Infostealer Threat Group “Marko Polo” Evolving Into an “Empire”

Oct 4, 2024 3:37:40 PM By Stu Sjouwerman

New research by Recorded Future provides insight into how advanced and sophisticated the threat group Marko Polo has become since launching in 2022.

Cybercriminal Gang Targeting SMBs Using Business Email Compromise

Oct 3, 2024 11:58:20 AM By Stu Sjouwerman

Researchers at Todyl have published a report on a major cybercriminal group that’s conducting business email compromise (BEC) attacks against small and medium-sized businesses. Todyl ...

Don’t Put Real Answers Into Your Password Reset Questions

Oct 3, 2024 11:58:15 AM By Roger Grimes

This recent article on how a hacker used genealogy websites to help better guess victims' password reset answers made it a great time to share a suggestion: Don’t answer password reset ...

New VPN Credential Attack Goes to Great Lengths to Obtain Access

Oct 3, 2024 11:58:12 AM By Stu Sjouwerman

A new “so-phish-ticated” attack uses phone calls, social engineering, lookalike domains, and impersonated company VPN sites to gain initial access to a victim network.

The U.K.'s NCSC and U.S. FBI Warn of Iranian Spear-Phishing Attacks

Oct 2, 2024 3:10:00 PM By Stu Sjouwerman

The U.K.’s National Cyber Security Centre (NCSC) and the U.S. FBI have released an advisory warning of Iranian state-sponsored spear-phishing attacks targeting “individuals with a nexus ...

Dick’s Sporting Goods Cyber Attack Underscores Importance of Email Security and Internal Controls

Oct 2, 2024 3:09:58 PM By Stu Sjouwerman

The recent cyber attack on Dick's Sporting Goods makes it clear that email played a critical role and emphasizes the need for better security controls.

From Desire Paths to Security Highways: Lessons from Disney's Approach to User-Centric Design

Oct 2, 2024 3:09:55 PM By Javvad Malik

When Walt Disney first unveiled the Magic Kingdom, he made a decision that would revolutionize theme park design - and inadvertently offer a valuable lesson for cybersecurity ...

[Wake-Up Call] Senator Falls Victim to Deepfake Scam—Are Your Users Next?

Oct 1, 2024 1:56:14 PM By Stu Sjouwerman

When technology blurs the lines between reality and fiction, a recent incident involving U.S. Senator Ben Cardin serves as a stark reminder of the growing threat posed by deepfake scams.

Threat Actors Behind MFA Bypass Service ‘OTP Agency’ Plead Guilty to Fraud

Oct 1, 2024 1:56:11 PM By Stu Sjouwerman

The criminal prosecution of the threat actors behind the "OTP Agency" has highlighted an ingenious new tactic that cybercriminals can use to bypass multi-factor authentication.

New Survey Shows 40% of Respondents Never Received Cybersecurity Training From Their Employer

Oct 1, 2024 1:56:07 PM By Stu Sjouwerman

Yubico has published a survey of 20,000 people from 10 countries around the world, finding that 40% of respondents have never received cybersecurity training from their employer.

[Cybersecurity Awareness Month] Responding to Cyber Incidents the ‘Inside Man’ Way: Fiona's Approach

Oct 1, 2024 8:00:00 AM By Anna Collard

In a world where cybersecurity incidents are no longer a matter of if they will happen, but when, having a solid incident response plan is a critical component of cyber resilience and ...

The Number of Ransomware Attacks Around the World Increased by 73% in 2023

Sep 30, 2024 3:37:13 PM By Stu Sjouwerman

The number of ransomware attacks around the world increased by 73% in 2023, according to a new report by the Institute for Security and Technology’s Ransomware Task Force (RTF). These ...

CyberheistNews Vol 14 #40 Online Scams Shorten Their Cycles 58% And Make More Money

Sep 30, 2024 8:00:00 AM By Stu Sjouwerman

Your KnowBe4 Compliance Plus Fresh Content Updates from September 2024

Sep 30, 2024 8:00:00 AM By Stu Sjouwerman

Check out the September updates in Compliance Plus so you can stay on top of featured compliance training content.

Scammers Use QR Code Stickers to Target UK Motorists

Sep 27, 2024 11:17:01 AM By Stu Sjouwerman

Netcraft warns that scammers are posting QR code stickers on parking meters in the UK and other European countries.

From Tetris to Minecraft: The Evolution of Security Awareness into Human Risk Management

Sep 27, 2024 11:16:58 AM By Javvad Malik

Once upon a time, security awareness training resembled a never-ending game of Tetris. Threats cascaded down, demanding swift action and strategy, only to speed up until we inevitably ...

Your KnowBe4 Fresh Content Updates from September 2024

Sep 27, 2024 8:00:00 AM By Stu Sjouwerman

Check out the 40 new pieces of training content added in September, alongside the always fresh content update highlights, events and new features.

The AI Revolution: Balancing Innovation and Ethics in the Age of Intelligent Technology

Sep 25, 2024 1:54:52 PM By Sanet Kilian

Artificial intelligence (AI) is revolutionizing most, if not all, industries worldwide. AI systems use complex algorithms and large datasets to analyze information, make predictions and ...

Election-Themed Phishing Threats Are on the Rise

Sep 25, 2024 1:54:49 PM By Stu Sjouwerman

Researchers at ReliaQuest have published a report looking at cyber threats surrounding the upcoming US presidential election, warning that election-related phishing will continue to ...

[WTH?] Critical Vulnerabilities in Automated Tank Gauges. This Is Not OK.

Sep 25, 2024 9:58:54 AM By Stu Sjouwerman

A new wave of concern has surfaced around the security of Automated Tank Gauges (ATGs), critical systems that monitor and manage liquid levels in storage tanks at facilities like oil ...

Security Awareness Training Blog

View Topics