Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

FBI: Ransomware gang breached 52 US critical infrastructure orgs

The US Federal Bureau of Investigation (FBI) says the Ragnar Locker ransomware gang has breached the networks of at least 52 organizations from multiple US critical infrastructure sectors.
Continue Reading

By the Way, There's No Draft - Smishing Campaign Alert

Scammers are sending phony text messages (aka Smishing or SMS Phishing) informing people in the US that they’ve been drafted by the US Army, according to Army Times.
Continue Reading

Log4j - Kevin Mitnick Explains One of the Most Serious Vulnerabilities in the Last Decade

The Log4j vulnerability caused widespread panic for IT professionals when it was uncovered. Sleepless nights followed for many. But a shortage of time and manpower has left this ...
Continue Reading

The Recent Log4J Vulnerability Equation: Remote Code Execution (RCE) + National Vulnerability Database (NVD) = 10.0

RCE. These three letters add increased levels of stress to cybersecurity professionals regarding vulnerabilities against their hardware or software within their risk management program.
Continue Reading

According to KnowBe4 Research's Q1 2022 Report: Shadow IT Is Real

Imagine needing to share a large PDF non-confidential document with a customer. It is too large to send via email, and recently you started using a cloud file sharing service to store ...
Continue Reading

Phishing Attacks Impersonating LinkedIn are up 232% in the Last Month Alone!

During the period the world has dubbed “the great resignation”, phishing scammers are shifting tactics to take advantage of those looking for a new career or place of employment.
Continue Reading

FBI: Scammers Take Business Email Compromise Attacks to Virtual Meeting Platforms

In a new twist on an old scam, BEC attacks switch from email to a virtual meeting where social engineering tactics are used to further establish credibility and increase the likelihood of ...
Continue Reading

CISA: 2021 Cyberattack Trends Indicate Increases in Global Ransomware Attacks

New advisory sees critical infrastructure once again in the crosshairs and makes critical recommendations to both protect against ransomware and to reduce its’ impact.
Continue Reading

Your KnowBe4 Fresh Content Updates from February 2022

Check out the 28 new pieces of training content added in February, alongside the always fresh content update highlights and new features.
Continue Reading

What It's Like to Be the Face of Romance (Scams)

A real US Army colonel named Daniel Blackmon is being impersonated in hundreds or even thousands of romance scams, according to Haley Britzky at Task & Purpose. The scammers took ...
Continue Reading

Gain Insight into Where Your Organization Stands with the Security Culture Maturity Model

We’re thrilled to introduce the Security Culture Maturity Model, the industry’s first maturity model specifically geared to measure security culture!
Continue Reading

Data Breach Volumes in the U.S. Grow by 10% in 2021

New data shows despite decreases in global data breach levels (-5%) in 2021, the U.S. experienced proportionally more data breaches than in the previous year.
Continue Reading

Timely “Help Ukraine” Online Crypto Scams Take in Millions

A new series of "help Ukraine" donation posts have sprouted up across the Internet, but are really a cryptocurrency scam enticing users send crypto donations to counterfeit addresses.
Continue Reading

FBI: SIM Swapping Attacks See More Than 500% Increases in The Number of Attacks and Monetary Losses

With mobile devices used as secondary authentication, threat actors have been stepping up activity, looking for ways to transfer phone numbers to cybercriminal-controlled devices.
Continue Reading

UK ICO Sees a Massive Increase in Targeted Email Attacks

New data obtained from the UK’s Information Commissioner’s Office by think tank Parliament Street shows an unprecedented rise in attacks against the UK’s information rights organization.
Continue Reading

Phishing Emails Warn of a Suspicious Login From Russia

Researchers at Malwarebytes warn that a phishing campaign is informing users that someone logged into their account from an IP address in Moscow. The email contains a button to report the ...
Continue Reading

CyberheistNews Vol 12 #09 [Heads Up] The Ukraine War Started A New Wiper Malware Spillover Risk

[Heads Up] The Ukraine War Started A New Wiper Malware Spillover Risk Email not displaying? | View Knowbe4 Blog CyberheistNews Vol 12 #09 | Mar. 1st., 2022 [Heads Up] The Ukraine War ...
Continue Reading

Scammers Will Take Advantage of New IRS Rules

New IRS requirements will soon be used as phishbait, according to Gene Marks, owner of Marks Group PC and a columnist for the Guardian.
Continue Reading

Russia Could “Absolutely” Lash Out at US Through Cyber, Lawmaker Warns

NextGov reports: "Chairman Sen. Mark Warner, D-Va, gives an opening statement as FireEye CEO Kevin Mandia, SolarWinds CEO Sudhakar Ramakrishna and Microsoft President Brad Smith testify ...
Continue Reading

Wartime Suffering as Phishbait

It’s easy to forget, when a hybrid war like the one currently raging in Ukraine is occupying so much attention, that ordinary criminal lowlifes continue to seek victims, and the war only ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews