Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Sharp Increase Of Phishing "From" Dutch Tax Authority

The Dutch Tax Authority saw a sharp increase in reports of phishing emails and text messages made to look like they came from the Tax Authority since the start of the coronavirus crisis. ...
Continue Reading

Maze Ransomware “Cartel” Adds More Ransomware Gangs to its Data Leak Platform

It’s one thing if you’re up against one ransomware cybercriminal group. But what happens when they start acting like the good guys and joining forces?
Continue Reading

Pretexting Defined

Pretexting is a social engineering tactic in which an attacker attempts to gain information, access, or money by tricking a victim into trusting them, according to Josh Fruhlinger at CSO ...
Continue Reading

[HEADS UP] Recent Phishing Attack in Germany Hits Coronavirus Task Force

An ongoing phishing attack has been targeting executives of a company working to provide the German coronavirus task force with protective gear. The company is multinational and more than ...
Continue Reading

The Enduring Threat of Ransomware During COVID-19

Ransomware attacks continue to blight organizations of all sizes and sectors. The number of incidents involving ransomware reported to Beazley Breach Response (BBR) Services in the first ...
Continue Reading

[EXCLUSIVE] Indian Cyber Firm Spied on Investors and Politicians Across the Globe

A little-known Indian IT firm offered its phishing services to help clients spy on more than 10,000 email accounts over a period of seven years.
Continue Reading

Why BEC Punches Above Its Weight

Business email compromise (BEC) attacks are particularly insidious because they don’t use malware payloads or malicious URLs. That’s a reminder from Evan Reiser, CEO and co-founder of ...
Continue Reading

Hurricane Season Means Disaster-Related Scams

June 1 marks the official start of the 2020 Atlantic hurricane season. The Cybersecurity and Infrastructure Security Agency (CISA) warns users to remain on alert for malicious cyber ...
Continue Reading

Security Awareness is the Biggest Security Challenge for Remote Workforces

As the dust from enabling employees to work remotely has settles, new data from security vendor PulseSecure highlights where remote security has been – and still is – a challenge.
Continue Reading

Why People Don't Learn (It's Not Always Their Fault)

IT and security managers often fail to understand how well their employees actually absorb cybersecurity training, according to a survey from Mimecast and Forrester Consulting. The survey ...
Continue Reading

May Content Update: Including New When You Report, We Get Stronger Video Series

Check out new training content added to the KnowBe4 ModStore in the month of May.
Continue Reading

Prediction: Ransomware Attacks to Spike as Employees Return to the Office

Because of the nature of ransomware attacks and the mass numbers of workers at home, anti-malware vendor Emisoft believes we’re going to see a rise once work returns to normal.
Continue Reading

[HEADS UP] Cybercriminals in Australia Harass Recipients with Abusive Transaction Descriptions on Bank Statements

There are bad guys in Australia that have given away money in order to use social engineering and harass people with abusive transaction descriptions that appear in online banking ...
Continue Reading

[BEWARE] New Report on Doxxing Exposes Cybercriminal Trends

A new threat intelligence report on doxxing, researched by cybersecurity experts at Kivu, reveals that the majority of attacks occur in the U.S., with companies in the consumer sector ...
Continue Reading

[HEADS UP] More Australian Companies Hit By Mespinoza/Pysa Ransomware

Two more Australian companies have been hit by attackers using the Mespinoza/Pysa Windows ransomware, the same malware that was used to take down the Australian money management firm ...
Continue Reading

Excel Macros Bypass Your Filters and Slip in Malware Payloads

Researchers at Lastline warn that attackers are increasingly utilizing Excel 4[.]0 macros to deliver malware while avoiding detection by security products. Excel 4[.]0 (XL4) macros were ...
Continue Reading

Combatting Rogue URL Tricks: How You Can Quickly Identify and Investigate the Latest Phishing Attacks

Don't click phishy links. Everyone knows that. But are your end users prepared to quickly identify today's tricky tactics being used by the bad guys? Probably not. Cybercriminals have ...
Continue Reading

Remote Work Isn’t Good for Corporate Security (Part 2): 30% of Organizations Have Been the Victim of Phishing Scams Since the Lockdown

Lots of new data is now just coming out of the woodwork demonstrating some of the harsh realities of having employees work from home without proper security in place.
Continue Reading

Remote Work Isn’t Good for Corporate Security (Part 1): 6 in 10 Employee’s Online Accounts Have Been Compromised Since Working Remotely

Working from home has its advantages. But, according to new data, one of them isn’t keeping the organization secure.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews