A Hacker’s Dream: Half of IT Admins Reuse Passwords Across Multiple Accounts

Feb 7, 2019 7:04:26 AM By Stu Sjouwerman

The most recent report from Ponemon shows how IT’s lack of password management is wildly misaligned with the organizations supposed concern for protecting data.

Social Engineering Comes to Wikipedia

Feb 6, 2019 6:55:23 AM By Stu Sjouwerman

Attackers are selectively editing Wikipedia articles to lend credibility to tech support scams, according to Rob VandenBrink at the SANS Internet Storm Center. The Wikipedia page for the ...

New Report Outlines “Bashe” Ransomware Global Infection Scenario Outcomes, including up to $193 Billion in Damages

Feb 6, 2019 6:47:13 AM By Stu Sjouwerman

With the potential for a single coordinated cyberattack aimed at holding the world hostage and putting losses on a global scale, a new report models what it would look like.

Organizations Routinely Phish Their Own Employees to Test Their Systems for Human Vulnerability

Feb 6, 2019 6:38:19 AM By Stu Sjouwerman

As compliance mandates and consumer privacy laws get tougher, businesses are taking matters into their own hands, launching internal phishing attacks to identify at-risk users.

Here is the Phish-prone percentage that a customer sent us today

Feb 5, 2019 1:54:08 PM By Stu Sjouwerman

"We’ve had great success with the KnowBe4 solution. I think the key differentiator for KnowBe4 is the integration of the simulated phishing and analytics in conjunction with the ...

Today I was attacked through an existing vendor using a real email thread

Feb 5, 2019 10:39:55 AM By Stu Sjouwerman

We have been dealing with a vendor of ours for on-hold messages for many years. I send them a Word file with the hold messages, their studio records them, and they send us a wave file ...

CyberheistNews Vol 9 #5 [Brilliant New Social Engineering Phish] "Please DocuSign: Funding for Your Business"

Feb 5, 2019 9:42:07 AM By Stu Sjouwerman

Sextortion Phishing Scam Exploits Recent Breach Fears

Feb 5, 2019 7:23:09 AM By Stu Sjouwerman

Sextortion scam emails are circulating which claim that a popular adult site has been hacked, allowing an attacker to record videos of users through their webcams, according to Lawrence ...

Voicemail Phishing Email Scams are Targeting User Passwords

Feb 5, 2019 7:15:09 AM By Stu Sjouwerman

A devilishly ingenious scam plays on your user’s familiarity with business voicemail, seeking to compromise online credentials without raising concerns.

Ransomware Attacks Cost Organizations an Average of $55K in Q4 2018

Feb 5, 2019 7:06:48 AM By Stu Sjouwerman

The latest report from ransomware response vendor Coveware shows a shift towards larger organizations, bigger ransoms, and a focus on disabling recovery.

This password-stealing phishing attack comes disguised as a fake meeting request from the boss

Feb 4, 2019 5:00:06 PM By Stu Sjouwerman

Danny Palmer at ZDNet reported: "A widespread phishing campaign is targeting executives across a number of industries with messages asking to reschedule a board meeting in an effort to ...

KnowBe4 Fresh Content & Feature Updates - January 2019

Feb 4, 2019 1:59:09 PM By Stu Sjouwerman

Here's a few important updates to share with you for the month of January!

[New Phishing Template] See The Big Game SnoozeFest Highlights In 5 Minutes

Feb 4, 2019 10:14:58 AM By Stu Sjouwerman

Here is a template that you can use to test your users and see if they will click on a Big Game related phishing attack. There are bad guys out there trying several scams to entice ...

WorldWide Threat Assessments of the US Intelligence Community: CYBER

Jan 31, 2019 12:19:22 PM By Stu Sjouwerman

Daniel R. Coats, Director of National Intelligence reported on Threats to US national security on January 29, 2019. He gave big picture, geo-politics data and had a few paragraphs ...

[Brilliant New Social Engineering Phish] "Please Docusign: Funding For Your Business"

Jan 31, 2019 7:13:19 AM By Stu Sjouwerman

A friend was sent this email and he forwarded it to me. It's a brilliant new social engineering phishing scam. It will sail through all your spam / malware filters and email protection ...

"Hacking Humans" Is The No. 1 Podcast Covering Social Engineering!

Jan 30, 2019 11:33:50 AM By Stu Sjouwerman

Each week the CyberWire’s Hacking Humans podcast looks behind the social engineering scams, phishing schemes, and criminal exploits that make headlines and take a heavy toll on ...

CyberheistNews Vol 9 #5 [INFOGRAPHIC] Q4 2018 Top-Clicked Phishing Email Subjects From KnowBe4

Jan 29, 2019 9:44:05 AM By Stu Sjouwerman

Scam Of The Week: CEO Fraud bad guys are now bribing your users

Jan 29, 2019 7:27:00 AM By Stu Sjouwerman

Today saw the arrival of yet another interesting variant of the gift card phishing campaigns that have grown into a deluge over the past few months (see below). Today's email demonstrates ...

DNS Hijacking Almost Always Starts With A Successful Spear Phishing Attack

Jan 28, 2019 4:23:59 PM By Stu Sjouwerman

On Jan. 22, 2019, the Cybersecurity and Infrastructure Security Agency (CISA), which is a part of the U.S. Department of Homeland Security (DHS), issued Emergency Directive 19-01. The ...

Social Engineering Testing: Why Getting Hacked Is a Security Advantage

Jan 28, 2019 3:42:55 PM By Stu Sjouwerman

Stephanie Carruthers, People Hacker for IBM- X-Force Red wrote an excellent post about the need for red-teaming and pentesting your own organization. I'll quote the first paragraph or so, ...

Security Awareness Training Blog

View Topics