Open-Source Intelligence (OSINT): Learn the Methods Bad Actors Use to Hack Your Organization

Oct 4, 2023 10:55:26 AM By Stu Sjouwerman

They are out there, watching and waiting for an opportunity to strike; the bad actors who have carefully researched your organization in order to set the perfect trap using easily found ...

[Cybersecurity Awareness Month] Spoofy Steve's Business Email Compromise Scams You Need to Watch Out For

Oct 4, 2023 9:13:04 AM By Roger Grimes

Like a ghost, most business email compromise (BEC) scams are able to sneak through most technical defenses and end up in end-user inboxes.

Generative AI and the Automation of Social Engineering Increasingly Used By Threat Actors

Oct 3, 2023 10:43:44 AM By Stu Sjouwerman

Threat actors continue to use generative AI tools to craft convincing social engineering attacks, according to Glory Kaburu at Cryptopolitan.

[HEADS UP] Aurora Police Department Warns of Contactless Payment Processors Scams

Oct 3, 2023 10:31:37 AM By Stu Sjouwerman

If you didn't trust contactless payment processors before, you really won't after hearing about this recent scam.

CyberheistNews Vol 13 #40 Why BJ Fogg and Daniel Kahneman Are Big Security Pro Must-Knows

Oct 3, 2023 9:00:00 AM By Stu Sjouwerman

Lazarus Attack on Spanish Aerospace Company Started with Messages from Phony Meta Recruiters

Oct 2, 2023 12:29:11 PM By Stu Sjouwerman

A recent attack on an undisclosed Spanish aerospace company all started with messages to the company's employees that appeared to be coming from Meta recruiters, via LinkedIn Messaging. ...

New SMS Phishing Campaign Impersonating The US Postal Service

Oct 2, 2023 10:45:00 AM By Stu Sjouwerman

DomainTools is tracking an increase in SMS phishing (or “smishing”) campaigns impersonating the US Postal Service (USPS). The text messages inform recipients that there’s a problem with ...

Security Awareness Is Dead. Long Live Security Awareness

Sep 29, 2023 4:47:31 PM By Martin Kraemer

Our actions determine outcomes, not our thoughts, our knowledge, or our intentions.

Your KnowBe4 Fresh Content Updates from September 2023

Sep 29, 2023 9:00:00 AM By Stu Sjouwerman

Check out the 66 new pieces of training content added in September, alongside the always fresh content update highlights, events and new features.

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

Sep 29, 2023 8:00:00 AM By Stu Sjouwerman

Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.

[Heads Up] China Invests Billions in Huge Global Disinformation Campaign

Sep 28, 2023 4:32:02 PM By Stu Sjouwerman

Dustin Volz from the WSJ dropped a huge scoop today. This is rocket fuel infosec budget ammo I would send to my C-suite in a New York minute. They said: "Fake authors, bot armies and ...

Ransomware Now Considered a “Crisis” in the Financial Services Sector

Sep 28, 2023 4:20:16 PM By Stu Sjouwerman

A recent panel discussion of banking CISOs and experts at the SIBOS conference focused on the current state of ransomware and what institutions should do to protect themselves.

It’s Official – Generative AI Has Made Phishing Emails Foolproof

Sep 28, 2023 4:20:04 PM By Stu Sjouwerman

The most basic use of tools like ChatGPT to script out professional-looking emails has all but eliminated improperly written content as an indicator of a potential phishing scam.

Threat Group UNC3944 Continues to See Success Using Text-Based Social Engineering

Sep 28, 2023 4:19:51 PM By Stu Sjouwerman

A new update on UNC3944 group's activities shows how they are evolving their focus squarely on SMiShing credential harvesting attacks that result in data theft/extortion attacks.

Pharma Industry Seeing Reduction in Data Breach Costs, But Still Have Much to Do

Sep 28, 2023 4:19:36 PM By Stu Sjouwerman

Insights from IBM’s Cost of a Data Breach Report on the Pharmaceutical Industry shows that while the overall cost has improved, there are clear areas of risk that need to be addressed.

Facebook Messenger Becomes the Delivery Mechanism for Infostealer Malware Attack

Sep 28, 2023 4:19:23 PM By Stu Sjouwerman

Millions of business accounts on Facebook are the target of a new malware attack, which is seeing a success rate of 1 out of 70, causing concern for the security of corporate credentials.

How Zero-Point Fonts in Phishing Emails Make Them Look Safe

Sep 28, 2023 12:56:43 PM By Stu Sjouwerman

Attackers are using zero-point fonts to make phishing emails appear as though they’ve been verified by security scanners, BleepingComputer reports.

Cyber Insurance Claims Increased by 12% in First Half of 2023, Attacks More Frequent and Severe Than Ever

Sep 28, 2023 12:55:44 PM By Stu Sjouwerman

The latest cyber claims report from Coalition, a digital risk insurance provider, finds a 12% increase in cyber insurance claims in the first half of 2023 over the second half of 2022, ...

[Cybersecurity Awareness Month] Frankenphisher – The Monster of Social Engineering Artificial Intelligence

Sep 28, 2023 9:17:54 AM By Martin Kraemer

Imagine an artificial intelligence (AI) system developed by a mad scientist to leverage the full capabilities of Large-Language-Models (LLM).

[HEADS UP] If You're a LastPass User, You May be the Next Phishing Email Target

Sep 28, 2023 9:17:38 AM By Stu Sjouwerman

Cybercriminals are not holding back on LastPass users as a new phishing campaign has recently launched with the intent to steal your data.

Security Awareness Training Blog

View Topics