Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

CyberheistNews Vol 13 #03 [Eye Opener] Password Managers Can Be Hacked Lots of Ways and Yes, You Should Still Use Them

Jan 17, 2023 9:00:00 AM By Stu Sjouwerman
Continue Reading

Spear Phishing Campaign Targets Southeast Asia

Jan 17, 2023 8:52:07 AM By Stu Sjouwerman
Researchers at Group-IB are tracking a previously unknown threat actor dubbed “Dark Pink” that’s using spear phishing attacks to target government, military, and religious organizations. ...
Continue Reading

Cybercriminals Mimic Victim Website to Publish Exfiltrated Data on the Public Web

Jan 17, 2023 8:51:59 AM By Stu Sjouwerman
In a new twist, threat actors use a typo squatted domain name to increase the chances that stolen data will be seen by the general public after not being paid the ransom.
Continue Reading

Government, Higher Ed, School Districts, and Healthcare Continue to be Victims of Ransomware Attacks

Jan 17, 2023 8:51:52 AM By Stu Sjouwerman
An analysis of the publicly-accessible data on ransomware attacks shows that these sectors that were a primary target of ransomware in 2021 continued as targets in 2022 to the same degree.
Continue Reading

Cyberinsurer Beazley Introduces a $45M Cyber Catastrophe Bond to Offset Risk

Jan 17, 2023 8:51:45 AM By Stu Sjouwerman
In a move designed to protect the insurer and allow for more cyber policies to be issued, this bond is new to cyberinsurance, but not to insurers as a whole.
Continue Reading

KB4-CON 2023 Agenda is Now Available!

Jan 17, 2023 8:40:44 AM By Stu Sjouwerman
Exciting news! We just released our full conference agenda for KB4-CON 2023, happening April 24-26 in Orlando, Florida. We’ve brought back some of your favorite sessions and have some new ...
Continue Reading

Is Your Organization’s Password Complexity Requirement Strong Enough? Probably Not

Jan 17, 2023 8:15:27 AM By Roger Grimes
Is your organization’s password complexity strong enough?
Continue Reading

[INFOGRAPHIC] PhishER by the Numbers

Jan 16, 2023 9:22:16 AM By Stu Sjouwerman
PhishER, KnowBe4’s industry-leading Security Orchestration, Automation and Response (SOAR) platform, takes an otherwise complicated and inefficient threat management workflow and allows ...
Continue Reading

[New Feature] Continuously Monitor for Any Detected Password Vulnerabilities Within Your User Base with PasswordIQ

Jan 16, 2023 9:21:53 AM By Stu Sjouwerman
We’re thrilled to announce that the power of KnowBe4’s most popular free password security tool has been brought to your KnowBe4 console as a new feature!
Continue Reading

Check Point Software: "2022 Saw A Huge Rise In Cyberattacks"

Jan 16, 2023 8:42:12 AM By Stu Sjouwerman
Techradar reported that cyberattacks saw a significant rise in 2022, mostly due to the increase in organizations going virtual to combat the effects of the Covid-19 pandemic, and the rise ...
Continue Reading

[Ache In the Head] The Problems With Your Not-So-Secure Email Gateway

Jan 14, 2023 9:59:24 AM By Stu Sjouwerman
I have been doing some research on Secure Email Gateways. The picture is not that pretty. Below I will summarize what I found.
Continue Reading

[Heads Up] Phishing Attacks Are Now The Top Vector For Ransomware Delivery

Jan 13, 2023 6:57:21 AM By Stu Sjouwerman
Phishing attacks are now the top vector for ransomware delivery, according to researchers at Digital Defense. Phishing emails can be highly tailored to specific employees in order to ...
Continue Reading

Government Workers as Phishing Targets

Jan 12, 2023 8:56:34 AM By Stu Sjouwerman
Government workers are prime targets for social engineering attacks, according to Kaitlyn Levinson at GCN. Attackers use different tactics to target government employees in specific ...
Continue Reading

21% of federal agency passwords cracked in their security audit

Jan 11, 2023 10:38:29 AM By Stu Sjouwerman
Some excellent work here. An internal US Government agency audit showed that a fifth of passwords were easy to crack. Their recently published study showed that hashes for well over ...
Continue Reading

Italian Cybercriminal Pleads Guilty to Phishing for Book Manuscripts

Jan 11, 2023 9:28:06 AM By Stu Sjouwerman
An Italian citizen named Filippo Bernardini has pleaded guilty in New York to stealing more than a thousand unpublished book manuscripts from various well-known authors. The targeted ...
Continue Reading

Password Managers Can Be Hacked Lots of Ways and Yes, You Should Still Use Them

Jan 10, 2023 4:43:49 PM By Roger Grimes
The recent hack (at least 7th) of the LastPass password manager has lots of people wondering if they should use a password manager.
Continue Reading

CyberheistNews Vol 13 #02 [Bad Taste] There Is a New Trend in Social Engineering With a Disgusting Name; 'Pig-butchering'

Jan 10, 2023 9:00:00 AM By Stu Sjouwerman
Continue Reading

The Good, the Bad and the Truth About Password Managers

Jan 9, 2023 10:36:23 AM By Stu Sjouwerman
We strongly recommend that you use a password manager to reduce password reuse and improve complexity, but you may be wondering if it’s really worth the risk. Is it safe to store all of ...
Continue Reading

Phishing in the Service of Espionage

Jan 9, 2023 9:14:12 AM By Stu Sjouwerman
Reuters describes a cyberespionage campaign carried out by the hitherto little-known threat group researchers track as "Cold River." The group is circumstantially but convincingly linked ...
Continue Reading

A Look Back at Mobile Government Cyberattacks Shows Increased Attacks and Weaker Security

Jan 6, 2023 2:43:01 PM By Stu Sjouwerman
A rise in the reliance on unmanaged mobile devices, matched with a lack of patching and increased attacks seeking solely to steal credentials was a perfect storm for government.
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews