Vendor Email Compromise Attacks Use the Same Playbook for Multiple Attacks

Aug 7, 2023 7:39:10 AM By Stu Sjouwerman

Seeking very large paydays, Vendor Email Compromise (VEC) threat actors are finding out what works and repurposing their content and processes to increase chances of seeing a massive ...

Phishing Attacks Continue to Use Attachments as HTML Files Containing Java Dominate

Aug 7, 2023 7:39:05 AM By Stu Sjouwerman

As traditional phishing attack attachment types like Office documents dwindle in use, threat actors look for new effective ways to use email as a delivery medium to launch an attack.

[New Product] Supercharge Your Anti-Phishing Defense with KnowBe4’s PhishER Plus!

Aug 7, 2023 7:00:00 AM By Stu Sjouwerman

Staying one step ahead of cybercriminals is absolutely vital in today’s threat landscape. That's why we're thrilled to introduce PhishER Plus, a revolutionary product from KnowBe4 that ...

WIRED: "This Disinformation Is Just For You."

Aug 6, 2023 11:06:47 AM By Stu Sjouwerman

WIRED just came out with an article that spells out the coming tsunami of highly targeted disinformation. here is a short summary and the article is highly recommended:

New AI Bot FraudGPT Hits the Dark Web to Aid Advanced Cybercriminals

Aug 6, 2023 10:59:01 AM By Stu Sjouwerman

Assisting with the creation of spear phishing emails, cracking tools and verifying stolen credit cards, the existence of FraudGPT will only accelerate the frequency and efficiency of ...

Russian Hackers Breached Government Agencies' MFA Using Microsoft Teams: Is Your Business Next?

Aug 6, 2023 10:22:10 AM By Stu Sjouwerman

Microsoft's recent blog post raised eyebrows through the cybersecurity community. State-backed hackers linked to Russia, known as APT29 or Cozy Bear, have executed “highly targeted” ...

Boarding Pass Selfies and Cybersecurity Don't Mix

Aug 4, 2023 9:14:42 AM By Stu Sjouwerman

There is no such thing as a vacation for cybercriminals. We recently released our top summer cybersecurity travel tips to help keep you safe. Earlier this year, we posted about ...

Advanced Phishing Campaign Exploits 3rd Parties

Aug 3, 2023 10:27:09 AM By Stu Sjouwerman

Researchers at BlueVoyant warn that attackers are increasingly adding an extra step to their phishing campaigns, impersonating third-parties to lend credibility to the scams.

[On-Demand Webinar] The Dark Side of AI: Unmasking its Threats and Navigating the Shadows of Cybersecurity in the Digital Age

Aug 3, 2023 8:00:00 AM By Stu Sjouwerman

Artificial Intelligence (AI) has come roaring to the forefront of today’s technology landscape. It has revolutionized industries and will modernize careers, bringing numerous benefits and ...

The Urgent Need For Cyber Resilience in Healthcare

Aug 2, 2023 2:46:03 PM By Martin Kraemer

A US hospital closed two years after a ransomware incident, highlighting that the health sector continues to be under threat.

KnowBe4 Chooses Drata as Our Exclusive GRC Partner

Aug 2, 2023 10:50:02 AM By Stu Sjouwerman

Drata is KnowBe4’s preferred compliance automation platform for KnowBe4 customers.

Bad Actor Uses Fake Android Chat to Install Malware

Aug 2, 2023 8:52:08 AM By Stu Sjouwerman

Researchers at CYFIRMA warn that the Bahamut threat actor is using a malicious Android app to deliver malware.

A Long-Running Credential Phishing Expedition

Aug 1, 2023 9:02:44 AM By Stu Sjouwerman

Researchers at Akamai describe a credential phishing campaign that’s been running since at least March 2022. Due to the volume of traffic to the phishing sites, the researchers estimate ...

CyberheistNews Vol 13 #31 [Beware of the Barbie Scams] What You Need to Know After the Recent Movie Release

Aug 1, 2023 9:00:00 AM By Stu Sjouwerman

Amazon Sends Email to Customers on Common Scam Tactics

Jul 31, 2023 11:00:43 AM By Stu Sjouwerman

We've reported on several Amazon scams, but for once, there is positive news. Amazon sent an email Thursday morning highlighting the top scams your users should watch out for:

CISA Discovers Spear Phishing and Valid Account Compromise Are the Most Common Attack Vectors

Jul 31, 2023 11:00:38 AM By Stu Sjouwerman

The US Cybersecurity and Infrastructure Security Agency (CISA) has found that compromise of valid accounts and spear phishing attacks were the two most common vectors of initial access in ...

Heads Up: Google Inactive Account Deletion Notifications

Jul 31, 2023 8:17:51 AM By Stu Sjouwerman

Google announced an update to their inactive account policies in May. Accounts that have been inactive for a period of two years or more will start being deleted in December 2023, at the ...

Researchers uncover surprising method to hack the guardrails of LLMs

Jul 29, 2023 9:12:49 AM By Stu Sjouwerman

Researchers from Carnegie Mellon University and the Center for A.I. Safety have discovered a new prompt injection method to override the guardrails of large language models (LLMs). These ...

Your KnowBe4 Fresh Content Updates from July 2023

Jul 28, 2023 8:00:00 AM By Stu Sjouwerman

Check out the 28 new pieces of training content added in July, alongside the always fresh content update highlights, events and new features.

SEC Implements New Rule Requiring Firms to Disclose Cybersecurity Breaches in 4 Days

Jul 28, 2023 6:57:47 AM By Stu Sjouwerman

What happened? The SEC (Securities and Exchange Commission) has introduced new rules that require public companies to be more transparent about their cybersecurity risks and any breaches ...

Security Awareness Training Blog

View Topics