KnowBe4

Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.

KnowBe4’s Year-Over-Year Sales Nearly Double for Q3 2018

I'm excited to announce our incredible year-over-year sales increase, nearly doubling 2017's third quarter sales in this third quarter of 2018, breaking records with new corporate ...
Continue Reading

Retail is Unprepared for Social Engineering

The latest data from SecurityScorecard shows the retail industry’s security stance is at an all-time low, and is particularly susceptible to social engineering attacks. The retail ...
Continue Reading

Bleeding Edge Phishing Attack Uses Decoy PDF with Microsoft-issued SSL Cert

TL,DR: A recent phishing attack posing as a PDF decoy from a Denver law firm was stealing clients' Office 365 credentials. The phishing bait was hosted in Azure blob storage and contained ...
Continue Reading

Hackers: Social Engineering is Easier

Despite the presence of application and OS vulnerabilities – both new and old – hackers prefer to leverage social engineering as their preferred attack method.
Continue Reading

Worry About Phishing, Not Malware!

With so many security strategies revolving around the detection of malware, organizations forget the primary source of all their worries – phishing.
Continue Reading

[Heads-up] Now In The Wild: New Super Evil Rootkit Survives Even "Nuke From Orbit" And HD Swap

This thing is a nightmare that escaped into daylight. The Russian GRU—aka Fancy Bear—probably was riveted reading the Wikileaks CIA Vault 7 UEFI Rootkit docs (PDF) and built one of these ...
Continue Reading

Kevin Mitnick weighs in on Facebook's big security breach

It was all over the news, and CNBC interviewed KnowBe4's very own Chief Hacking Officer Kevin Mitnick (note the StreetCred box on the right).
Continue Reading

[InfoGraphic] 20 Ways to Block Mobile Attacks

To start your National Cyber Security Awareness Month (NCSAM) here is a goodie for your users to kick things off.
Continue Reading

Targeted Attacks Replace Spam Campaigns

Spam campaigns are all but dead. But lucrative targeted low-risk, high-yield cyber-attacks have risen to take their place, according to the European Union law enforcement agency Europol.
Continue Reading

The Cybercrime Economy Makes It Impossible to Stop

The operation run by botnet author Peter Levashov demonstrates how easy it is for would-be criminals to get into the business.
Continue Reading

The Human Element is Essential to Safe Social Networking

This is common wisdom, but it bears repeating, because common wisdom is easily overlooked. People are often called an organization's greatest asset. They're also its greatest ...
Continue Reading

Holiday Threat No. 1: Evil Twin Domains With A "Trusted" SSL/TSL Certificate

As the holiday season approaches, cybercriminals are set to scam your users out of their personal money but also your organizational budget.
Continue Reading

Brand-New Tool: Domain Doppelgänger Identifies Evil Twin Domains

I gave you a heads-up a few days ago, and now I'm excited to announce the actual release of a new tool to help protect your organization from the bad guys.
Continue Reading

The Lowly USB Drive Remains A Critical Cyberthreat

Curtin Franklin at Darkreading correctly observed: "USB thumb drives may be used less frequently than before, but they are still commonly used as infection vectors for a wide variety of ...
Continue Reading

Phone Scam Impersonates Sheriff’s Office Using Judge’s Name

The US Marshals Service has stated that a new phone scam is targeting residents of Marshall, Texas. The scammer claims to be from the local sheriff’s office and tells residents that the ...
Continue Reading

Ewww. Password managers can be tricked into believing that malicious Android apps are legitimate

Ewww. Something else to watch out for. Will it ever stop?. Ummm, no.
Continue Reading

Highly Targeted Email Attacks Are on the Rise!

New data shows a surge in attacks, what industries are targets, which users are at risk, and what you can expect to see in the future.
Continue Reading

As Predicted, Hurricane Florence Phishing Scams are Circulating

We’ve noted in other posts that events like natural disasters are inevitably used as phishbait by scammers. The Atlantic hurricane season, which breeds storms like the recent and very ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews