Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

What Do the Latest SEC Charges Against Solarwinds’ CISO Mean for CISOs Everywhere?

In this blog, we'll take a look at the well-known Sunburst attack of 2018 and how the specific charges stemming from this attack will impact Chief Information Security Officers (CISOs) ...
Continue Reading

[INFOGRAPHIC] Original Research: Cybersecurity Challenges Faced by European Infosec Leaders

Cybersecurity threats continue to put European organisations of all sizes at risk. Infosec leaders face multi-pronged challenges, from mitigating the threats themselves to managing the ...
Continue Reading

“Skillful Social Engineering of the IT Support Desk” One of the Most Common Tactics in Ransomware Attacks

As ransom payments reach an all-time high, it’s time to look at attacks from a data perspective and find the greatest opportunities to stop these attacks.
Continue Reading

KnowBe4 Wins Multiple 2023 Best Of Awards From TrustRadius

KnowBe4 is proud to be recognized by TrustRadius for our Security Awareness Training and PhishER platforms in three categories for Best Value for Price, Best Relationship and Best Feature ...
Continue Reading

New Phishing Campaign Abusing .top Domains

A phishing campaign is exploiting a large number of .top domains, according to researchers from WhoisXML API. In an article for CircleID, the researchers analyzed a phishing operation ...
Continue Reading

New York Department of Financial Services Strengthens Cybersecurity Regulation

The NYDFS’ 23 NYCRR Part 500 has been updated to reflect the current preventative and responsive measures necessary for Financial Services org to be ready for cyber attacks.
Continue Reading

New State of Phishing Report 2023: An Alarming Surge in Phishing Threats

The fight against cyber threats remains a top priority for all organizations, including phishing attacks. SlashNext just released its much-anticipated annual "State of Phishing Report for ...
Continue Reading

Targeted Social Engineering on the Rise With Lowering Phishing-as-a-Service Costs

Targeted individuals were the most common victims of social engineering attacks in the second half of 2022 and the first half of 2023, according to researchers at AtlasVPN.
Continue Reading

Get Ready: International Fraud Awareness Week

November 12-18, 2023 is International Fraud Awareness Week and I know what you are thinking: “Didn’t we just have an entire month dedicated to cyber fraud and cybersecurity in general?” ...
Continue Reading

IT Admins Continue to Use Weak Passwords

In an analysis of web pages identified as admin portals, some incredibly weak passwords were identified – and some of them are going to really surprise you.
Continue Reading

Healthcare Sector Experiencing Increases in Ransomware, Ransoms and Downtime

An analysis of ransomware attacks on healthcare organizations from 2016 through October of 2023 shows the healthcare sector is likely to continue to suffer as a viable ransomware target.
Continue Reading

Spear Phishing Becomes Most Common Attack Technique in Q3 2023

Spear phishing was the most common attack technique in the third quarter of 2023, according to researchers at ReliaQuest.
Continue Reading

Cybersecurity Expert: AI Lends Phishing Plausibility for Bad Actors

Cybersecurity experts expect to see threat actors increasingly make use of AI tools to craft convincing, highly targeted and sophisticated social engineering attacks, according to Eric ...
Continue Reading

Small Businesses are Experiencing More Cyber Attacks

As large organizations realize the likelihood of cyber attacks and improve their cyber readiness, small businesses are seeing increases not experienced by their larger counterparts.
Continue Reading

Investigate User-Reported Emails with Ease Through the Powerful Combination of CrowdStrike Falcon Sandbox and KnowBe4 PhishER Plus

The never-ending deluge of phishing emails, malware and ransomware threats can leave incident response and security operation teams (SOC) looking for faster ways to analyze user-reported ...
Continue Reading

WSJ: "SEC Sues SolarWinds Over 2020 Hack Attributed to Russians"

October 30, 2023 the Wall street Journal broke news that the United States Security and Exchange Commission sued Solarwinds. Here are the first few paragraphs and there is a link to the ...
Continue Reading

September Sees a 32% Increase in the Number of Ransomware Attacks in Just One Month

Continued analysis of ransomware attacks shows an upward trend in the number of attacks, with September resulting in the highest number of assaults so far this year.
Continue Reading

Cybercriminal Group Octo Tempest and Its Menacing Phishbait

Microsoft is tracking a cybercriminal group called “Octo Tempest” that uses threats of violence as part of its social engineering and data theft extortion campaigns.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews