Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

Increase in Office 365 Attacks and Data Breaches Should Be Expected as We Approach the 2019 Tax Season

Jan 16, 2019 10:20:47 AM By Stu Sjouwerman
Experts warn of uptick in phishing attacks against businesses leveraging Office 365 as the tax season begins, tensions run high, and opportunities to trick off-guard users will be plenty.
Continue Reading

[THIS IS NOT A DRILL] KB4 Training Template Used As Phishing In The Wild

Jan 15, 2019 3:20:43 PM By Stu Sjouwerman
It's a known fact that once your market share is big enough, the bad guys are going after you. Used to be that viruses and malware were only developed for Windows, but when Apple got to ...
Continue Reading

Brand-New Tool: Password Exposure Test Identifies Risky Users

Jan 15, 2019 9:29:06 AM By Stu Sjouwerman
Cybercriminals are constantly coming out with new ways to hack into your network and steal your organization’s confidential information. According to the 2018 Verizon Data Breach Report, ...
Continue Reading

CyberheistNews Vol 9 #3 Your Boss NEEDS to Read This WSJ Article About Our Power Grid and How the Russians Hacked it With Phishing

Jan 15, 2019 9:09:57 AM By Stu Sjouwerman
Continue Reading

Awareness Training is the Key to a Culture of Security

Jan 14, 2019 3:47:52 PM By Stu Sjouwerman
Here’s a follow-up to an earlier post of ours, with amplification of points well-worth making.
Continue Reading

Scam Of The Week: "When Users Add Their Names to a Wall of Shame"

Jan 14, 2019 10:00:00 AM By Stu Sjouwerman
Eric Howes, KnowBe4 Principal Lab Researcher, found out about another insidious bad guy trick: "If you work in IT there has undoubtedly come a dark moment when you wondered to yourself ...
Continue Reading

Your Boss NEEDS To Read This WSJ Article About Our Power Grid And How The Russians Hacked It With Phishing

Jan 13, 2019 9:20:19 AM By Stu Sjouwerman
In a Jan 10, 2019 article, the Wall Street Journal reconstructed the worst known hack into the USA's power grid revealing attacks on hundreds of small contractors.
Continue Reading

Email Security Gap Analysis: Survey Finds Phishing Is The No. 1 Attack That Worries IT Pros Most

Jan 12, 2019 6:34:32 PM By Stu Sjouwerman
There are a few companies that frequently report on so-called "email security gap analysis" numbers: Mimecast, Proofpoint and Cyren. They are all IT security companies that have email ...
Continue Reading

Finra punishes former Schwab broker for lying about role in $800,000 CEO Fraud scam

Jan 12, 2019 10:26:19 AM By Stu Sjouwerman
A former broker for Charles Schwab & Co.was fined $5,000 and suspended for 90 days by Finra for lying to Schwab about a CEO Fraud attack in which he wired nearly $800,000 to someone ...
Continue Reading

New Data Suggests that Negligent Employees May Be the Reason Data Breaches are So Successful

Jan 11, 2019 5:05:26 PM By Stu Sjouwerman
When it comes to root causes of data breaches, it’s not your firewall, your endpoint protection, your antivirus, nor your patching that’s failing you; it’s your employees.
Continue Reading

Banking Cyber Heists Celebrate Their 25th Birthday!

Jan 10, 2019 4:10:30 PM By Stu Sjouwerman
2019 marks the 25th anniversary of the very first cyber-heist, netting one of the first cybercriminals $10 million from Citibank. The tactics have changed, but the target hasn’t.
Continue Reading

Lowlife Scammers exploit Sick Children in Latest Ransomware Attack

Jan 10, 2019 3:37:33 PM By Stu Sjouwerman
The outrageous attack combination of ransomware, claims to donate to charity, and even details of children’s names, diagnoses, and pictures proves there is no low cybercriminals won’t go ...
Continue Reading

The Government may be shut down, but the bad guys are not

Jan 10, 2019 2:18:49 PM By Eric Howes
By Eric Howes, KnowBe4 Principal Lab Researcher. Once again we are starting tax season, and malicious actors are spinning up phishing campaigns to exploit the myriad opportunities ...
Continue Reading

Ohio’s New Data Security Law Seeks to Minimize the Risk of Data Breach Impacting Insurers and Their Customers

Jan 9, 2019 7:09:45 AM By Stu Sjouwerman
Following in the footsteps of North Carolina, the new Ohio law looks to regulate the cybersecurity practices, reporting, and notifications of its insurance industry.
Continue Reading

It Only Takes 1 Phish: “Unremarkable” Phishing Attack Results in a Breach in the European Union’s Diplomatic Communications Network

Jan 9, 2019 7:02:51 AM By Stu Sjouwerman
A three-year-long cyber-attack led to the successful breach of the all communications between all EU member states, putting countries and their futures at risk.
Continue Reading

The Dark Overlord Ransoms 9/11 Files Showing How Law Firms Can be at Risk of Data Breach

Jan 9, 2019 6:53:16 AM By Stu Sjouwerman
The actions by the cybercriminal organization The Dark Overlord demonstrate how law firms need to take data security and cyber readiness seriously.
Continue Reading

[Heads-up] Double Trouble: Ransomware And File Thief Combined In Nasty Hybrid Malware

Jan 8, 2019 2:47:18 PM By Stu Sjouwerman
A new malware attack has been detected in the wild. This nasty combines two known pieces of malware: the Vidar data harvesting malware followed by GandCrab ransomware.
Continue Reading

CyberheistNews Vol 9 #2 "10 Incredible Ways You Can Be Hacked Through Email & How to Stop Them"

Jan 8, 2019 9:29:05 AM By Stu Sjouwerman
Continue Reading

International Legal Tech Association: "KnowBe4 Is The Biggest Winner In Awareness Content"

Jan 5, 2019 11:30:16 AM By Stu Sjouwerman
The International Legal Technology Association is the premier peer-driven association for technologists in the legal field. The ILTA's most prestigious publication each year is their ...
Continue Reading

Phishing Kit Uses Custom Font Files to Decode Text

Jan 5, 2019 10:40:48 AM By Stu Sjouwerman
Researchers at Proofpoint discovered a phishing template that uses a unique method for encoding text using web fonts. The researchers found that the source code of the landing page ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews