Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

Walmart Jumps to Top of the List of the Worlds Most Impersonated Brands Used in Phishing Attacks

May 4, 2023 8:38:24 AM By Stu Sjouwerman
Walmart’s rise to become the brand most likely to be impersonated in Q1 of this year is a real problem.
Continue Reading

Malware Downloads Facilitated by Social Engineering

May 4, 2023 8:28:47 AM By Stu Sjouwerman
The most common route for malware infections remains social engineering in its various forms: phishing, vishing, etc. Such approaches take advantage of users’ deliberately cultivated ...
Continue Reading

[May the 4th] How Security Awareness Training Could Have Saved the Death Star

May 4, 2023 8:05:00 AM By Stu Sjouwerman
It's May the 4th, a holiday that celebrates our love for a galaxy far, far, away - Star Wars! I can't help but share some cybersecurity learning lessons from one of my favorite Sci-Fi ...
Continue Reading

[FREE RESOURCE KIT] New Password Security Resource Kit to Celebrate World Password Day!

May 4, 2023 8:00:00 AM By Stu Sjouwerman
It's World Password Day! This holiday is to ensure everyone always practices good password hygiene. This year, we wanted to share the best password resources with you to share with your ...
Continue Reading

WSJ: "Merck’s Insurers On the Hook in $1.4 Billion NotPetya Attack, Court Says"

May 3, 2023 10:45:35 AM By Stu Sjouwerman
I get the WSJ Cybersecurity newsletter, which by the way is warmly recommended. Kim Nash today reported a shocker which will make everyone's insurance premiums go even further up: "Six ...
Continue Reading

[Feet on the Ground] Stepping Carefully When Making an AI Your BFF

May 2, 2023 1:40:51 PM By Stu Sjouwerman
Bloomberg's Brad Stone wrote an op-ed covering this topic. In the past month, a chatbot called "My AI" or "Sage" has appeared as a new friend for several hundred million Snapchat users. ...
Continue Reading

[Watch Your Back] New Fake Chrome Update Error Attack Targets Your Users

May 2, 2023 10:34:03 AM By Stu Sjouwerman
Compromised websites (legitimate sites that have been successfully compromised to support social engineering) are serving visitors fake Google Chrome update error messages.
Continue Reading

CyberheistNews Vol 13 #18 [Eye on AI] Does ChatGPT Have Cybersecurity Tells?

May 2, 2023 9:00:00 AM By Stu Sjouwerman
CyberheistNews Vol 13 #18  |   May 2nd, 2023 [Eye on AI] Does ChatGPT Have Cybersecurity Tells? Poker players and other human lie detectors look for "tells," that is, a sign by which ...
Continue Reading

The Two Best Things You Can Do To Protect Yourself and Organization

May 2, 2023 8:22:23 AM By Roger Grimes
Since the beginning, two types of computer attacks (known as initial root cause exploits) have composed the vast majority of successful attacks: social engineering and exploiting ...
Continue Reading

Phishing as an Espionage Tactic for Cybercriminals

May 2, 2023 8:21:31 AM By Stu Sjouwerman
Phishing is a familiar criminal tactic. It’s also used by intelligence services for cyber espionage campaigns. On Friday, April 28th, 2023, CERT-UA, Ukraine’s Computer Emergency Response ...
Continue Reading

Phishing Attack Frequency Rises Nearly 50% as Some Sectors Increase by as Much as 576%

May 1, 2023 10:31:33 AM By Stu Sjouwerman
New data provides a multi-faceted look at the changing face of phishing attacks. This data includes who’s being targeted, the tactics being used, and why phishing attacks continue to work.
Continue Reading

Automate Reporting for Security Awareness Training Events and Suspicious Email Remediation Management with Cortex XSOAR and KnowBe4

May 1, 2023 8:00:00 AM By Stu Sjouwerman
Security teams face unique challenges in today’s rapidly-changing landscape of phishing, malware, and other social engineering and cybersecurity threats. Collaboration across disparate ...
Continue Reading

Your KnowBe4 Fresh Content Updates from April 2023

Apr 28, 2023 8:00:00 AM By Stu Sjouwerman
Check out the 19 new pieces of training content added in April, alongside the always fresh content update highlights, events and new features.
Continue Reading

Heart of the Matter: How LLMs Can Show Political Bias in Their Outputs

Apr 28, 2023 6:59:09 AM By Stu Sjouwerman
Wired just published an interesting story about political bias that can show up in LLM's due to their training. It is becoming clear that training an LLM to exhibit a certain bias is ...
Continue Reading

[Eyes Wide Shut] Fed Powell's Call with Russian Pranksters Exposed as Social Engineering

Apr 28, 2023 6:17:37 AM By Stu Sjouwerman
It was all over the news. Fed's Jerome Powell was social engineered by Russian pranksters posing as Zelensky. 
Continue Reading

[Live Demo] Customizing Your Compliance Training to Increase Effectiveness

Apr 27, 2023 1:24:03 PM By Stu Sjouwerman
Linking compliance training to specific outcomes is hard. Compliance training has a reputation for being challenging for organizations to offer, difficult to do right and employees are ...
Continue Reading

Does ChatGPT Have Cybersecurity Tells?

Apr 27, 2023 8:46:59 AM By Stu Sjouwerman
Poker players and other human lie detectors look for “tells,” that is, a sign by which someone might unwittingly or involuntarily reveal what they know, or what they intend to do. A ...
Continue Reading

Latest QBot Attacks Use a Mixture of PDF Attachments and Windows Scripting Host Files to Infect Victims

Apr 27, 2023 8:08:22 AM By Stu Sjouwerman
QBot malware seems to be outliving its competitors through innovative new ways to socially engineer victims into helping install it.
Continue Reading

Scammers Impersonate Zelle via the Lure of “Getting Paid” to Get Paid Themselves

Apr 27, 2023 8:08:07 AM By Stu Sjouwerman
A new impersonation scam targets users of the popular pay platform under the guise of the victim having money coming to them and with the goal to obtain Zelle credentials.
Continue Reading

Despite a Majority of Organizations Believing They’re Prepared for Cyber Attacks, Half Were Still Victims

Apr 27, 2023 8:07:48 AM By Stu Sjouwerman
A new survey points to an overconfidence around organization’s preparedness, despite admitting to falling victim to ransomware attacks – in some cases multiple times.
Continue Reading
Subscribe

Search Our Blog


Free Phishing Security Resource Kit

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews