Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Volunteer Cyber Crime Fighters Band Together in New York

Kim Nash reported in the WSJ Pro CyberSecurity newsletter—which I warmly recommend, it is an excellent daily news update—that "more than 100 applicants seek to volunteer their ...
Continue Reading

KnowBe4 Acquires CLTRe; Shines Spotlight on Security Culture Measurement

I'm happy to announce our acquisition of CLTRe, which we feel demonstrates the importance of managing the human risk. We’re excited to welcome Kai and the CLTRe team to the KnowBe4 family ...
Continue Reading

[On-Demand Webinar] Empowering Your Human Firewall: The Art & Science of Secure Behavior

You know that "security awareness" is key to a comprehensive security strategy. But just because someone is aware doesn't mean they care. So how can you design programs that work with, ...
Continue Reading

“Hack for Hire” Groups Offer Single Account Break-In Services For Just $750

  Along with everything else malicious that’s available “as-a-Service”, the latest addition takes the burden of trying to initially hack an organization off of the plate of would-be ...
Continue Reading

Global GozNym Takedown Shows The Anatomy Of A Modern Cybercrime Supply Chain

By Javvad Malik, our new Security Awareness Advocate for EMEA. A multi-national collaborative law enforcement effort has arrested individuals allegedly behind Nymaim and Gozi, also known ...
Continue Reading

[PODCAST] Hacking Humans Live At KB4CON 2019

Last week, we had the pleasure of hosting the first ever live episode of the Hacking Humans podcast at KB4-CON in Orlando, where Kevin Mitnick and I teamed up with Dave Bittner and Joe ...
Continue Reading

Account Takeover Attacks Increase as Cybercriminals Fine-Tune Their Brand Impersonation, Social Engineering, and Phishing Skills

The latest Spear Phishing Report from Barracuda highlights how cybercriminals are systematically improving their game… and are becoming more successful for it. The capturing of user ...
Continue Reading

6 Signs You’ve Successfully Created a Security Culture

Security culture is much more than just IT policies and processes; it requires buy-in and participation from every user. Learn 6 ways to tell if you’re on the right path to building a ...
Continue Reading

What's Wrong With The New Bill That Proposes Cyber Security Training for U.S. House Members?

A bill introduced last week requires all members, officers and employees of the U.S. House of Representatives to undergo cybersecurity training.
Continue Reading

InfraGard Recommends User Education

Education is crucial in defending against evolving social engineering attacks, according to Jack Plaxe, president of the Kentucky InfraGard Alliance. During a presentation last week, ...
Continue Reading

Phishing Attacks Top Verizon’s List of Threat Actions Used in Data Breaches

Verizon’s latest Data Breach Investigations Report provides valuable insight into exactly how attacks are carried out, what tactics are working, and how users are helping.
Continue Reading

[Heads-Up] If This Is True It's A Disaster. Three Major US Antivirus Companies Breached? ***UPDATED

ARSTECHNICA is getting me worried here. We were all at KB4-CON in Orlando the last few days, and during the conference word got to me that security researchers found out that high-profile ...
Continue Reading

[Spoiler!] That Free Avengers: Endgame Download You Found Online? It’s a Scam!

The lure of watching the latest Avengers movie is enough motivation for some to fall for this scam aimed at collecting your credit card data.
Continue Reading

Half of SMBs Will Pay the Ransom in a Ransomware Attack

Despite the ability to properly protect against ransomware attacks, the latest data from AppRiver shows SMBs simply aren’t prepared to respond, and will, instead, pay up.
Continue Reading

Phishing Continues to Rise as Attacks Go Malwareless

Cybercriminals seem to be honing their craft, picking specific attack types, victim demographics, and methods, according to new data from the latest PhishLab’s report.
Continue Reading

Half of all 2020 Presidential Candidates are Susceptible to Impersonation Attacks

Recent analysis of the websites of 16 current presidential candidates indicate insufficient security to stop attackers from sending emails out impersonating the campaign.
Continue Reading

Russian cyberspies are using one hell of a clever Microsoft Exchange backdoor

A Russian cyber-espionage group has developed and has been using one of the most complex backdoors ever spotted on an email server, according to new research published by cyber-security ...
Continue Reading

Deepfake Videos – An Increasing Cyber Threat For Corporate Clients

Insurance Business Mag had an interesting take on your users being the victim of social engineering by deepfakes. Your cyber insurance policy is not likely to pay out in cases like this. ...
Continue Reading

KnowBe4 Fresh Content & Features Updates - April 2019

Check out the content and feature updates in the KnowBe4 platform for the month of April! NEW FEATURED CONTENT - STANDUPS 4 SECURITY We’re excited to highlight the release of the new ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews