Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

"Delete" Notification as Office 365 Phishbait

Attackers are posing as Office 365 support in phishing emails that warn users about an “unusual volume of file deletion” on their accounts, BleepingComputer has found. The emails claim ...
Continue Reading

A Case of Password Spraying

Citrix last month confirmed the FBI’s suspicions that hackers had used a technique known as “password spraying” to compromise the company’s networks before stealing a massive amount of ...
Continue Reading

Impersonation Phishing Attacks Up 67% in Last 12 Months

Social engineering attacks using impersonation tactics increased by 67% over the past twelve months, according to Mimecast’s annual State of Email Security report. Mimecast surveyed more ...
Continue Reading

KnowBe4 Is UK's Security Training And Consultancy Provider Of The Year

We're extremely pleased to have won UK's prestigious Network Computing Security Training And Consultancy Provider Of The Year.
Continue Reading

Why KnowBe4 Is The Only True Global Security Awareness Training Vendor

Security awareness, by its very nature, relies on communication. And that communication, in turn, relies on clarity so that it can be fully understood and applied by the learner. To be ...
Continue Reading

Red Flags Warn of Social Engineering

The easiest way to avoid falling for scams and other social engineering attacks is to have an understanding of the tactics employed by attackers, according to Roger A. Grimes, writing in ...
Continue Reading

Phishing Canadian Targets

We have recently blogged about KrebsOnSecurity's story on compromised Canadian business email addresses. Here is some updated background on threats to Canadian organizations.
Continue Reading

A Single Tweet Saw One Woman's Bank Account Entirely Wiped Out

Dean Dunham at The Mirror in the UK reported: "Social media is often disgruntled customers first port of call when they want to make a complaint about goods or services these days, but ...
Continue Reading

Phishing Sites Increase by 30% in the First Quarter of 2019 Putting SaaS and Webmail at Risk

Cybercriminals seem to be increasing their efforts in quantity, frequency, and obfuscation, according to the latest data from the international cybercrime coalition, the Anti-Phishing ...
Continue Reading

Beazley Insurance Breach Insights: "Ransomware Attacks Skyrocket"

Ransomware attacks skyrocketed in the first quarter of 2019, according to the Beazley Breach Response (BBR) Services team, which reports a 105% increase in the number of ransomware attack ...
Continue Reading

“Monster” Data Breaches Result in an Average Cost of $347 Million

Data breaches in the hundreds of millions of records have made the news over the last two years. The latest report from Bitglass covers the results and repercussions of the breaches.
Continue Reading

Over 10 Million People Hit In Single Australian Data Breach

The Office of the Australian Information Commissioner's (OAIC) quarterly data breach report also revealed private health was again the country's most affected sector.
Continue Reading

UK Says It Warned 16 Nato Allies Of Russian Hacking Activities

The UK has shared information on Russian hacking attacks with 16 NATO allies over the last 18 months, a British government official said today. "I can disclose that in the last 18 months, ...
Continue Reading

72 Percent Of Cyber Security Professionals Have Considered Quitting Over Lack Of Resources

Ian Barker at Betanews commented on something astounding.
Continue Reading

[Heads-up] Scary Phishing Attack Uses Legal Threats From Law Firm

Brian Krebs just posted the following alert: "Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Such scams typically notify the ...
Continue Reading

Employees Don’t Take USB Security Seriously, Putting Organizations at Risk

USB devices continue to be a necessity for employees, an entry point for attackers, and an insecure medium to connect the two, spelling trouble for organizations.
Continue Reading

U.S. Department of Homeland Security Issues List of Office 365 Security Vulnerabilities and Best Practices

The latest Analysis Report covers both areas of concern around Office 365 configurations that impact security, and offers up some simple recommendations to shore up vulnerabilities.
Continue Reading

Tell us about your biggest security threats for a chance to win a $100 Amazon Gift Card!

  Once a year, KnowBe4 runs its  Security Threats and Trends Survey. We’re polling IT and Security executives, administrators and professionals like yourself on what technology and ...
Continue Reading

Q1 2019 Top-Clicked Phishing Email Subjects from KnowBe4 [INFOGRAPHIC]

Every quarter, KnowBe4 reports on the top-clicked phishing emails by subject lines in three categories: Social, General, and 'In the Wild'. The latter category results come from ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews