KnowBe4

Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.

More Untrustworthy Ransomware is Bad News for SMBs

The latest from UK insurer Beazley‘s Breach Response Services division shows an increase in ransomware from attackers with little ability to decrypt ransomed data.
Continue Reading

[VIDEO] Brand New KnowBe4 "Behind The Scenes"

Here's some brand new footage about KnowBe4 and how things look behind the scenes ! October 2018, Our Series A Venture Capital investor Elephant Partners asked us if it was OK to shoot ...
Continue Reading

"Inception Attackers" Mix Old Exploit, New Backdoor, and Spear Phishing

SecurityWeek reported about a Palo Alto Networks warning: "A malicious group known as the “Inception” attackers has been using a year-old Office exploit and a new backdoor in recent ...
Continue Reading

Ransomware And RDP: A Dangerous Combination

A new variant of ransomware, CommonRansom, is asking for RDP access to the victim’s computer in order to decrypt files. CommonRansom is the latest attempt to extend the ransomware attack ...
Continue Reading

Tweets from Elon Musk Still Aren't What They Seem

We've seen this before, and it's worth noting again. A tweet from a blue-checked Elon Musk is all it takes to set a Bitcoin giveaway frenzy into motion. The only problem is that it’s just ...
Continue Reading

Having a Cybersecurity Culture Matters (and Pays)

According to ISACA and the CMMI Institute, organizations continue to invest heavily in security technology while neglecting security training to create the appropriate corporate culture.
Continue Reading

Security is a Whole-of-Organization Responsibility

We've blogged about other recent studies of security. They're in substantial agreement. Here's one from Gemalto, and it reports that more than 4.5 billion digital records, each with an ...
Continue Reading

KnowBe4 Announces Competitive Buyout to Combat Ineffective Phishing Training Tools

(Tampa Bay, FL) Nov 7, 2018 -- KnowBe4 is the world's largest new-school security awareness training company with over 21,000 customers. In an aggressive move, KnowBe4 announced a unique ...
Continue Reading

Catphishing or Emotional Terrorism or Both: You Decide

A 65-year-old woman from North Carolina, Roxanne Reed, is in jail for allegedly plotting to kill her mother for the insurance money. Roxanne Reed had swallowed a catphishing scam, one in ...
Continue Reading

Are Your Compliance, Risk, And Audit Projects Taking Up Too Much Of Your Time?

You told us you have challenging compliance requirements, not enough time to get audits done, and keeping up with risk assessments is a continuous problem.
Continue Reading

CSO: Users Pose the Greatest Security Risk

The latest data from CSO’s 2018 U.S. State of Cybercrime report highlights the risk users create, and how little organizations are doing to address it.
Continue Reading

SEO Poisoning + Midterm Elections = Cybercriminals Paradise

Compromised websites focused on tomorrow’s midterm elections serve as the hunting ground for cybercriminals looking to take advantage of unsuspecting visitors.
Continue Reading

Most Americans Can be Fooled by Fake Election Emails

The average American cannot reliably distinguish between fake and legitimate election campaign emails, according to a study by Valimail. In the weeks leading up to the US midterm ...
Continue Reading

Scam Of The Week: Fortnite And League of Legends Phishing Attacks

This is an excellent opportunity to sit down with your young'uns and explain the risks of online scams.
Continue Reading

Money Mules: How A Data Breach Turns Into Cash

Cybercriminals don’t want to be caught, so after a data breach, they use unsuspecting people as “mules” to launder money using a sophisticated shipping scam.
Continue Reading

New Stuxnet Variant Allegedly Struck Iran

Our friends at Malwarebytes reported that a malware strain similar in nature to Stuxnet—but more aggressive and sophisticated—allegedly hit the infrastructure and strategic networks in ...
Continue Reading

The Pesky Password Problem: Battle of the Red and Blue Team featuring Kevin Mitnick [LIVE WEBINAR]

What really makes a “strong” password? And why are your end-users tortured with them in the first place? How do hackers crack your passwords with ease? And what can/should you do about ...
Continue Reading

Successful Pretexting Attacks Have Nearly Tripled since 2017

Pretexting attacks are a growing threat to organizations, warn Chris Tappin and Simon Ezard from the Verizon Threat Research Advisory Centre. Verizon’s 2018 Digital Breach Investigation ...
Continue Reading

Phishing Scam Is Targeting League of Legends Players

A phishing scam is using fake login pages to target League of Legends players, according to Avast Blog. At the moment, the attacks are taking place primarily in western Europe, mainly ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews