Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

[Security Masterminds] Breaking It Down to Bits & Bytes: Analyzing Malware To Understand the Cybercriminal

In our latest episode of Security Masterminds, we have the pleasure of interviewing Roger Grimes, Data-Driven Defense Evangelist for KnowBe4, who has held various roles throughout his ...
Continue Reading

Phishing Campaign Impersonates Japanese Rail Company

Researchers at Safeguard Cyber describe a phishing campaign that’s posing as a Japanese rail ticket reservation company.
Continue Reading

2022 Report Confirms Business-Related Phishing Emails Trend [INFOGRAPHIC]

KnowBe4's latest reports on top-clicked phishing email subjects have been released for 2022 and Q4 2022. We analyze 'in the wild' attacks reported via our Phish Alert Button, top subjects ...
Continue Reading

New QR Code Phishing Campaign is Impersonating the Chinese Ministry of Finance

Researchers at Fortinet warn that a phishing campaign is impersonating the Chinese Ministry of Finance. The phishing emails contain a document with a QR code that leads to a ...
Continue Reading

Cybercrime The World’s Third Largest Economy After the U.S. and China

Cybersecurity Ventures released a new report that showed cybercrime is going to cost the world $8 trillion USD in 2023.
Continue Reading

Ransomware Has SMBs Reprioritizing Their Cybersecurity Spending to Combat Attacks

New data shows that SMBs can clearly see where they have cybersecurity issues and are taking great strides to put their devoted budget to security technology and services that actually ...
Continue Reading

The Current State of Cybersecurity Should Fear AI Tools Like ChatGPT

Malicious use of the text-based AI has already begun to be seen in the wild, and speculative ways attackers can use ChatGPT may spell temporary doom for cybersecurity solutions.
Continue Reading

Unusual Blank-Image Phishing Attacks Impersonate DocuSign

An unusual phishing technique has surfaced this week. Avanan, a Check Point Software company, released a blog Thursday morning detailing a new attack in which hackers hide malicious ...
Continue Reading

[Eye Popper] Ransomware Victims Refused To Pay Last Year

Finally some good news from the ransomware front!  Despite bad actors launching a number of ransomware campaigns throughout 2022, organizations refused to submit and paid criminals an ...
Continue Reading

How South Africa's Largest Law Firm Was Fined R5.5m for Not Educating Customers

Africa’s largest law firmordered to pay R5.5 million to a woman who fell victim to a hacking syndicate. When Judith Hawarden was buying a house, hackers changed the bank account number in ...
Continue Reading

Phishing For Industrial Control Systems

Mandiant has published a report describing phishing emails that have breached organizations in the industrial sector. Mandiant explains that the majority of phishing attacks are ...
Continue Reading

The Amazing Thing Is that DHL Phishing Campaigns STILL Work

Researchers at Armorblox warn that a phishing campaign is impersonating DHL with fake shipping invoices.
Continue Reading

Spear Phishing Campaign Targets Southeast Asia

Researchers at Group-IB are tracking a previously unknown threat actor dubbed “Dark Pink” that’s using spear phishing attacks to target government, military, and religious organizations. ...
Continue Reading

Cybercriminals Mimic Victim Website to Publish Exfiltrated Data on the Public Web

In a new twist, threat actors use a typo squatted domain name to increase the chances that stolen data will be seen by the general public after not being paid the ransom.
Continue Reading

Government, Higher Ed, School Districts, and Healthcare Continue to be Victims of Ransomware Attacks

An analysis of the publicly-accessible data on ransomware attacks shows that these sectors that were a primary target of ransomware in 2021 continued as targets in 2022 to the same degree.
Continue Reading

Cyberinsurer Beazley Introduces a $45M Cyber Catastrophe Bond to Offset Risk

In a move designed to protect the insurer and allow for more cyber policies to be issued, this bond is new to cyberinsurance, but not to insurers as a whole.
Continue Reading

KB4-CON 2023 Agenda is Now Available!

Exciting news! We just released our full conference agenda for KB4-CON 2023, happening April 24-26 in Orlando, Florida. We’ve brought back some of your favorite sessions and have some new ...
Continue Reading

Is Your Organization’s Password Complexity Requirement Strong Enough? Probably Not

Is your organization’s password complexity strong enough?
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews