Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

The Next Evolution in Cyberattacks You Need to Worry About: AI

New testimony to U.S. Senate Armed Services Committee Subcommittee on Cybersecurity by Microsoft’s Chief Scientific Officer sheds light on AI-powered cyberattacks.
Continue Reading

Less Than 40% of Asia-Pacific Organizations Are Confident to Stop Cyber Threats as 83% Experience At Least One Ransomware Attack a Year

With exactly half of cybersecurity incidents caused by organizations having an outdated security posture, the ability to stop breaches involves some re-investment in measures that really ...
Continue Reading

Anna Collard, SVP Content Strategy & Evangelist, KnowBe4 Africa Has Been Acknowledged as a Global Influencer in Cyber

IFSEC Global recently acknowledged our very own Anna Collard as a IFSEC Global Influencer in Security for 2022! She was one of the few nominated by a panel of highly respected judges, and ...
Continue Reading

A Closer Look at HR Scams: Does Niceness Have a Downside?

Threat actors are targeting HR employees who are looking to hire new people, according to Lisa Vaas at Contrast Security. As part of their job, HR employees frequently interact with ...
Continue Reading

Spear Phishing Campaign Targets Former Israeli Officials

An Iranian threat actor is conducting a spear phishing operation against Israeli officials, according to researchers at Check Point. The targets have included the former Foreign Minister ...
Continue Reading

Monkeypox Scams Continue to Increase

Attackers are taking advantage of the current news about monkeypox to trick people into clicking on malicious links, Pickr reports. Researchers at Mimecast have spotted a phishing ...
Continue Reading

Facebook Phishing Scam Steals Millions of Credentials

Researchers at PIXM have uncovered a major Facebook Messenger phishing scam that’s “potentially impacted hundreds of millions of Facebook users.” More than eight million people have ...
Continue Reading

Approaching Ransomware Victims Privately

Researchers at KELA warn that ransomware gangs are increasingly refraining from mentioning their victims’ names after the initial attack, giving the victims a chance to pay up before the ...
Continue Reading

What About Password Manager Risks?

In KnowBe4’s new Password Policy ebook, What Your Password Policy Should Be, we recommend that all users use a password manager to create and use perfectly random passwords. A perfectly ...
Continue Reading

Karakurt Adds Irritating Phone Calls to its Crimes

The US Cybersecurity and Infrastructure Security Agency (CISA) and its partners have issued a joint alert on Karakurt, a data theft extortion group that harasses victims’ employees, ...
Continue Reading

40% of CSOs say Their Organization is Not Prepared for Cyberattacks as Phishing is the Top Likely Cause of Breaches

A new survey of executives sheds light on how well organizations fared with cyberattacks in the last 12 month as well as what attack vectors are going to increase future breaches.
Continue Reading

Old Dog, New Trick: Hackers Use Logons in URLs to Bypass Email Scanners

A new phishing method uses a decades-old special URL format to take advantage of how security solutions and email clients interpret URLs, tricking victims into clicking.
Continue Reading

“Five Eyes” Nations Cybersecurity Authorities Issue Warning to MSPs of Stepped-Up Cyberattacks

The world’s five leading cybersecurity authorities have again issued a joint report about an increase in malicious cyber activity targeting managed service providers they expect to ...
Continue Reading

The Good, the Bad, and the Necessary State of Cyber Insurance

New data from security vendor Sophos shows that while the presence of cyber insurance coverage has increased, it’s the experiencing of attacks that’s driving the need.
Continue Reading

Phishing Attacks Reach an All-Time High, More Than Tripling Attacks in Early 2022

Reaching more than 1 million attacks in a single quarter for the first time, new data on phishing attacks in Q1 of 2022 show an emphasis on impersonation and credential theft.
Continue Reading

FTC Warns that Scammers are Turning to Cryptocurrencies

The US Federal Trade Commission (FTC) has warned that people have reported losing over $1 billion in crypto to scams since the beginning of 2021. The vast majority of these losses were ...
Continue Reading

What is a Security Tech Stack?

What is a security tech stack? This is a bare-bones quick overview. 
Continue Reading

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews