ...

Security Awareness Training Blog

View Topics