KnowBe4

Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Scammers Impersonate Big UK Law

The UK’s Solicitors Regulation Authority (SRA) warned that scammers are impersonating a London law firm, Linklaters LLP, using phony job offers. The documents purport to come from the ...
Continue Reading

Over 80% of All Phishing Attacks Targeted U.S. Organizations

  U.S. entities remained the most attractive targets of phishing attacks throughout 2018, with an estimated 84% of the total volume of millions of incidents analyzed during the last year ...
Continue Reading

County Line Ransomware Fever

A ransomware attack against Genesee County, Michigan, was more extensive than county officials originally thought, SC Magazine says. The county’s systems were hit by the malware on ...
Continue Reading

Smishing Down Under

Banking malware is being installed on Android devices via malicious links in SMS messages, CRN reports. Cisco Talos discovered the malware being advertised on an exploit forum, and found ...
Continue Reading

Ransomware Attack Hits Stratford City Hall

Stratford city hall was the target of an apparent cyber-attack, but officials do not believe personal information was compromised.
Continue Reading

I need your input and I've got a ONE-Question Super Short Survey!

I need your input and I've got a ONE-Question Super Short Survey!  Are you lacking a (free) tool that gives you more insight about social engineering risks that your users are exposed to? ...
Continue Reading

Phishing Attack Spoofs Email Security Firm

Ray Shultz at MediaPost's EmailINSIDER wrote about a nasty new way that the bad guys are trying to establish trust: spoofing the return path and received email headers of Barracuda in an ...
Continue Reading

How And Why KnowBe4 Got An 800+ Million Valuation

I found a great article by Rey Mashayekhi at Fortune Magazine where Rey interviews KnowBe4 investor KKR Managing Director Vincent Letteri:
Continue Reading

[SCAM OF THE WEEK]: Notre Dame Disaster Causes FireStorm Of Social Engineering And Misinformation

The Notre Dame Cathedral in Paris caught fire and was barely saved from total destruction. Millions of people visit every year and hundreds of millions feel a powerful, and personal, ...
Continue Reading

Island Hopping Grows in Popularity as Attackers use One Victim to Create the Next

  Cybercriminals no longer see your organization as just their next target; they see the organization as a valuable source of intel and the launch point for their next attack. In business ...
Continue Reading

Insurers Discuss What to Expect from a Ransomware Attack, and How to Defend Yourself Against One

Ransomware tops the list of attacks for insurers of the food and beverage industry. Outdated software and lax user concern for security controls provide attacker with a way in.
Continue Reading

Staff and Students Put School Districts at the Greatest Risk of Cyber Attack

Inadvertent sharing, phishing attacks, and ransomware top the list of attack vectors, with teachers, students, and vendors all contributing to the risk of breach.
Continue Reading

Spycatching: Social Engineering and the FBI's Insider Threat Experience

We’ve recently shared a link to a podcast, “The Ghost and the Mole,” which revisits the infamous case of FBI Special Agent turned Russian spy Robert Hanssen. Before dismissing this as ...
Continue Reading

Extortionists Threaten Victims with WannaCry Ransomware

An email extortion scam is threatening victims with DDoS attacks and WannaCry ransomware, according to researchers at Avast. The scammers claim to have hacked the victim’s network and ...
Continue Reading

[PODCAST] The ghost and the mole; Eric O'Neill's Gray Day.

  Eric O’Neill is a former FBI counterintelligence and counterterrorism operative, and founder of the Georgetown Group, a security and investigative firm, as well as national security ...
Continue Reading

Reuters: "Cybersecurity Firm Cofense Says Pamplona To Sell Stake After U.S. Probe"

(Reuters) - U.S. cybersecurity firm Cofense Inc said on Wednesday that buyout firm Pamplona Capital Management is seeking to sell its stake in the company following a year-long probe by ...
Continue Reading

What's The Best Name? ThreadJacking or Man-in-the-Inbox Attacks?

We are seeing a new type of attack popping up more and more. Bad guys send a phishing attack and steal the credentials of your employee. But they stay under the radar and lurk for a while ...
Continue Reading

Get Ready for the First Wave of AI Malware

This is an excerpt from an article in SecurityWeek by Gunter Ollmann, who is currently the CSO of Microsoft’s Cloud and AI Security division. He is a seasoned information security leader.
Continue Reading

Ottawa City Treasurer sends $128,000 to fraudsters in email phishing scam

The treasurer of the city of Ottawa, Marian Simulik, fell for a business email compromise (BEC) scam and sent $100,000 to a scammer, the city’s auditor general revealed this week. Simulik ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews