[CASE STUDY] New-school Approach to Training and Simulated Phishing Shines Over Traditional LMS

Dec 12, 2022 1:49:34 PM By Stu Sjouwerman

A U.S.-based enterprise manufacturing organization cut their Phish-prone Percentage™ (PPP) by more than 80% after five months using the KnowBe4 security awareness training and simulated ...

[EYE OPENER] How ChatGPT Can Be Used For Social Engineering

Dec 10, 2022 10:12:36 AM By Stu Sjouwerman

ChatGPT could give Google a serious run for its money. We are not quite there yet, but the capabilities are rapidly improving. Just have a look at the command I gave it. In 5 seconds the ...

Incident Response Actions are Systematically Reversed by Hackers to Maintain Persistence

Dec 8, 2022 4:33:52 PM By Stu Sjouwerman

Analysis of attacks on two cellular carriers have resulted in the identification of threat actions designed to undo mitigations taken by security teams mid-attack.

New Modular Attack Chain Found That Allows Attackers to Change Payloads Mid-Breach

Dec 8, 2022 4:33:45 PM By Stu Sjouwerman

We’ve long known developers of cyberattacks to be crafty and focus a lot of energy on obfuscation, but a new attack can shift gears midstream, delivering just the right malware.

Scammer Group Uses Business Email Compromise to Impersonate European Investment Portals

Dec 8, 2022 8:58:00 AM By Stu Sjouwerman

A sophisticated scammer group has stolen at least €480 million from victims in France, Belgium, and Luxembourg since 2018, according to researchers at Group-IB. The gang uses a highly ...

[Eye Opener] Cybersecurity Resilience Emerges as Top Priority as 62% of Companies Say Security Incidents Impacted Business Operations

Dec 8, 2022 6:51:35 AM By Stu Sjouwerman

Cisco's annual Security Outcomes Report shows executive support for a security culture is growing. The report identifies the top seven success factors that boost enterprise security ...

Cyber Insurers Focus on Catastrophic Attacks and Required Minimum Defenses as Premiums Double

Dec 7, 2022 10:44:35 AM By Stu Sjouwerman

Recent attacks are helping cyber insurers better understand what security strategies need to be in place and how to price policies based on the risk those policies cover.

Archives Overtake Office Documents as the Most Popular File Type to Deliver Malware

Dec 7, 2022 10:44:32 AM By Stu Sjouwerman

Taking the lead over the use of Word, Excel, PDF, and other office-type documents in attacks, new data shows that files like ZIP and RAR have grown in popularity by 11% last quarter.

[On-Demand] Ransomware, Ransom-war and Ran-some-where: What We Can Learn When the Hackers Get Hacked

Dec 7, 2022 9:28:47 AM By Stu Sjouwerman

Ransomware strikes organizations almost every two seconds. Tales of bad actors doing their worst fill the InfoSec news cycle, but what happens when the hackers get hacked?

Russian Threat Actor Impersonates Aerospace and Defense Companies

Dec 7, 2022 8:54:58 AM By Stu Sjouwerman

A Russia-linked threat actor tracked as TAG-53 is running phishing campaigns impersonating various defense, aerospace, and logistic companies, according to The Record by Recorded Future. ...

Holiday Shopping Scams Online Are Too Good to be True

Dec 7, 2022 8:54:49 AM By James McQuiggan

It's three weeks before Christmas, and the latest video game console is getting harder and harder to find in stores. You've checked all the large retail stores online and visited them ...

CyberheistNews Vol 12 #49 [Keep An Eye Out] Beware of New Holiday Gift Card Scams

Dec 6, 2022 9:30:00 AM By Stu Sjouwerman

CyberheistNews Vol 12 #49 | December 6th, 2022 [Keep An Eye Out] Beware of New Holiday Gift Card Scams By Roger A. Grimes Every holiday season brings on an increase in gift card scams. ...

Credential Phishing with Apple Gift Card Lures

Dec 5, 2022 8:57:57 AM By Stu Sjouwerman

A phishing campaign is impersonating Apple and informing the user that their Apple account has been suspended due to an invalid payment method, according to researchers at Armorblox.

Inside NATO’s Efforts To Plan For A Future Cyberwar

Dec 4, 2022 9:22:13 AM By Stu Sjouwerman

Maggie Miller at Politico had the scoop: "TALLINN, Estonia — Some 150 NATO cybersecurity experts assembled in an unimposing beige building in the heart of Estonia’s snow-covered capital ...

New Threat Group Already Evolves Delivery Tactics to Include Google Ads

Dec 2, 2022 12:36:56 PM By Stu Sjouwerman

Delivering an equally new Royal ransomware, this threat group monitored by Microsoft Security Threat Intelligence has already shown signs of impressive innovation to trick victims.

Latest Netflix-Impersonated Phishing Attacks Surge in Frequency by 78% Since October

Dec 2, 2022 12:36:53 PM By Stu Sjouwerman

Using a mix of invisible and lookalike characters, this phishing attack attempts to get past security scanners by obfuscating both email content and domain names.

It’s Official: COVID-related Phishing is Dead as Scammers Return to Impersonating Famous Brands

Dec 2, 2022 12:36:50 PM By Stu Sjouwerman

New analysis of spam and malicious emails show the all but nonexistence of COVID-esque impersonation of government and pharm entities in lieu of international brands.

Ransomware Attacks on Holidays and Weekends Increase and Take a Greater Toll on Organizations

Dec 2, 2022 12:36:35 PM By Stu Sjouwerman

With 97% of U.S. organizations experiencing a ransomware attack over a weekend or on a holiday, the impacts on response and recovery time are material, including loss of revenue.

Your KnowBe4 Fresh Content Updates from November 2022

Dec 2, 2022 8:05:00 AM By Stu Sjouwerman

Check out the 55 new pieces of training content added in November, alongside the always fresh content update highlights and new features.

Spoofing-as-a-Service Site Taken Down

Dec 1, 2022 10:31:30 AM By Stu Sjouwerman

Law enforcement authorities across Europe, Australia, the United States, Ukraine, and Canada have taken down a popular website used by cybercriminals to impersonate major corporations in ...

Security Awareness Training Blog

View Topics