Despite a Majority of Organizations Believing They’re Prepared for Cyber Attacks, Half Were Still Victims

Apr 27, 2023 8:07:48 AM By Stu Sjouwerman

A new survey points to an overconfidence around organization’s preparedness, despite admitting to falling victim to ransomware attacks – in some cases multiple times.

Organizations Have No Idea of a Data Breach’s Root Cause in 42% of Reported Cases

Apr 27, 2023 8:07:38 AM By Stu Sjouwerman

New data shows how poorly organizations are at identifying – let alone removing – an attacker's foothold, putting themselves at continued risk of further attacks and data breaches.

Recruiting Money Mules

Apr 26, 2023 4:28:05 PM By Stu Sjouwerman

Money mules play a subordinate but important role in the criminal economy. They’re used to move stolen funds around, a low-level version of illicit remittance and money laundering. ...

Fake Meta Tech Support Profiles for Fraud

Apr 26, 2023 8:06:56 AM By Stu Sjouwerman

Researchers at Group-IB have found an extensive campaign in which criminal operators have created a large number of fake Facebook profiles that repost messages in which the scammers ...

CyberheistNews Vol 13 #17 [Head Start] Effective Methods How To Teach Social Engineering to an AI

Apr 25, 2023 9:00:00 AM By Stu Sjouwerman

CyberheistNews Vol 13 #17 | April 25th, 2023 [Head Start] Effective Methods How To Teach Social Engineering to an AI Remember The Sims? Well Stanford created a small virtual world with 25 ...

Another Perspective on ChatGPT's Social Engineering Potential

Apr 24, 2023 3:54:51 PM By Stu Sjouwerman

We’ve had occasion to write about ChatGPT’s potential for malign use in social engineering, both in the generation of phishbait at scale and as a topical theme that can appear in lures. ...

FBI Warns of Sextortion Scams that Yield a New Equally Scam-Like Service: Sextortion Assistance

Apr 21, 2023 3:45:11 PM By Stu Sjouwerman

A FBI bulletin highlights a new twist in the sextortion game: companies claiming to assist with addressing sextortion who use deceptive social engineering tactics to coerce victims into ...

Phishing for Credentials in Social Media-Based Platform Linktree

Apr 21, 2023 8:14:44 AM By Stu Sjouwerman

Social media is designed of course to connect, but legitimate modes of doing so can be abused. One such case of abuse that’s currently running involves Linktree, a kind of meta-medium for ...

More Companies with Cyber Insurance Are Hit by Ransomware Than Those Without

Apr 20, 2023 8:22:15 AM By Stu Sjouwerman

In an interesting twist, new data hints that organizations with cyber insurance may be relying on it too much, instead of shoring up security to ensure attacks never succeed.

OpenAI Transparency Report Highlights How GPT-4 Can be Used to Aid Both Sides of the Cybersecurity Battle

Apr 20, 2023 8:22:08 AM By Stu Sjouwerman

The nature of an advanced artificial intelligence (AI) engine such as ChatGPT provides its users with an ability to use and misuse, potentially empowering both security teams and threat ...

Nearly One-Half of IT Pros are Told to Keep Quiet About Security Breaches

Apr 20, 2023 8:21:59 AM By Stu Sjouwerman

At a time when cyber attacks are achieving success in varying degrees and IT pros are keeping quiet about resulting breaches, there is one specific type of attack that has them most ...

Phishing Email Volume Doubles in Q1 as the use of Malware in Attacks Slightly Declines

Apr 20, 2023 8:21:53 AM By Stu Sjouwerman

New data shows that cybercriminals started this year off with a massive effort using new techniques and increased levels of attack sophistication.

Guarding Against AI-Enabled Social Engineering: Lessons from a Data Scientist's Experiment

Apr 19, 2023 1:26:59 PM By Stu Sjouwerman

The Verge came out with an article that got my attention. As artificial intelligence continues to advance at an unprecedented pace, the potential for its misuse in the realm of ...

That Email Isn’t from the New Jersey Attorney General

Apr 19, 2023 9:07:12 AM By Stu Sjouwerman

Earlier this month, state employees in the US state of New Jersey began receiving emails that falsely represented themselves as originating with the state’s attorney general.

KnowBe4 Named a Leader in the Spring 2023 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR)

Apr 19, 2023 8:00:00 AM By Stu Sjouwerman

We are excited to announce that KnowBe4 has been named a leader in the Spring 2023 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR) for the PhishER platform for ...

[Arm and a Leg] Cyber Insurers Are Worried About The Long-tail Cost of Attacks

Apr 18, 2023 2:43:56 PM By Stu Sjouwerman

[BUDGET AMMO] James Rundle at The Wall Street Journal today published a very interesting article about the long-term costs of cyber attacks and the fact that cyber insurers are getting ...

London NatWest Bank Warns Customers of Alarming Impersonation Scams

Apr 18, 2023 10:08:43 AM By Stu Sjouwerman

National Westminster Bank, the London-based bank familiarly known as NatWest, has warned its customers to be on the alert for emails pretending to be from NatWest, but which in fact are ...

KnowBe4 Named a Leader in the Spring 2023 G2 Grid Report for Security Awareness Training

Apr 18, 2023 9:59:00 AM By Stu Sjouwerman

We are thrilled to announce that KnowBe4 has been named a leader in the latest G2 Grid Report that compares Security Awareness Training (SAT) vendors based on user reviews, customer ...

CyberheistNews Vol 13 #16 [Finger on the Pulse]: How Phishers Leverage Recent AI Buzz

Apr 18, 2023 9:00:00 AM By Stu Sjouwerman

CyberheistNews Vol 13 #16 | April 18th, 2023 [Finger on the Pulse]: How Phishers Leverage Recent AI Buzz Curiosity leads people to suspend their better judgment as a new campaign of ...

Indian Rail Passenger Ticketing Platform Warns of Online Fraud

Apr 17, 2023 11:39:56 AM By Stu Sjouwerman

The Indian Railway Catering and Tourism Corporation (IRCTC), described as “a popular platform used by a significant number of Indians for booking train tickets,” has cautioned users about ...

Security Awareness Training Blog

View Topics