KnowBe4

Security Awareness Training Blog

IT Security Blog

Get the most current news about the IT Security industry, what the latest threats are and what that means to security professionals.

Interesting info on phishing and social engineering on 60 minutes

Last weekend, 60-minutes had a special about the NSA which spoke out on Snowden and spying. The headline was: "The NSA gives unprecedented access to the agency's HQ and, for the first ...
Continue Reading

Your AntiVirus Does Not See NSA's Botnet

The revelations are getting wilder by the week. The NSA has its own botnet, they infected more than 50,000 computer networks worldwide with malicious software designed to steal sensitive ...
Continue Reading

5 Easy Steps To Create Strong Passwords

5 Easy Steps To Create Strong Passwords First, some Hints and Tips: * Keep your passwords private – never share a password with anyone else. * Do not write down your passwords.  * Use ...
Continue Reading

A Serious Legal Liability: Bad or No Security Awareness Training

Please read this article and then forward it to the head of your legal department or the person in your organization who is responsible for compliance. Recently, the Department of Health ...
Continue Reading

What's Next for IT Debate #3 Does Infrastructure Really Matter?

You can see and hear me September 17th at 1pm, 10am PT. The subject is: "Does Infrastructure Really Matter -- What clients don't know can hurt them"
Continue Reading

April 8, 2014: WinXPGeddon

If you still run Windows XP April 2014, you've got a timebomb on your hands if that system is still connected to the Internet. Stand-alone systems are a bit less of a risk. 
Continue Reading

Spear-phishing attackers vandalize CNN, TIME and Wash Post

You would think that by now journalists and people in media and advertising would be on the alert for social engineering red flags. But no. Syrian hacktivists sent a spear-phishing attack ...
Continue Reading

Liberty and Security - it's not an either/or choice

My good friend Mac Graham just sent me this article that I think is thoughtful, balanced and provides a very interesting solution for this "Liberty versus Security" problem.  (Full ...
Continue Reading

Congressional Aides Targeted By Spear-phishing Attacks

Image Credit: Reuters/Cary Cameron
Continue Reading

The One Security Technology That Actually Works: Application Control

July 16, 2013, Roger Grimes wrote an article in InfoWorld that was straight out of my mind. He said: "Antivirus, perimeter defense, and network monitoring are jokes. But whitelisting ...
Continue Reading

System Administrator Appreciation Day Is Coming Soon!

I wanted to make sure everyone was aware of an important, upcoming holiday. No, it is not the 4th of July (although that is almost here, too)... it's System Administrator Appreciation ...
Continue Reading

POLL: "YOU are in IT. Is it OK what the NSA is doing?"

A new Washington Post-Pew Research Center poll asked Americans if they consider the NSA's practice of obtaining telephone calls and email through secret court orders "acceptable." As the ...
Continue Reading

The Seven Deadly Social Engineering Vices

(updated June 17, 2015) You may not be aware that there is a scale of seven deadly vices connected to social engineering. The deadliest social engineering attacks are the ones that have ...
Continue Reading

CyberheistNews Vol 3 #20

      Latest Attack Trend: 'Persistent Spear Phishing'
Continue Reading

Don't Get Hijacked On Social Media

John Mello over at Chief Security Magazine wrote today: "Online social networkers invite data marauders to compromise their accounts by choosing a convenient but risky option offered by ...
Continue Reading

CyberheistNews Vol 3, # 19

CyberheistNews Vol 3, # 19     Fraud-as-a-service Goes Mainstream
Continue Reading

REVIEWS: Kevin Mitnick Home Internet Security Course

Now that the Kevin Mitnick Home Internet Security Course is released and commercially available we thought you might be interested in hearing what people tell us when we ask them what ...
Continue Reading

Automated Twitter DM Spear Phishing

Automated Twitter DM Spear Phishing. It was to be expected. Cyber criminals now are able to scrape your followers from Twitter, and send you a Direct Message (DM) supposedly coming from ...
Continue Reading

The Problem With Our Security Models

Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews