KnowBe4 Blog

Yet Another Disk Image File Format Spotted in the Wild Used to Deliver Malware

Disguised as an invoice, cybercriminals use a Windows-supported disk image to obfuscate malware from email gateways and security scanners. The question is how viable will it be?

35% of Cybersecurity Incidents are Business Email Compromise (BEC) Phishing Attacks

With cybercriminals looking for the fastest means to get from attack to a big payout, BEC attacks are shifting tactics to adjust to organizations being better prepared.

[Eye Opener] The Biggest Bitcoin Heist Ever: A Whopping 3.6 Billion Dollars!

I'm not sure why this is not all over the press. Bloomberg picked up on this though. A pair of South African brothers have vanished, along with Bitcoin worth $3.6 billion from their ...

CyberheistNews Vol 11 #25 [Heads Up] Attackers Abuse Your Google Docs With a New Phishing Angle

New Phishing Attack Adds a Call Center Step to Get You to Download Malware

Unlike traditional phishing emails that simply attach or link to a malicious file, a new scam from cybercriminal group BazaCall makes victims call in and be instructed to download the ...

Cybersecurity and Business Priorities Don’t Appear to Be Aligning – and That’s Bad for Your Security Stance

Despite organizational leadership believing cyber security initiatives can support business goals, the way businesses approach cybersecurity seems to prove otherwise.

An Unusual Attachment is Most Likely a Phishing Campaign

A phishing campaign is using Windows Imaging Format (WIM) files to deliver malware, according to researchers at Trustwave. WIM files aren’t commonly thought of as potentially malicious, ...

Misconfigured Cloud Database Increases Risk of Social Engineering

DreamHost, a major website hosting provider, exposed 814 million user account records in an unsecured database, researchers at Website Planet have found. The data exposed included a ...

[HEADS UP] Over 400% Increase in Ransomware Victims

According to a recent report by OODA Loop, "Mandiant claims to have detected a 422% increase in victim organizations announced by ransomware groups via their leak sites year-on-year ...

Threat Actors use Google Ads to Target People Migrating to Encrypted Messaging Services like Signal and Telegram

Researchers at eSentire warn that threat actors have been using Google Ads to target people migrating from WhatsApp to other encrypted messaging services, particularly Signal and Telegram.