KnowBe4

Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.

View Topics

Adwind Trojan Uses Phishing To Circumvent Antivirus And Infect Workstations

Sep 25, 2018 7:25:20 AM By Stu Sjouwerman
Charlie Osborne reported at ZDNet that Adwind, a Remote Access Trojan (RAT) previously connected to attacks against industries worldwide, is back with a new toolkit designed to trick ...
Continue Reading

I Got Vished (and So Can Your Users)

Sep 25, 2018 7:01:18 AM By Stu Sjouwerman
Written by Guest Blogger Nick Cavalancia, Microsoft MVP Hear one cybersecurity expert’s experience of missing the signs and getting duped over the phone. If it can happen to him, it can ...
Continue Reading

CyberheistNews Vol 8 #38 [FBI ALERT]: "Cybercrime Uses Social Engineering Techniques to Steal Employee Credentials and Commit Payroll Diversion."

Sep 24, 2018 10:04:08 AM By Stu Sjouwerman
Continue Reading

Reminder: In Spite of Windows Flaws, Hackers Prefer Social Engineering

Sep 24, 2018 7:13:06 AM By Stu Sjouwerman
Nearly half of hackers surveyed at the recent Black Hat conference in Las Vegas admitted easily compromising both Windows 8 and 10 in the past year.
Continue Reading

Phishing Attack On Office 365 Account Leads To 3 Million CEO Fraud

Sep 24, 2018 7:02:50 AM By Stu Sjouwerman
A phishing attack on an Office 365-account enabled a 3 Mil CEO Fraud Scam at an investment firm.  Finnish antivirus company F-Secure reported on their blog. One of the employees at the ...
Continue Reading

[Heads-up] Two Interesting Things You Want To Know About Right Away

Sep 23, 2018 12:45:17 PM By Stu Sjouwerman
This is the very first time I am giving you a heads-up about a new, complimentary tool that you really should run ASAP. It's called Domain Doppelgänger and will be released Thursday ...
Continue Reading

Looking at Cyber Attacks From the Inside Out, It’s All About Social Engineering

Sep 21, 2018 2:14:56 PM By Stu Sjouwerman
Frances Zelazny, Vice President of BioCatch, gave a recent Tech Republic interview to share some insight into how hackers can access your passwords. It's familiar but worth reviewing, ...
Continue Reading

Don’t Pay Hackers Ransom: It Only Encourages Them

Sep 20, 2018 5:08:12 PM By Stu Sjouwerman
S mall and medium business owners often a ssume they're not a likely target of cybercrime. This is a dangerous mistake for to make. Cyber attacks on smaller organizations can be ...
Continue Reading

The Need for Security Champions as Part of Your Security Culture

Sep 20, 2018 2:59:34 PM By Stu Sjouwerman
Security cultures don’t exist within organizations because IT wills them to. With the increase in attacks, organizations need internal advocates for the necessary shift in corporate ...
Continue Reading

It Only Takes One Phish to Spoil Your IPO

Sep 20, 2018 2:53:05 PM By Stu Sjouwerman
The recent data breach of pre-IPO biotech firm Guardant Health shows how much impact a single successful phishing attack can have on an organization.
Continue Reading

Microsoft Office Macros Remain Top Choice for Malware Delivery

Sep 20, 2018 11:58:07 AM By Stu Sjouwerman
Microsoft Office documents containing malicious macros accounted for 45 percent of malware loaders in August 2018, according to a blog post by Cofense. These macros were used to deliver a ...
Continue Reading

Social Engineering, Just a Call Away

Sep 19, 2018 5:38:50 PM By Stu Sjouwerman
An email arrives, and you think it’s from your boss. Because it has your boss’s name on it, there's a huge psychological response, and you tend do what is requested. After a cordial ...
Continue Reading

WSJ: "Forget Passwords. It’s Time for Passphrases."

Sep 19, 2018 9:45:21 AM By Stu Sjouwerman
Mr. Henry Williams is a deputy editor for The Wall Street Journal in New York, and he reported on something we just also recommended. Here is an excerpt with a link to the full article at ...
Continue Reading

Cryptojacking 101: A First Look at Cryptomining Attacks

Sep 18, 2018 4:26:28 PM By Stu Sjouwerman
Your organization might just be making someone else money by allowing them to mine for cryptocurrency on your computers… and not even know it.
Continue Reading

When Does Effective Persuasion Become Manipulation and Social Engineering?

Sep 18, 2018 1:43:05 PM By Stu Sjouwerman
There’s a fine but clear line between ethical and unethical persuasion, says Joe Gray, a security consultant from the “Advanced Persistent Security” blog and podcast. Gray recently ...
Continue Reading

Brand-New Ransomware Simulator Tool Now with Cryptomining Scenario

Sep 18, 2018 10:05:54 AM By Stu Sjouwerman
Bad guys are constantly coming out with new malware versions to evade detection. That’s why we’ve updated our Ransomware Simulated tool “RanSim” to include a new cryptomining scenario! ...
Continue Reading

CyberheistNews Vol 8 #37 Scam Of The Week: "The Boss Needs iTunes Gift Cards for Customers...NOW"

Sep 18, 2018 9:47:25 AM By Stu Sjouwerman
Continue Reading

The Evolution Of "Friendly Name" Spoofing During Phishing Attacks

Sep 14, 2018 5:08:05 PM By Stu Sjouwerman
Our friends at Bleepingcomputer had a great article written by Ionut Ilascu I think you will like: "While phishing continues to be the prevalent threat in malware-less email-based ...
Continue Reading

WATCH IT - Current Events Will Be Misused for Phishing...AGAIN

Sep 14, 2018 10:22:59 AM By Stu Sjouwerman
Here are the latest Current Events phishes from the KnowBe4 team over the past few days, some prompted by warnings from US-CERT.
Continue Reading

Sixth Circuit Says Policyholder's Social Engineering Loss Covered By Computer Fraud Policy

Sep 14, 2018 10:12:34 AM By Stu Sjouwerman
Note: We blogged about a very similar 2nd  Circuit case earlier this year in CyberheistNews, the first paragraph below refers to that case.
Continue Reading
Subscribe

Search Our Blog


Ransomware Hostage Rescue Manual

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews