Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

Salesforce Becomes the Latest Platform to Unwittingly Aid Phishing Scammers

Aug 11, 2023 8:21:43 AM By Stu Sjouwerman
Cybercriminals used the legitimacy of Salesforce’s email gateway to bypass security scanners and target Meta customers in an effort to steal Facebook credentials.
Continue Reading

Comcast: 9 out of 10 Attempts to Breach Customer Networks Start with a Phish

Aug 11, 2023 8:21:30 AM By Stu Sjouwerman
The latest data from Comcast Business’ analysis of over 23.5 billion cyber attacks on their business customers shows the importance and role of phishing in attacks.
Continue Reading

AI's Role in Cybersecurity: Black Hat USA 2023 Reveals How Large Language Models Are Shaping the Future of Phishing Attacks and Defense

Aug 10, 2023 2:39:58 PM By Stu Sjouwerman
At Black Hat USA 2023, a session led by a team of security researchers, including Fredrik Heiding, Bruce Schneier, Arun Vishwanath, and Jeremy Bernstein, unveiled an intriguing ...
Continue Reading

Black Hat: "Five cyber phases of Russia's hybrid war"

Aug 10, 2023 11:44:01 AM By Stu Sjouwerman
The Cyberwire reported: "Victor Zhora, deputy chairman and chief digital transformation officer at Ukraine's State Service of Special Communication and Information Protection (SSSCIP) ...
Continue Reading

Australians Reporting Alarming Number of Losses to Vishing and Smishing Scams

Aug 9, 2023 3:54:27 PM By Jacqueline Jayne
We know that scam calls (aka vishing) and scam SMSs (aka smishing) are out of control, and for most unaware Australians, they continue to cause pain and suffering. According to the ...
Continue Reading

Record ¥3 bil stolen via phishing in Japan in 1st half of 2023

Aug 9, 2023 3:17:32 PM By Stu Sjouwerman
A record 2,322 scams in Japan to steal internet banking IDs and passwords have resulted in unauthorized money transfers totaling a record of around 3 billion yen ($21 million) in the ...
Continue Reading

Wordfence Becomes the Latest Brand to be Impersonated Putting 800 Million Sites at Risk

Aug 9, 2023 1:55:27 PM By Stu Sjouwerman
With its wide use and trusted state among Wordpress developers and website admins, a new campaign impersonating the website security brand could put hundreds of millions of websites at ...
Continue Reading

New PCI Password Requirements Could Be the Impetus for Credential Harvesting Scams

Aug 9, 2023 1:55:02 PM By Stu Sjouwerman
As the retirement countdown for the current version of PCI is now less than six months, a new standard for password length, complexity, and change frequency may create some risk.
Continue Reading

Scammers Exploit Twitter’s Transition to “X”

Aug 9, 2023 1:54:50 PM By Stu Sjouwerman
Scammers are taking advantage of Twitter’s rebranding to “X,” according to Stephanie Adlam at Gridinsoft. A phishing campaign is targeting Twitter Blue users by telling them they need to ...
Continue Reading

KnowBe4’s Interactive Phishing Analysis Center: Keep Your Finger On The Pulse

Aug 8, 2023 1:50:55 PM By Stu Sjouwerman
As a security awareness practitioner, keeping your pulse on industry - and geographical - benchmarking data and best practices is always a good way to measure your organization’s security ...
Continue Reading

Most Organizations Using Weak Multifactor Authentication

Aug 8, 2023 10:10:03 AM By Stu Sjouwerman
Most organizations are still using weak forms of multi-factor authentication (MFA), a survey by Nok Nok has found. These forms of MFA can be bypassed if an employee falls for a social ...
Continue Reading

CyberheistNews Vol 13 #32 [HEADS UP] Google's Huge Inactive Account Deletion - What You Need to Know

Aug 8, 2023 9:00:00 AM By Stu Sjouwerman
Continue Reading

5 Intriguing Ways AI Is Changing the Landscape of Cyber Attacks

Aug 8, 2023 8:36:07 AM By James McQuiggan
In today's world, cybercriminals are learning to harness the power of AI. Cybersecurity professionals must be prepared for the current threats of zero days, insider threats, and supply ...
Continue Reading

[INFOGRAPHIC] Q2 2023 Top-Clicked Phishing Test Results Favor HR-Related Subjects

Aug 8, 2023 8:00:00 AM By Stu Sjouwerman
KnowBe4's latest reports on top-clicked phishing email subjects have been released for Q2 2023. We analyze 'in the wild' attacks reported via our Phish Alert Button, top subjects globally ...
Continue Reading

GitHub Warns of Social Engineering Campaign Targeting Employees in the Technology Industry

Aug 7, 2023 10:09:34 AM By Stu Sjouwerman
A few weeks ago, GitHub posted on their blog a recent security alert that should have any organization in the tech industry worried.
Continue Reading

Fraud Masquerades as Anti-Fraud

Aug 7, 2023 9:54:59 AM By Stu Sjouwerman
Many of us have received a phone call or other notification from a credit card company telling us that they’ve detected suspicious activity on our card. Was it us? Did we just spend $500 ...
Continue Reading

Data Theft Extortion Attacks Rise 25 Percent in Just One Quarter and Take Top Attack Spot

Aug 7, 2023 7:39:14 AM By Stu Sjouwerman
A recap of Q2 from Cisco Talos’ incident response services provides insight into exactly what kinds of attacks are being seen in the field, and what kinds of attacks you need to be ...
Continue Reading

Vendor Email Compromise Attacks Use the Same Playbook for Multiple Attacks

Aug 7, 2023 7:39:10 AM By Stu Sjouwerman
Seeking very large paydays, Vendor Email Compromise (VEC) threat actors are finding out what works and repurposing their content and processes to increase chances of seeing a massive ...
Continue Reading

Phishing Attacks Continue to Use Attachments as HTML Files Containing Java Dominate

Aug 7, 2023 7:39:05 AM By Stu Sjouwerman
As traditional phishing attack attachment types like Office documents dwindle in use, threat actors look for new effective ways to use email as a delivery medium to launch an attack.
Continue Reading

[New Product] Supercharge Your Anti-Phishing Defense with KnowBe4’s PhishER Plus!

Aug 7, 2023 7:00:00 AM By Stu Sjouwerman
Staying one step ahead of cybercriminals is absolutely vital in today’s threat landscape. That's why we're thrilled to introduce PhishER Plus, a revolutionary product from KnowBe4 that ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews