Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

The World Premiere of The Inside Man - Season 6 in St. Petersburg, Florida

KnowBe4, the leading platform for security awareness training, is excited to bring the award-winning original series, "The Inside Man,” back to your screens with more excitement, drama, ...
Continue Reading

Phishing Attacks Exploit Microsoft Visio Files and SharePoint

Threat actors are exploiting Microsoft Visio files and SharePoint to launch two-step phishing attacks, according to researchers at Perception Point.
Continue Reading

Half of all Ransomware Attacks This Year Targeted Small Businesses

New data shows just how crippling ransomware has been on small businesses that have fallen victim to an attack and needed to pay the ransom.
Continue Reading

[World Premiere] KnowBe4 Debuts New Season 6 of Netflix-Style Security Awareness Video Series - “The Inside Man”

We’re thrilled to announce the long-awaited sixth season of the award-winning KnowBe4 Original Series - “The Inside Man” is now available in the KnowBe4 ModStore!
Continue Reading

Fortifying Defenses Against AI-Powered OSINT Cyber Attacks

In the ever-evolving landscape of cybersecurity, the convergence of Artificial Intelligence (AI) and Open-Source Intelligence (OSINT) has created new opportunities for risk.
Continue Reading

Criminal Threat Actor Uses Stolen Invoices to Distribute Malware

Researchers at IBM X-Force are tracking a phishing campaign by the criminal threat actor “Hive0145” that’s using stolen invoice notifications to trick users into installing malware.
Continue Reading

Nation-State Threat Actors Rely on Social Engineering First

A new report from ESET has found that most nation-state threat actors rely on spear phishing as a primary initial access technique.
Continue Reading

Step-by-Step To Creating Your First Realistic Deepfake Video in a Few Minutes

Learn how to step-by-step create your first realistic deepfake video in a few minutes.
Continue Reading

[FREE RESOURCE KIT] Stay Cyber Safe this Holiday Season with Our Free 2024 Resource Kit!

Isn’t it typical for bad actors to strike when we’re distracted and busy during this time of year?
Continue Reading

Criminals Use Search Engine Poisoning to Boost Phishing Pages

Researchers at Malwarebytes warn that cybercriminals are using search engine poisoning to boost phishing pages to the top of Bing’s search results.
Continue Reading

Recon 2.0: AI-Driven OSINT in the Hands of Cybercriminals

Cybercriminals are using artificial intelligence (AI) and generative AI in open source intelligence (OSINT) activities to target your organization with supercharged reconnaissance efforts.
Continue Reading

[Eye Opener] Attackers Don’t Hack, They Log In. Can You Stop Them?

The latest trend in cybercrime is that attackers don't really focus on “hacking” in; they’re logging in.
Continue Reading

Phishing Campaign Impersonates OpenAI To Collect Financial Data

Cybercriminals are impersonating OpenAI in a widespread phishing campaign designed to trick users into handing over financial information. The emails inform users that a payment for their ...
Continue Reading

The Deceptive Media Era: Moving Beyond "Real vs. Fake"

As society grapples with the rapid advancement of AI and synthetic media, we've been asking the wrong question. The focus on whether content is "real or fake" misses the more crucial ...
Continue Reading

Attackers Abuse DocuSign to Send Phony Invoices

Threat actors are abusing DocuSign’s API to send phony invoices that appear “strikingly authentic,” according to researchers at Wallarm.
Continue Reading

[Last Chance] KB4-CON APJ Cybersecurity Event is in 10 Days

Tick tock, the countdown is on! KB4-CON APJ starts in just 10 days, and you still have time to register!
Continue Reading

BlackBasta Ransomware Gang Uses New Social Engineering Tactics To Target Corporate Networks

ReliaQuest warns that the BlackBasta ransomware gang is using new social engineering tactics to obtain initial access within corporate networks.
Continue Reading

Attackers Abuse Eventbrite to Send Phishing Emails

Attackers are abusing Eventbrite’s scheduling platform to send phishing emails, according to researchers at Perception Point. These attacks increased by 900% between July and October 2024.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews