Expect to See Data Theft as Part of More Ransomware Attacks in the Future

Jul 17, 2020 11:40:52 AM By Stu Sjouwerman

With data theft currently experienced in 10% of ransomware attacks, experts predict this trend to increase as cyber criminals look for ways to ensure ransom payment.

Impermissible: Be Suspicious of Permission Requests

Jul 17, 2020 8:26:40 AM By Stu Sjouwerman

Users need to be wary of requests for information or permissions, even if they appear to come from legitimate sources, according to Don MacLennan, Senior Vice President of Engineering and ...

Like Twitter, MFA Will Not Save You!

Jul 16, 2020 1:24:50 PM By Roger Grimes

I’m sure we are all interested in the latest Twitter hack. As the author of the soon to be released Wiley book called Hacking Multifactor Authentication, I have to laugh at the “experts” ...

SEC Issues Warning on Increased Ransomware Attacks

Jul 15, 2020 2:28:04 PM By Stu Sjouwerman

The Securities and Exchange Commission, through its Office of Compliance Inspections and Examinations (OCIE), issued a warning to advisors and broker-dealers to “immediately” review their ...

KnowBe4 Finds Coronavirus-Themed Phishing Spiked in Q2 2020 [INFOGRAPHIC]

Jul 15, 2020 12:35:08 PM By Stu Sjouwerman

The latest results of KnowBe4's quarterly top-clicked phishing email subjects are in. We report on three different categories: social media related subjects, general subjects, and 'in the ...

Ragnar Locker Ransomware Attacks Energy Company, Potentially Stealing 10TB in Data

Jul 13, 2020 7:03:00 AM By Stu Sjouwerman

In a letter to customers, EDP Renewables North America CEO acknowledges the attack occurred back in April of this year, but claims “no evidence” of data theft exists.

Ransomware Attacks on Manufacturing Yield an Average Payout of $271K

Jul 13, 2020 7:00:00 AM By Stu Sjouwerman

New data shows just how much major industries are paying out to remediate successful ransomware attacks, despite guidance to never pay the ransom.

Back-to-School: a Buzzkill in More Ways than One

Jul 9, 2020 9:01:39 AM By Stu Sjouwerman

40% of the top twenty universities in the US aren’t using DMARC to mitigate phishing attacks that impersonate the universities’ domains, according to researchers at Tessian. Additionally, ...

[On-Demand Webinar] Hackers Exposed: Kevin Mitnick Shares His Tradecraft and Tools to Help You Hack Proof Your Network

Jul 9, 2020 8:27:47 AM By Stu Sjouwerman

Months of quarantine, transitioning to work from home, economic uncertainty, social and political turmoil… it’s easy to see why your employees are amped up, tense and distracted. And the ...

More Than 15 Billion Credentials Are For Sale in Criminal Markets

Jul 8, 2020 3:50:09 PM By Stu Sjouwerman

Researchers at Digital Shadows warn that there are more than 15 billion leaked login credentials for sale in online criminal marketplaces. This number is up 300% since 2018, and the ...

Microsoft Seizes Six Domains Used in Sophisticated Phishing Scheme

Jul 8, 2020 8:24:34 AM By Stu Sjouwerman

Microsoft announced that the US District Court for the Eastern District of Virginia has ruled that the company can seize six domains that were being used in a widespread phishing ...

KnowBe4’s Q2 2020 Year-Over-Year Sales Grow 25%

Jul 4, 2020 9:47:36 AM By Stu Sjouwerman

We announced on July 2nd that 2020's second quarter was 25% higher in sales than Q2 2019, and that we are nearing a staff of 1,000 and 33,000+ customers worldwide. KnowBe4 continues on a ...

June Content Update: Including New Roger Grimes Video Series on Data-Driven Defense

Jul 2, 2020 3:41:59 PM By Stu Sjouwerman

Here are a few important content updates to share with you for the month of June.

Looking for Binge-Worthy Viewing Options This Summer?

Jul 2, 2020 1:03:12 PM By Stu Sjouwerman

Looking for some binge-worthy watching this summer? We've got just what you're looking for! Check out this innovative new security awareness video series called ‘The Inside Man’.

A "Secure DNS" Scam: an Upgrade that's a Downgrade

Jul 1, 2020 8:27:47 AM By Stu Sjouwerman

A phishing campaign is targeting website owners with convincing, personalized emails that purport to come from WordPress, Naked Security reports. The emails claim that WordPress is ...

Phishing in Irish Streams

Jun 30, 2020 8:24:18 AM By Stu Sjouwerman

Netflix is warning users in Ireland to be on the lookout for another phishing campaign that’s impersonating the streaming service, Extra.ie reports. The emails inform recipients that ...

It's the Best of 2020! Cyber CSI: Learn How to Forensically Examine Phishing Emails to Better Protect Your Organization

Jun 29, 2020 3:10:24 PM By Stu Sjouwerman

Roger Grimes' lesson on how to forensically examine phishing emails received the highest viewer rating of any webinar so far this year. In case you missed it, make sure to watch this ...

60% of Organizations are Hit by Cyberattacks Spread by Their Own Employees

Jun 29, 2020 8:37:16 AM By Stu Sjouwerman

The unwitting participant appears to be alive and well, based on new data from security vendor Mimecast. With employees being the source of attack surface expansion, what’s an org to do?

New Sextortion Method Uses Social Engineering and Doxing To Identify and Target Victims

Jun 29, 2020 8:33:43 AM By Stu Sjouwerman

According to the SANS Internet Storm Center, cybercriminals are engaging their victims online, using social engineering tactics to collect needed details to extort money.

New Dropbox-Based Pandemic Relief Payment Scam Targets U.K. Microsoft 365 Users, Bypassing Email Security

Jun 29, 2020 8:30:45 AM By Stu Sjouwerman

Using a Dropbox Transfer page, this new scam presses all the urgency buttons while eluding detection as being malicious in an effort to steal the victim’s online credentials.

Security Awareness Training Blog

KnowBe4 Blog

View Topics