Human Risk Management Blog

Why KB4-CON EMEA 2025 Should Be Your Must-Attend Cybersecurity Conference This October

As cyber threats continue to evolve at breakneck speed, staying ahead of the curve isn't just important, it's essential.

Building Trust in AI: KnowBe4's Journey Toward ISO 42001 Certification

At KnowBe4, everything we do is built on a foundation of innovation and trust. As we bring more artificial intelligence (AI) into our human risk management platform, we believe it’s ...

Get Your Game On! 3 Ways to Use the 2025 Cybersecurity Awareness Month Resource Kit

The calendar has flipped into October, so now it’s time to let the Cybersecurity Awareness Month games begin!

Going DEEP: A Simple Framework for a Complex Problem

In our previous blog post, we discussed the behavioral science behind why people click on malicious links.

CyberheistNews Vol 15 #39 [Watch Your Back] Why Your Security Strategy Needs a Human Upgrade Now

The 3 Biggest Email Security Challenges Facing Legal Organizations

Law firms really are under constant pressure to meet tight deadlines, maintain client confidentiality and protect privileged communications.

The Behavioral Science Behind the Click

Welcome back. In our last blog post, we talked about the great divide between tech-focused and people-focused security.

New AI-Driven Phishing Platform Automates Attack Campaigns

Researchers at Varonis warn of a new phishing automation platform called “SpamGPT” that “combines the power of generative AI with a full suite of email campaign tools.”

Attackers Use AI Development Tools to Craft Phony CAPTCHA Pages

Attackers are abusing AI-powered development platforms like Lovable, Netlify and Vercel to create and host captcha challenge websites as part of phishing campaigns, according to ...

Attackers Abuse Google’s AppSheet to Send Phishing Emails

Hackread reports that attackers are abusing Google’s AppSheet platform to send phishing emails.

CyberheistNews Vol 15 #38 Why Does Protecting AI Agents Need To Be Status Quo?

Why Your Security Strategy Needs a Human Upgrade

Let’s be brutally honest. For years, our industry has been locked in a civil war. In one camp, the technologists have been building higher walls and smarter traps, arguing that the right ...

North Korean Hackers Target Job Seekers With ClickFix Attacks

North Korean hackers behind the “Contagious Interview” campaign are using the ClickFix social engineering tactic to target job seekers with phony employment offers, according to ...

AI-Assisted Phishing Attacks Are an Increasingly Serious Threat

AI-assisted phishing attacks pose a significant and increasing threat to organizations, according to Matt Weidman, partner and vice president of Commercial Property & Casualty at ...

CyberheistNews Vol 15 #37 [New Report] Shadow AI Threats Are Increasing. Here's How to Spot Them

Training AI Agents Will Be Status Quo

Protecting humans means protecting the tools humans use.

Report: AI-Powered Phishing Fuels Ransomware Losses

AI-powered social engineering attacks are significantly more successful than traditional attacks, according to a new report from cyber risk management firm Resilience.

Phishing Campaign Abuses iCloud Calendar Invites

Attackers are abusing iCloud Calendar invites to send phishing messages that pose as PayPal notifications, BleepingComputer reports. Since the messages are sent from Apple’s ...

FBI Issues Guidance for Avoiding Deepfake Scams

The FBI and the American Bankers Association (ABA) have issued a joint advisory warning of the growing threat posed by AI-generated deepfake scams.

PayPal Scam From PayPal

One of the most common human risk management recommendations is for users to hover over URL links of unexpected messages to see if the involved DNS domain is legitimate or not for the ...