Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Mobile Device Usage Have Led to Security Incidents in Nearly Half of Organizations

The shift in devices used by today’s workforce has resulted in increases in cybersecurity concerns and incidents, despite a majority of orgs with defined BYOD programs in place.
Continue Reading

CyberheistNews Vol 12 #13 [Heads Up] Published Zelenskyy Deepfake Video Demonstrates the Modern War is Online

[Heads Up] Published Zelenskyy Deepfake Video Demonstrates the Modern War is Online   Email not displaying? | View Knowbe4 Blog   CyberheistNews Vol 12 #13  |   Mar. 29th., 2022 [Heads ...
Continue Reading

Email Conversation Hacking to Distribute Malware

Researchers at Intezer warn that attackers are hijacking email conversations to distribute the IcedID banking Trojan. This technique makes the phishing emails appear more legitimate and ...
Continue Reading

KnowBe4 and Okta Update

To start off, we do not use Okta in any of our products.
Continue Reading

Making Better Push-Based MFA

I used to be a huge fan of Push-Based Multifactor Authentication (MFA), but real-world use has shown that most of today’s most popular implementations are not sufficiently protective ...
Continue Reading

Buy Now, Pay Later Scams

Fraudsters are taking advantage of the buy-now, pay-later (BNPL) payment model, according to Jim Ducharme, COO of Outseer. On the CyberWire’s Hacking Humans podcast, Ducharme explained ...
Continue Reading

WIRED: "A Mysterious Satellite Hack Has Victims Far Beyond Ukraine"

WIRED wrote: "More than 22,000 miles above Earth, the KA-SAT is locked in orbit. Traveling at 7,000 miles per hour, in sync with the planet’s rotation, the satellite beams high-speed ...
Continue Reading

Fidelity: "Why cybersecurity is material to all industries"

Fidelity just published an article titled "Cybersecurity: A growing risk". They note that the threat of Russian cyberattacks highlights vulnerabilities across industries. I'm quoting a ...
Continue Reading

Repertoire of Ukraine Charity Phishing Scams

Scammers continue to exploit the crisis in Ukraine, according to researchers at Bitdefender. Over the past week, the researchers believe the fraudsters have adjusted their tactics in ...
Continue Reading

Initial Access Broker Group Relies on Social Engineering

Google’s Threat Analysis Group (TAG) describes a cybercriminal group it calls “EXOTIC LILY” that acts as an initial access broker for numerous financially motivated threat actors, ...
Continue Reading

Try the New Compliance Audit Readiness Assessment Today for the SSAE18 Framework

When it's time to complete a compliance audit, are you thinking, "Ugh, is it that time again?" And, as more organizations demand proof that  their data is protected in the cloud, keeping ...
Continue Reading

Number of Phishing Attacks Hits an All-Time High in 2021, Tripling That of Early 2020

New data from the Anti-Phishing Working Group shows cybercriminals are stepping on the gas, focusing phishing attacks on credential theft and response-based scams.
Continue Reading

Phishing Attack-Turned-Wire Fraud Case Sees a Win for the Policyholder

In an unusual turn of events, a recent court decision sided with the policyholder, despite specific policy language that probably should have favored the insurer.
Continue Reading

QakBot Banking Trojan Evolves and Now Takes Over Email Conversations to Spread Malware

As if stealing all your credentials, cookies, and email wasn’t bad enough, this new version of QakBot inserts itself into your emails, impersonating you to gain access to more victims.
Continue Reading

Phishing Scam with Fraudulent Invoice Costs City of Fresno Over $600,000

This simple invoice scam appears to be a part of a much broader campaign targeting municipalities, posing as existing subcontractors.
Continue Reading

Exploiting Trust in reCAPTCHA

Researchers at Avanan warn that attackers are using reCAPTCHAs on their phishing sites to avoid detection by security scanners.
Continue Reading

Published Zelenskyy Deepfake Video Demonstrates the Modern War is Online

The video uploaded to a hacked Ukrainian news website shows how far the technology has come, how it can be used in social engineering, as well as how the tech still needs to improve.
Continue Reading

SMBs Are 350% More Likely to Experience Social Engineering Attacks Via Phishing

New data shows phishing, social engineering, and impersonation dominate as cybercriminals are becoming more frequent and successful with their attacks.
Continue Reading

CyberheistNews Vol 12 #12 [New White House Alert] Train Your Users Against Threat of Russian Cyberattacks

[New White House Alert] Train Your Users Against Threat of Russian Cyberattacks   Email not displaying? | View Knowbe4 Blog   CyberheistNews Vol 12 #12  |   Mar. 22nd., 2022 [New White ...
Continue Reading

[BREAKING] White House warns Russia is prepping possible cyberattacks against US

With the recent cyber-attacks between Russia and Ukraine and the current intelligence coming from the US Government, organizations want to shore up their defenses to reduce the risk of a ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews