Human Risk Management Blog

Identity at the Edge: How the Sixth Annual Identity Management Day Highlights the New Frontiers of Trust

Dr. Kawin Boonyapredee — Fri, 17 Apr 2026 13:00:01 GMT

Each year, Identity Management Day (IMD) serves as a global reminder that managing digital identities is more than a technical requirement; it is a cornerstone of modern trust. Now in its sixth year, IMD continues to emphasize how identity itself is evolving, stretching beyond human users to encompass machines, automated agents, and even AI-generated personas.

CyberheistNews Vol 16 #15 Anthropic's Mythos Is Not Just a Tool. It's Something You Have to Contain.

KnowBe4 Team — Tue, 14 Apr 2026 13:30:00 GMT

New KnowBe4 Agent Risk Manager Addresses Pervasive AI Agent Risk

KnowBe4 Team — Tue, 14 Apr 2026 12:00:00 GMT

By Roger A. Grimes and Matthew Duren

Anthropic's Mythos Preview: Why the Human Layer Matters More, Not Less

Martin Kraemer — Mon, 13 Apr 2026 21:47:10 GMT

The human layer is not impacted by Anthropic's Mythos Preview announcement. If anything, it is reinforced, and for reasons that deserve to be spelled out clearly.

New Phishing Kit Streamlines ClickFix Attacks

KnowBe4 Team — Mon, 13 Apr 2026 13:00:03 GMT

A new commodity phishing kit called “Venom Stealer” allows threat actors to automate ClickFix attacks, according to researchers at BlackFog. ClickFix is a social engineering technique that tricks users into executing malicious commands on their computer, usually resulting in malware installation.

Phishing Campaign Targets Japanese Firms During Tax Season

KnowBe4 Team — Fri, 10 Apr 2026 17:45:00 GMT

A criminal threat actor called “Silver Fox” is launching tax-themed phishing attacks against Japanese companies during the country’s tax season, according to researchers at ESET.

Rising Compliance Oversight Pressure: From Audit Fatigue to Continuous Readiness

KnowBe4 Team — Fri, 10 Apr 2026 13:00:02 GMT

Public sector cybersecurity leaders are no longer measured solely on whether they stop attacks, they are measured on whether they can prove it. Across federal, state, local and education environments, compliance obligations continue to expand. Frameworks and mandates include:

AI Phishing Attack Prevention Strategies: How AI Identifies and Limits Human Risk

KnowBe4 Team — Thu, 09 Apr 2026 17:00:00 GMT

AI is making phishing attacks easier to create and scale. Tasks that once required manual effort can now be automated, allowing attackers to generate realistic messages, launch campaigns, and adapt tactics quickly to evade security controls. In fact, KnowBe4’s 2025 Phishing Threat Trends Report found that more than 73% of phishing emails analyzed in 2024 showed signs of AI involvement.

Phishing Campaign Impersonates Palo Alto Networks Recruiters

KnowBe4 Team — Thu, 09 Apr 2026 13:00:01 GMT

Threat actors are impersonating Palo Alto Networks recruiters to target job seekers, according to researchers with Palo Alto’s Unit 42 security team. “These attacks specifically target senior-level professionals by leveraging scraped LinkedIn data to craft highly personalized lures,” the researchers write.

Voice Phishing is a Growing Social Engineering Threat

KnowBe4 Team — Wed, 08 Apr 2026 13:00:04 GMT

Voice phishing (vishing) overtook email-based phishing as a top initial intrusion vector in 2025, according to a new report from Mandiant. Notably, vishing is live and interactive, giving the attacker more control over the social engineering objectives.