One Out of 10 Threats Still Make It All the Way to the Endpoint

Dec 30, 2022 2:34:39 PM By Stu Sjouwerman

Despite good intentions, layered security measures, and efficacy claims by security solution vendors, new data shows that email-based threats are still getting all the way to the Inbox.

Your KnowBe4 Fresh Content Updates from December 2022

Dec 30, 2022 9:21:35 AM By Stu Sjouwerman

Check out the 36 new pieces of training content added in December, alongside the always fresh content update highlights and new features.

Phishing Activity Rose 130% in the Second Half of 2022, Representing Three-Quarters of All Email-Based Attacks

Dec 29, 2022 10:22:48 AM By Stu Sjouwerman

New data focused on cyberattacks in the second half of the year-to-date shows phishing taking the overwhelming lead as the initial attack vector of choice.

[Heads Up] Giant LastPass Breach Can Supercharge Spear Phishing Attacks

Dec 28, 2022 2:27:36 PM By Roger Grimes

By Roger A. Grimes. KnowBe4 recommends that everyone use a password manager to create and use strong passwords as a part of their password policy ...

CyberheistNews Vol 12 #52 [Heads Up] Top 10 Cyber Security Predictions for Next Year. Read It, This Is a Good One

Dec 28, 2022 9:30:15 AM By Stu Sjouwerman

[Eye Opener] Insurance policy doesn’t cover ransomware attack, Ohio Supreme Court says

Dec 28, 2022 7:15:35 AM By Stu Sjouwerman

Dec. 27, 2022, The Ohio Supreme Court ruled in favor of an insurance company, determining that its contract to cover any direct physical loss or damage to property did not encompass ...

Attackers Pose as Facebook Support Using Legitimate Facebook Posts to Bypass Security Solutions

Dec 27, 2022 9:24:49 AM By Stu Sjouwerman

Impersonating Facebook using its own platform against them, a new phishing attack takes advantage of victim’s inability to distinguish legitimate from illegitimate.

QBot Malware Attacks Use SVG files to Perform HTML Smuggling

Dec 27, 2022 9:20:16 AM By Stu Sjouwerman

QBot malware phishing campaigns have adopted a new distribution method using SVG files to perform HTML smuggling that locally creates a malicious installer for Windows.

Microsoft Warns of Signed Drivers Being Used to Terminate AV and EDR Processes

Dec 22, 2022 4:17:28 PM By Stu Sjouwerman

The malicious abuse of several developer program accounts in Microsoft’s Windows Hardware Developer Program allowed threat actors to have malware evade detection.

The Number of Phishing Attacks Grows 15% in One Quarter, Reaching an All-Time High

Dec 22, 2022 9:44:33 AM By Stu Sjouwerman

New data shows that while ransomware remains somewhat flat, massive increases in business email compromise and response-based email attacks were seen last quarter.

New Polymorphic Wiper Malware Leaves Attacked Environments “Unrecoverable”

Dec 22, 2022 9:44:21 AM By Stu Sjouwerman

As an apparent method of political commentary on the war in Ukraine, the new Azov wiper uses a mix of intermittent overwriting and trojanizing Windows binaries to annihilate its’ victims.

Spear Phishing Campaign Targets Japanese Political Organizations

Dec 22, 2022 9:43:59 AM By Stu Sjouwerman

Researchers at ESET warn that a Chinese-speaking threat actor dubbed “MirrorFace” targeted Japanese political organizations with spear phishing emails in the run-up to the Japanese House ...

"How I lost my dog and almost my Google credentials..."

Dec 21, 2022 4:45:48 PM By Stu Sjouwerman

A well-trained Knowster posted: "I lost my dog this weekend and my mother in law was trying to be helpful and put my real phone number on a few social media posts she made. Now im getting ...

KnowBe4 Named a Leader in the Winter 2023 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR)

Dec 21, 2022 11:09:42 AM By Stu Sjouwerman

We are excited to announce that KnowBe4 has been named a leader in the Winter 2023 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR) for the PhishER platform for ...

KnowBe4 Named a Leader in the Winter 2023 G2 Grid Report for Security Awareness Training

Dec 21, 2022 11:09:40 AM By Stu Sjouwerman

We are thrilled to announce that KnowBe4 has been named a leader in the latest G2 Grid Report that compares Security Awareness Training (SAT) vendors based on user reviews, customer ...

Ivanti Report Shows Cybersecurity Practitioners Concentrating on Right Threats

Dec 21, 2022 9:25:23 AM By Roger Grimes

A recent Ivanti report shows cybersecurity practitioners getting more focused on the threat landscape, but defenders may need to hone their attention to focus on the right threats.

’Tis the season for Scam-Folly Fa La La La La

Dec 21, 2022 8:59:45 AM By Anna Collard

The festive season is my favorite time of the year. It is a time to celebrate and reconnect with our family, friends and community and the one time in the year where the whole country ...

XLL Files Used to Deliver Malware

Dec 21, 2022 8:59:29 AM By Stu Sjouwerman

Attackers are using XLL files to embed malicious code in Office documents, according to researchers at Cisco Talos. Microsoft is phasing out the ability to execute VBA macros in Office ...

CyberheistNews Vol 12 #51 [Ughh] The FBI's Trusted Threat Sharing 'InfraGard' Network Was Hacked

Dec 20, 2022 9:30:00 AM By Stu Sjouwerman

Now BEC Attacks Steal Physical Goods

Dec 20, 2022 8:49:21 AM By Stu Sjouwerman

The Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the US Department of Agriculture (USDA) have released a joint ...

Security Awareness Training Blog

View Topics