Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Worst Phishing Scam Of The Week Yet: Cryptolocker

Why Security Awareness Training? Cryptolocker, That's Why... We here at KnowBe4 have been getting a lot of system admins calling us with the request for security awareness training ...
Continue Reading

Major Hotel Franchise Announces Data Breach

White Lodging, a company that maintains hotel franchises under nationwide brands including Hilton, Marriott, Sheraton and Westin appears to have suffered a data breach that exposed credit ...
Continue Reading

Yahoo Email Hacked

Yahoo warned yesterday that unknown attackers have attempted to access a number of Yahoo Mail accounts, and urged users to change their passwords even if they haven't been affected. Jay ...
Continue Reading

Feb 1st Is National Change Your Password Day

Continue Reading

INFOGRAPHI​C: The Illusion of Personal Data Security in E-Commerce

Dashlane’s first quarterly Personal Data Security Roundup was released recently. The roundup takes a look at password policies of the top 100 e-commerce sites, and the results are ...
Continue Reading

Do You Automate Sending SMS/Text Messages For Marketing?

My friend Chip Cooper at digicontracts sent me this, and I think it's a good heads up for all of you. There is a common misconception that text/SMS messages are subject to the same ...
Continue Reading

Scam Of The Week: Funeral Notification Phishing Attack

Another one to warn your employees about. The bad guys do not hesitate to exploit the most basic fears of people; the sudden death of a loved one. The message claims to be from a funeral ...
Continue Reading

CyberheistNews Vol 4, # 04

CyberheistNews Vol 4, # 04
Continue Reading

Arg The Cat O Nine Tails For Careless Clickers

Arg! The Cat O' Nine Tails For Careless Clickers!
Continue Reading

SHOCKER: Point-Of-Failure Phishing Training Does Not Work

The Govinfosecurity site just reported on some very interesting scientific research that finds so-called "embedded training" is ineffective. Let's quickly define "embedded", they chose ...
Continue Reading

WSJ: Did Hackers Got Into Target With Spear-phishing

Today (Jan 22, 2014) Wall Street Journal reporters Charles Levinson and Danny Yadron had a good summary of the current status of the Target Hack.
Continue Reading

What Is The Deep Web 101

Pierluigi Paganini wrote a great blog post today. The Deep Web (or Invisible Web) is all the information on the World Wide Web not reported by normal search engines. It's HUGE. According ...
Continue Reading

December 2013: 1 in 164 emails infected with some malware

Symantec's Intelligence Report for December 2013 is out. To no one's surprise the rate of infected emails is increasing dramatically last quarter, it looked like this
Continue Reading

CyberheistNews Vol 4, # 03

CyberheistNews Vol 4, # 03
Continue Reading

CyberheistNews Vol 4, # 02B

CyberheistNews Vol 4, # 02B
Continue Reading

IT security more critical now than executives expected two years ago

David Braue at CSO reported on some very interesting results of the 11th Annual Information Security Trends report by CompTIA: "28 per cent of respondents said information security was a ...
Continue Reading

CyberheistNews Vol 4, # 02

CyberheistNews Vol 4, # 02
Continue Reading

Consider security training before high-end technology

CompterWeekly.com's "Security Think Tank" section has an opinion piece by Mike Gilespie that's right out of the KnowBe4 playbook.
Continue Reading

The History Of Hacking In 5 Minutes For Dummies

What do you do when you need to explain the history of hacking to a busy non-technical manager in five minutes or less? Here is an attempt to make this extremely complex subject into a ...
Continue Reading

Target Databreach Now 110 Mil Cards - Neiman Marcus Hacked Too

It goes from bad to worse. The initial 40 million turns out to be really 110 million. Apparently the forensics team discovered another 70 million cards exfiltrated. And then the news ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews