Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

KnowBe4 Earns 2020 Top Rated Award from TrustRadius

Sep 29, 2020 8:27:43 AM By Stu Sjouwerman
We are proud to announce that TrustRadius has recognized KnowBe4 with a 2020 Top Rated Award.
Continue Reading

Phishing Campaign Goes After AT&T Employees’ MFA Codes

Sep 29, 2020 8:22:37 AM By Stu Sjouwerman
A phishing campaign is targeting AT&T employees and contractors with a well-crafted fake login page, according to Luke Leal at Sucuri. The phishing page is a near-exact replica of AT&T ...
Continue Reading

Organizations Working From Home Opens Wider Target for Cybercriminals

Sep 28, 2020 8:28:57 AM By Stu Sjouwerman
With so many people working from home, more attackers are adapting their strategies to focus on employees as a way to bypass organizations’ defenses, FCW reports. During a webcast hosted ...
Continue Reading

Chinese Antivirus Vendor Tied to Part of a Decade-Long Hacking Spree

Sep 24, 2020 11:04:01 AM By Stu Sjouwerman
Members of the hacking group “Apt41” were charged by the U.S. Department of Justice for hacking more than 100 victims globally with one of its members running AV vendor Anvisoft.
Continue Reading

Cyberattacks Targeting State and Local Government Increase by 50%

Sep 24, 2020 11:00:25 AM By Stu Sjouwerman
State, local, tribal, and territorial government agencies and municipalities are under attack. Observations and data from security vendor BlueVoyant highlight the attacks and the results.
Continue Reading

60% of the US Workforce Will Be Working Remotely by 2024 (and That’s a Problem)

Sep 24, 2020 10:57:20 AM By Stu Sjouwerman
The latest data from analyst firm IDC shows massive growth in the remote workforce in the coming years – something that puts organizations at greater risk for a cyberattack.
Continue Reading

Tribune Publishing apologizes for fake bonus offer in phishing-simulation email

Sep 24, 2020 10:29:04 AM By Stu Sjouwerman
Yesterday at the end of the day, I was called by our PR team who got alerted by tech support about a Twitter post that was going viral. Turns out a custom phishing test created by one of ...
Continue Reading

Abusing App Engine to Automate Phishing

Sep 24, 2020 8:30:09 AM By Stu Sjouwerman
Attackers can abuse a feature in Google App Engine to generate unlimited phishing URLs, BleepingComputer reports. Security researcher Marcel Afrahim found that App Engine URLs that ...
Continue Reading

Which Users in Your Organization Put You at Risk?

Sep 24, 2020 7:00:00 AM By Stu Sjouwerman
October is National Cybersecurity Awareness Month, so it's a perfect time to fortify your human firewall. Start by identifying which users may be putting your organization at risk before ...
Continue Reading

KnowBe4 Receives a 2020 Tech Cares Award

Sep 23, 2020 11:24:32 AM By Stu Sjouwerman
Sticking to our values continues to pay off, as we have recently received a Tech Cares award from TrustRadius. This is a brand-new award crafted to celebrate organizations that have ...
Continue Reading

Five Alarming Approaches to Extortion

Sep 23, 2020 8:30:10 AM By Stu Sjouwerman
People should familiarize themselves with common forms of extortion in order to avoid falling victim to these attacks, according to Amer Owaida at ESET. Ransomware might be the most ...
Continue Reading

Credential Stuffing to Stuff the Ballot Box

Sep 22, 2020 10:20:17 AM By Stu Sjouwerman
Advanced nation-state actors and petty criminals are both leveraging credential-stuffing attacks to hack into victims’ accounts, according to Byron Acohido, writing for Avast. Rather than ...
Continue Reading

CyberheistNews Vol 10 #39 CrowdStrike: "More Cyberattacks in the First Half of 2020 Than in All of 2019"

Sep 22, 2020 9:29:36 AM By Stu Sjouwerman
Continue Reading

[On-Demand] The Critical Need to Improve Your Compliance Processes

Sep 22, 2020 7:00:00 AM By Stu Sjouwerman
You know that compliance is an important requirement but can also be time-consuming and fraught with risk. Still, most organizations have not implemented the processes and tools necessary ...
Continue Reading

Credential Stuffing Used Against Financial Services

Sep 21, 2020 8:27:15 AM By Stu Sjouwerman
A security alert from the FBI warns that hackers are launching credential-stuffing attacks against organizations in the financial sector, ZDNet reports.
Continue Reading

[On-Demand] Your Organization Through the Eyes of an Attacker

Sep 21, 2020 7:00:00 AM By Stu Sjouwerman
The bad guys are out there, watching and waiting for an opportunity to strike. They are gathering information about your organization and users, devising the perfect plan to infiltrate ...
Continue Reading

[Announcement] KnowBe4 ModStore: New Series "Security Snapshots" from Twist & Shout

Sep 19, 2020 9:58:36 AM By Stu Sjouwerman
They've made you laugh. They've made you cry. You know and love them! Twist & Shout are here once again with a series of 12 stand-alone security micro-dramas! These Security Snapshots are ...
Continue Reading

Bitcoin Millionaire Loses $16 Million to a Compromised Wallet and Simple Social Engineering

Sep 18, 2020 7:01:00 AM By Stu Sjouwerman
This brief tale of misfortune shows how unpatched software and letting your guard down – especially when $16 million is on the line – can be all that’s needed for a successful scam.
Continue Reading

Joint Cybersecurity Advisory Outlines Approaches to Discovering and Remediating Attacks

Sep 18, 2020 7:00:00 AM By Stu Sjouwerman
This newly-released report is the result of a collaborative effort by cybersecurity authorities in Australia, Canada, New Zealand, the United Kingdom, and the United States.
Continue Reading

Beware of Fake Forwarded Phishes

Sep 17, 2020 3:29:13 PM By Roger Grimes
There are many specific, heightened challenges of spear phishing emails coming from compromised, trusted third parties. Trusted third-party phishing emails usually come from the ...
Continue Reading
Subscribe

Search Our Blog


New call-to-action

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews