KnowBe4 Blog

New Lazarus Spearphishing Attack on Crypto Organizations Uses a LinkedIn Job Posting as its Front

What better way to gain complete control over a crypto organization’s network that to target their sysadmin with a Job Posting and then spear phish them?

Tesla and the FBI just prevented a $1 million ransomware hack at the Nevada Gigafactory

Fred Lambert at Electrek just reported on a story we published Aug 26th, and he reveals who was targeted: "Tesla and the FBI worked together to prevent a group of ransomware hackers from ...

The Bureau Explains How Tech Support Scams Work

Tech support scams function like organized businesses and consist of various criminals fulfilling different roles, according to court documents obtained by ZDNet. The documents contain ...

Russian Charged With Trying to Recruit Employee to Plant Ransomware in US Company

Michael Kan at PC Mag reported: "According to the FBI, Egor Igorevich Kriuchkov promised to pay as much as $1 million to the employee to help his shadowy group steal data from a ...

Recent Phishing Scam Sends Uncertain Employment and Bogus Layoff Notices

Scammers have been exploiting people’s fears by posing as HR employees and sending emails informing recipients that they’ve been laid off, according to Kaspersky’s spam and phishing ...

What happens when you type in a URL in an address bar in a browser?

I saw this post on twitter with a fun and educational infographic that shows it's quite a complicated affair where lots of things can go wrong. Here is the infographic, and if you click ...

Watch Out! Cybersecurity and Infrastructure Security Agency Warn of New VBA Attack Designed to Deploy KONNI Remote Administration Tool

A new alert from CISA outlines just how dangerous and intrusive the KONNI malware is in organizations that fall for phishing attacks using Word attachments with malicious VBA code.

[Heads Up] Weaponized Disinformation Campaigns Skyrocket; KnowBe4 Releases New Spot & Stop DisInfo Training Module

Disinformation is a potent weapon in the current cold cyberwar arsenal. DisInfo attacks are skyrocketing and the number of countries using organized social media manipulation is going up ...

New Vishing Attacks Pretend to Be Internal IT to Scam Users from Financial Firms Out of Their Credentials

Dozens of banks, cryptocurrency exchanges, and web hosting firms have experienced vishing attacks aimed at eventually stealing cryptocurrency from high net-worth customers.

CyberheistNews Vol 10 #35 [Heads Up] Watch Out for OAuth Phishing Attacks and How You Can Stay Safe