KnowBe4

Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Inside A Massive Spam Operation, And Shutting It Down

  We’ve blogged before about spammers using publicly accessible databases to help them with large-scale spam campaigns. Here’s what one such recent campaign looks like from the insider. ...
Continue Reading

Business Email Compromise (BEC) Attacks Go Mobile Using SMS to Increase Attack Success

Compromise-by-Text turns out to be an even better medium for cybercriminals to fool users into becoming victims. A new article from security vendor Asigra demonstrates how and why.
Continue Reading

New York Launches a Cybercrime Brigade

The WSJ in their Opinion section reported about a NY citywide initiative that aims to coordinate all digital law-enforcement efforts. The op ed was written by Cy Vance, Manhattan district ...
Continue Reading

Scaring People with GDPR

Criminals are taking advantage of misunderstandings surrounding the European Union’s General Data Protection Regulation (GDPR) to exploit gullible employees and organizations, according ...
Continue Reading

Brand-New Tool: Phishing Reply Test Identifies Users Likely to Fall Victim to Fraudsters

Highly targeted phishing attacks, known as Business Email Compromise or CEO fraud scams have exceeded $12.5 billion in total known losses worldwide. These social engineering attacks are ...
Continue Reading

vxCrypter Is the First Ransomware to Delete Duplicate Files

  Our friend Larry Abrams at bleepingcomputer wrote: "The vxCrypter Ransomware could be the first ransomware infection that not only encrypts a victim's data, but also tidies up their ...
Continue Reading

The Famous Fall Victim To Phishing, Too

A Georgia resident has taken a guilty plea to charges of hacking numerous Apple accounts belonging to high-profile athletes and musicians and stealing their credit card information, ...
Continue Reading

AV-Test compares 19 Antivirus Tools: Windows Defender Reaches Maximum Detection Score

  The German AV-Test lab compared 19 antivirus products, including the free Windows Defender which comes with the Win10 OS. Defender reached the max detection score, which was better than ...
Continue Reading

Cyber Security is About Culture and People, not Technology

Security isn’t just IT’s problem, but everyone’s problem within the organization. The key isn’t “yet another security solution”, but a changing of the way the organization thinks about ...
Continue Reading

ISACA Recommends Phishing Simulations and Measurement as Appropriate Defense to Reduce Risk of Successful Phishing Attacks

Organizations are working to limit the effectiveness of phishing attacks using both internal and external collateral and programs. According to ISACA, the important thing is to have ...
Continue Reading

Mobile Devices Rise as a Top Attack Vector for Cybercriminals; Malware and Phishing Remain Primary Concerns

Cybercriminals are using every means available to reach their victims. According to Verizon’s latest data, attacks on mobile devices are increasing while security efforts fall behind.
Continue Reading

90% of large tech companies vulnerable to email spoofing

Most companies have not implemented standards for authenticating emails and preventing hackers from successful phishing attacks, according to Valimail.
Continue Reading

Which Employees are the Cyber Criminals After?

Lower-level employees are the workers most likely to face highly-targeted attacks, according to the online marketing firm Reboot. Citing information from Proofpoint’s most recent ...
Continue Reading

Microsoft Takes Control Of 99 Phishing Domains Operated By Iranian State Hackers

The domains had been used as part of spear-phishing campaigns aimed at users in the US and across the world. Court documents unsealed today revealed that Microsoft has been waging a ...
Continue Reading

NotPetya act of war exclusion spreads to second insurer

A second insurer has refused to pay out over the NotPetya cyberattack based on an act of war exclusion, prompting growing concerns for businesses relying on cybersecurity insurance to ...
Continue Reading

Cybercriminals Double-Down on What Works, Nearly Doubling the Number of Phishing Attacks in 2018

Using a combination of old and new tactics and distribution channels, cybercriminals continue to seek to compromise endpoints and obtain online credentials.    The targets haven’t ...
Continue Reading

[New Comedy Series] KnowBe4's Popcorn Training Releases 8-Episode Security Awareness Videos - 'Standups 4 Security'

We’re excited to announce the release of this new security awareness video series for our customers called ‘Standups 4 Security’ from our team at Popcorn Training. In this new 8-episode ...
Continue Reading

Insurers Creating a Consumer Ratings Service for Cybersecurity Industry

The WSJ reported on news that a Collaborative effort led by Marsh & McLennan would score the best cyber security products for reducing hacking risk, and provide potential discounts on ...
Continue Reading

Find out which of your users' emails are exposed before the bad guys do

Do you know how big your email attack surface really is? Open Source Intelligence (OSINT) is the collection of information from public sources on the Internet that both red teams and bad ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews