Weaponized IQY Files Make Excel Users an Easy Target

Sep 10, 2018 2:05:09 PM By Stu Sjouwerman

The Necurs botnet – most notably responsible for distributing Locky – is now pushing weaponized internet or web query (.IQY) file to evade detection and download malware.

Only 40% of Business Phishing Scams Contain Links

Sep 10, 2018 2:01:43 PM By Stu Sjouwerman

This latest statistic takes the spotlight off of antivirus as the protector, and puts the focus squarely in the hands of your users to stop attacks.

When Russian InfoSec White Hats Go Black

Sep 10, 2018 1:50:29 PM By Stu Sjouwerman

This latest story about one specific cybercriminal group shows how even the most trusted of white-hats can give in to the lure of financial profit, following Evgeniy Bogachev who retired ...

The Fundamental Importance of Choice and Variety in Security Awareness Program Content

Sep 10, 2018 7:07:13 AM By Perry Carpenter

By Perry Carpenter, KnowBe4 Chief Evangelist and Strategy Officer. I’m a bit of an oddball when it comes to the security awareness market in that I’ve seen it from virtually every ...

You're Invited To Participate In The Inaugural 2018 Security Awareness Training Deployment Trends and Usage Survey.

Sep 8, 2018 10:08:15 AM By Stu Sjouwerman

KnowBe4 is running its Inaugural 2018 Security Awareness Training Deployment Trends and Usage Survey.

Finally, KnowBe4 Was Spoofed By Bad Guys. Expected That For Years.

Sep 8, 2018 8:51:19 AM By Stu Sjouwerman

When you become the worldwide No.1 player in your field with tens of thousands of organizations using your platform, you get on people's radar. Both the good guys and the bad apples.

Size Still Doesn’t Matter Especially When It Comes To CEO Fraud

Sep 6, 2018 3:17:42 PM By Stu Sjouwerman

Lloyds Bank says that Business Email Compromise (BEC)—also known as CEO Fraud—rose by 58% in the UK over the past year. While BEC is often associated by the media with large firms, ...

Campaign Email Security "as Bad as 2016"

Sep 5, 2018 4:29:18 PM By Stu Sjouwerman

The founder of Tech Solidarity, a not-for-profit interested in helping the campaigns of progressive Democrats, has been talking to those campaigns about their email security. He's found ...

Is Your Incident Response to Cyber Attacks Useless?

Sep 5, 2018 9:54:11 AM By Stu Sjouwerman

A new report from Carbon Black sheds some light on exactly what cybercriminals are doing, and why traditional incident response is unprepared at best.

Advanced Malware Targets the Telecom Sector And Bypasses Antivirus

Sep 4, 2018 5:32:47 PM By Stu Sjouwerman

The telecommunication service industry is experiencing more advanced malware threats than any other industry group. Researchers at Lastline discovered that ninety percent of malware ...

NY Cyber Law Hits 3rd Deadline: Toughest Yet to Come, How To Get And Stay Compliant?

Sep 4, 2018 3:41:09 PM By Stu Sjouwerman

Craig A. Newman, partner at Patterson Belknap wrote: "By today, financial institutions are required to meet their next deadline for compliance with New York’s cybersecurity law. The ...

Well-Known Cybercrime Group Continues Attacks on Banks

Sep 4, 2018 3:07:11 PM By Stu Sjouwerman

The notorious criminal group Cobalt—aka Carnanak—impersonates vendors or partners to gain access to bank networks, with each successful attack taking in as much as €10 Million.

Email Impersonation aka CEO Fraud Remains on the Rise

Sep 4, 2018 2:26:41 PM By Stu Sjouwerman

With an average of 1 in 6 users receiving email-based impersonation attacks, it spells bad news for organizations.

Vigilance, Passcodes, and PINs the Best Defense Against SIM Swaps

Sep 4, 2018 2:02:20 PM By Stu Sjouwerman

Attackers are using SIM swaps to take advantage of SMS-based verification. A recent string of Instagram takeovers, a crypto currency scam costing an investor over $23 million in tokens, ...

CyberheistNews Vol 8 #35 New Evil PDFs Infect Machines With a Secret Backdoor and Exfiltrate Your Data Via Email

Sep 4, 2018 9:47:30 AM By Stu Sjouwerman

Customer Reports: "GSuite Makes Phishing Training Unnecessarily Hard..."

Sep 2, 2018 1:19:37 PM By Stu Sjouwerman

Customers report to KnowBe4 that they have issues with gmail and their security awareness training program.

$1,170 Is How Much You're Worth On The Dark Web:

Sep 2, 2018 12:35:18 PM By Stu Sjouwerman

The Benzinga site had a good short summary of the current price lists for stolen data on the dark web. "According to the Dark Web Market Price Index released by the independent VPN review ...

Come See Me Speak At The Wall Street Journal Small Business Academy October 16th

Sep 1, 2018 11:18:01 AM By Stu Sjouwerman

Join me at the Wall Street Journal Pro’s Small Business Academy event to equip your business with the skills to manage the mounting risks of cybercrime. They are promoting this event ...

Mobile Phishing Campaign: Homograph Characters + "Free Flights"

Aug 31, 2018 3:27:11 PM By Stu Sjouwerman

Kacy Zurkus at the InfoSec group had the scoop on a campaign recently reported by Farsight Security involving an internationalized domain name (IDN) "homograph-based" phishing website ...

Healthcare Organizations are Unprepared Without Cybersecurity Insurance!

Aug 31, 2018 2:22:45 PM By Stu Sjouwerman

With the Healthcare industry as a primary target by cybercriminals, analytics firm FICO’s latest findings indicate Healthcare is simply not ready for the aftermath of a cyberattack.

Security Awareness Training Blog

View Topics