Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

KnowBe4 Unveils Official Trailer for ‘The Inside Man’ Season 4

We’re excited to announce the release of the official trailer for Season 4 of the award-winning Knowbe4 Original Series - ‘The Inside Man’!
Continue Reading

COVID-19 Test-Related Phishing Scams Jump 521% Into January

New data shows a massive increase between October 2021 and January 2022 in phishing attacks focusing on one of the world’s current concerns for home and in-office testing.
Continue Reading

8 New Malware Payloads Spotted As Part of Attacks Against Ukrainian Targets

Security Threat Researchers at Symantec have published details about malware being put out by the “Gamaredon” threat group (who have been tied to Russian Federal Security Service), ...
Continue Reading

New Phishing Campaign is Impersonating Zoom to Steal Credentials

A phishing campaign is impersonating Zoom in order to steal users’ Microsoft credentials, according to Lauryn Cash at Armorblox. The emails landed in about 10,000 inboxes, and targeted “a ...
Continue Reading

CyberheistNews Vol 12 #05 [Heads Up] DHS Sounds Alarm on New Russian Destructive Disk Wiper Attack Potential

CyberheistNews Vol 12 #05 | Feb. 1st., 2022 [Heads Up] DHS Sounds Alarm on New Russian Destructive Disk Wiper Attack Potential CNN just reported on a Jan 23 Intelligence Bulletin from the ...
Continue Reading

Beware of QuickBooks Payment Scams

Many small and mid-sized companies use Intuit’s very popular QuickBooks program. They usually start out using its easy-to-use base accounting program and then the QuickBooks program ...
Continue Reading

Increased “Shipping Delays” Now Served as Phishbait

Attackers are exploiting pandemic-related supply-chain disruptions to launch phishing campaigns, according to Troy Gill, senior manager of threat intelligence at Zix. In an article for ...
Continue Reading

KnowBe4 Continues to be One of Okta's Most Popular Apps in the 2021 Businesses at Work Report

We're pleased to announce that we have been featured in Okta's eighth edition of the "Business at Work" report. This report is an in-depth look into how organizations and people work ...
Continue Reading

[On-Demand Webinar] A Data-Driven Approach for Your Third-Party Risk Management Processes

As organizations have increased their scope of vendors and partners, they have also increased their digital risk surface and are facing new challenges regarding vendor risk management. By ...
Continue Reading

Microsoft Warns of Latest “Consent Phishing” Attack Intent on Reading Your Email

Rather than steal your user’s credentials, this latest attack takes the OAuth route to gain access to the victim’s mailbox. This gives cybercriminals continual access, regardless of ...
Continue Reading

Dark Web Service Sells Access to Compromised Accounts and Browser Sessions

When we hear about compromised credentials, there’s always the question of “How are they used post-compromise?” In one case, they are fully on display for sale to the highest bidder.
Continue Reading

Malicious Office Documents Jump to 37% of All Malware Downloads at the End of 2021

With the ubiquitous use of Microsoft Office today, it should come as no surprise that malicious macro-laden documents continue to reign, with PPT files delivering AgentTesla taking the ...
Continue Reading

[Heads Up!] DHS Sounds Alarm on New Russian Destructive Disk Wiper Attack Potential

CNN just reported on a Jan 23 Intelligence Bulletin from the US Department of Homeland Security (DHS) that warned state and local governments and critical infrastructure operators about ...
Continue Reading

Ransomware Operators Try to Recruit Insiders

Sixty-five percent of organizations report that their employees have been contacted by ransomware attackers in an attempt to recruit insider threats, according to researchers at Pulse and ...
Continue Reading

Irish Teaching Council Fined €60,000 for Phishing-Induced Breach

Ireland’s Teaching Council has been fined €60,000 by the country’s Data Protection Commission (DPC) over a breach of nearly ten thousand teachers’ data, the Irish Examiner reports. An ...
Continue Reading

2022 Continues The New Decade of Privacy

Privacy issues came about all across the board in 2020, 2021, and 2022 will be no different. From WhatsApp updating their terms of service and losing millions of users to countless ...
Continue Reading

[New Benchmarking Feature] Compare Your Organization’s Security Culture with Other Organizations in Your Industry

We are excited to announce that the KnowBe4 Industry Benchmarking feature has been expanded to now include industry benchmark comparison data for KnowBe4’s Security Culture Survey (SCS).
Continue Reading

A Generational Divide Among Social Engineering Victims

Younger and older people differ in their susceptibility to different types of social engineering attacks, according to researchers at Avast. Younger people tend to fall for scams ...
Continue Reading

FBI: US Defense Industry Organizations Targeted with USB-Based Ransomware Attacks

Using mailed out “BadUSB” drives as the initial attack vector, cybercriminals are attempting to infiltrate sensitive networks and infect them with BlackMatter or REvil ransomware strains.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews