What Happens to an Organisation When It Has No Security Culture?

Oct 31, 2022 3:44:21 PM By Jacqueline Jayne

Let’s begin by looking at what culture is and why it matters. Culture is tacit and elusive in its very nature. It is often unspoken, based on behaviours, hidden in the thoughts and minds ...

Australia's Lacking Cybersecurity Workforce Results to a Influx in Attacks

Oct 31, 2022 10:48:40 AM By Stu Sjouwerman

Australia has now become the newest target for attacks in part due to an overworked cybersecurity workforce that is not able to stop these bad actors.

[WARNING] Micro Transactions Lead to a Drained Bank Account

Oct 31, 2022 10:48:31 AM By Stu Sjouwerman

Our friend R. Friederich at Marshalsec sent us this warning...

LinkedIn Phishing Attack Bypassed Email Filters Because it Passed Both SPF and DMARC Auth

Oct 31, 2022 10:43:11 AM By Stu Sjouwerman

Researchers at Armorblox have observed a phishing campaign impersonating LinkedIn. The emails inform the user that their LinkedIn account has been suspended due to suspicious activity.

[EYE OPENER] Phishing Attacks 61% Up Over 2021. A Whopping 255 Million Attacks This Year So Far

Oct 30, 2022 1:17:04 PM By Stu Sjouwerman

Security Magazine wrote this week about the recent eye opening SlashNext State of Phishing report. "SlashNext analyzed billions of link-based URLs, attachments and natural language ...

The Number of Vulnerabilities Associated with Ransomware Grows 426% Over Three Years

Oct 28, 2022 2:30:00 PM By Stu Sjouwerman

With only 57 vulnerabilities tied to ransomware back in 2019, the most recent data from security vendor Ivanti shows that number predicted to be over 300 by the end of 2022.

Ransomware Attacks Via RDP Drop Significantly as Phishing Continues to Dominate

Oct 28, 2022 2:13:03 PM By Stu Sjouwerman

Since 2018, remote desktop compromise (RDP) and phishing have battled for dominance as the primary initial attack vector in ransomware attacks. The latest data shows that RDP is no longer ...

Over Two-Thirds of Organizations Have No Ransomware-Specific Incident Response Playbook

Oct 28, 2022 10:16:34 AM By Stu Sjouwerman

A newly released report on ransomware preparedness shows organizations are improving their security stance in comparison to last year, but overall still aren’t doing enough.

Your KnowBe4 Fresh Content Updates from October 2022

Oct 28, 2022 8:00:00 AM By Stu Sjouwerman

Check out the 29 new pieces of training content added in September, alongside the always fresh content update highlights and new features.

Stolen Devices and Phishing

Oct 27, 2022 10:08:53 AM By Stu Sjouwerman

Researchers at Cyren describe a phishing attack that resulted from the theft of a stolen iPad. The iPad was stolen on a train in Switzerland, and briefly appeared on Apple’s location ...

[APPLY TODAY] Security Awareness Training Eligible for $185 Million DHS Cybersecurity Grant Opportunity

Oct 26, 2022 2:58:36 PM By Stu Sjouwerman

The Department of Homeland Security (DHS) is providing $185 million of grant money this year to U.S. states and territories to bolster their cybersecurity defenses, which includes ...

KnowBe4 Top-Clicked Phishing Email Subjects for Q3 2022 [INFOGRAPHIC]

Oct 26, 2022 2:31:34 PM By Stu Sjouwerman

KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. We analyze 'in the wild' attacks reported via our Phish Alert Button, top subjects globally clicked on in ...

Passkeys Are Being Pushed in a Big Way

Oct 26, 2022 10:58:37 AM By Roger Grimes

There is a good chance that you and nearly everyone else will be using passkeys in the near future.

Don’t Let High-Tech Distract You from Low-Tech

Oct 26, 2022 10:58:13 AM By Stu Sjouwerman

Deepfakes, the realistic and thoroughly convincing fabrication of imagery, video, and audio that fakes the identity of some person in ways that are difficult to detect, have aroused ...

CyberheistNews Vol 12 #43 [Heads Up] This New Strain of Fake Ransomware Is Sloppy but Dangerous

Oct 25, 2022 9:30:00 AM By Stu Sjouwerman

[Eye Opener] Work In IT? You Get Attacked Much More Than Other Employees

Oct 24, 2022 3:17:13 PM By Stu Sjouwerman

We received an interesting email from Elevate Security you need to be aware of. Their recent research showed: "Social engineering attacks are growing more sophisticated every day, ...

Major UK Outsourcer Hit With Multi-Million Dollar Fine Due to a Phishing Attack

Oct 24, 2022 1:58:54 PM By Stu Sjouwerman

Britain's data watchdog has fined major construction group Interserve with a £4.4m fine. This was due to a cyber attack stole personal and financial details for over 113,000 employees and ...

Phishing for Student Email Accounts

Oct 24, 2022 9:23:57 AM By Stu Sjouwerman

University student accounts are being exploited for business email compromise. Researchers at Avanan have observed a rise in attacks that compromise legitimate college student accounts in ...

BazarCall Expands Callback Phishing Campaigns to Include More Support Sites and Malicious Tactics

Oct 21, 2022 1:59:44 PM By Stu Sjouwerman

The king of callback phishing campaigns has evolved their methods to include better phishing emails, phone call scams, and final payloads to ensure they achieve their malicious goals.

New Credential Harvesting Scam Impersonates Google Translate to Trick Victims

Oct 21, 2022 1:59:35 PM By Stu Sjouwerman

In an interesting twist, this latest scam identified by security researchers at Avanan attempts to establish legitimacy by making the victim think the logon page is being translated.

Security Awareness Training Blog

View Topics