Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Trezor Crypto Wallet Attacks Results in Class Action Lawsuit Against MailChimp Owner Intuit

Months after the MailChimp data breach targeting 102 companies in the crypto sector, a new lawsuit has been filed seeking millions of dollars in damages.
Continue Reading

Happy Credit Union Customers Become the Target of Spoofing Scams Due to a Lack of Email Security

Taking advantage of heightened levels of customer trust and satisfaction, along with lowered levels of properly implemented security, credit unions are seeing a rise in email-based scams.
Continue Reading

European Wind-Energy Sector Is the Latest Target of Russian State-Sponsored Attacks

While Russia consistently denies any launching of cyberattacks, attack details point to reasonable intent by and cybercriminal ties to the Russian government.
Continue Reading

Beware of Spoofed Vanity URLs

Researchers at Varonis warn that attackers are using customizable URLs (also known as vanity URLS) on SaaS services to craft more convincing phishing links. The attackers have used this ...
Continue Reading

KnowBe4 Earns 2022 Top Rated Award from TrustRadius

We are proud to announce that TrustRadius has recognized KnowBe4 with a 2022 Top Rated Award.
Continue Reading

Another Report of SEO in Phishing

Researchers at Netskope have observed a 450% increase in phishing downloads over the past twelve months, largely driven by attackers using SEO (search engine optimization) to improve the ...
Continue Reading

Mustang Panda Uses Spear Phishing to Conduct Cyberespionage

The China-based threat actor Mustang Panda is conducting spear phishing campaigns against organizations in NATO countries and Russia, as well as entities in the US and Asia, according to ...
Continue Reading

CyberheistNews Vol 12 #19 [Heads Up] There is a New Type of Phishing Campaign Using Simple Email Templates

Tricky SMTP Relay Email Spoofing. Man Convicted For 23M Phishing Scam. Email not displaying? | View Knowbe4 Blog CyberheistNews Vol 12 #19 | May 10th, 2022 [Heads Up] There is a New Type ...
Continue Reading

Wave of Crypto Muggings Hits London's Financial District

Criminals in London are targeting digital currency investors on the street in a wave of “crypto muggings”, with victims reporting that thousands of pounds were stolen from their crypto ...
Continue Reading

Business Email Compromise Shouldn’t Be the Cost of Doing Business

The FBI last week published a public service announcement updating its warnings about the continuing threat of business email compromise (BEC, also called CEO fraud). The problem has ...
Continue Reading

10 of the Craziest Cyberattacks Seen In the Wild and How You Can Avoid Them

It feels like we hear about a new devastating cyberattack in the news every day. And attack methods seem to be proliferating at an exponential rate. So, which tactics should you be aware ...
Continue Reading

Your KnowBe4 Fresh Content Updates from April 2022

Check out the 67 new pieces of training content added in April, alongside the always fresh content update highlights and new features.
Continue Reading

Cozy Bear Goes Typosquatting

Researchers at Recorded Future’s Insikt Group warn that the Russian threat actor NOBELIUM (also known as APT29 or Cozy Bear) is using typosquatting domains to target the news and media ...
Continue Reading

Microsoft is Leading the Way to a Password-Less Future

As we observe World Password Day to create awareness around the need for password security, Microsoft is looking for frictionless ways to eliminate passwords entirely.
Continue Reading

SMTP Relay Email Spoofing Technique

Researchers at Avanan have observed a surge in phishing emails that abuse a flaw in SMTP relay services to bypass email security filters.
Continue Reading

89% of Organizations Experienced One or More Successful Email Breach Types During the Last 12 Months

With the number of email breaches per year almost doubling in the last three years, organizations still don’t see email security solutions as being an effective means of stopping attacks.
Continue Reading

FIN12 Threat Group Speeds Up Ransomware Attacks to Just Two Days After Initial Access

As detection times are reducing across the board, threat groups are improving their craft and are prioritizing speed as the key ingredient in ransomware attacks.
Continue Reading

Organizations Have a 76% Likelihood of a Successful Cyberattack in the Next Year

New data from TrendMicro and Ponemon shows how almost organizations globally are not fully prepared for the looming threat of almost-certain cyberattacks.
Continue Reading

Man Convicted for $23 Million Phishing Scam Against the US DoD

A man in California has been convicted for stealing $23.5 million from the US Department of Defense in a phishing attack. The Justice Department explained in a press release that the man, ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews