Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now
Oct 23, 2025 2:00:00 PM By KnowBe4 Team

Phishing Campaign Impersonates Password Managers

A phishing campaign is impersonating LastPass and Bitwarden with phony breach notifications, BleepingComputer reports.

Aug 28, 2025 4:00:00 PM By KnowBe4 Team

New Phishing Kit Bypasses MFA to Steal Microsoft 365 Credentials

Attackers are using a newly discovered phishing-as-a-service (PhaaS) platform dubbed “Salty 2FA” to target a wide range of industries across North America and Europe, according to ...

May 19, 2025 4:43:03 PM By KnowBe4 Team

Warning: Phishing Kits Can Auto-Generate Tailored Login Pages

Commodity phishing kits are increasingly serving dynamically generated phishing pages, according to researchers at ESET.

May 9, 2025 2:26:01 PM By Roger Grimes

You Are Still Vulnerable to Password Attacks When Using Passkeys

Just because you’re using a passkey doesn’t mean your password is gone.

Oct 3, 2024 11:58:15 AM By Roger Grimes

Don’t Put Real Answers Into Your Password Reset Questions

This recent article on how a hacker used genealogy websites to help better guess victims' password reset answers made it a great time to share a suggestion: Don’t answer password reset ...

Jan 29, 2024 2:45:47 PM By Stu Sjouwerman

Identify Weak User Passwords With KnowBe4’s Enhanced Weak Password Test

Passwords are part of every organization’s security risk profile. Just one weak password with access to an organization’s critical systems can cause a breach, take down a network or ...

Jan 23, 2024 4:21:14 PM By Stu Sjouwerman

Myth of Massive Data Breach Busted: Big Headlines Mask a Minor Threat

Ok, I'll admit it, I was swept up in the moment last week and wrote a short blog post that more or less summarized the tsunami of news about that huge data breach initially reported by ...

Jan 20, 2024 9:45:06 AM By Stu Sjouwerman

Russian Hackers Win Big: Microsoft's Senior Exec Team Emails Breached

In a Friday regulatory filing, Microsoft has reported that its corporate email accounts were compromised by a Russian state-sponsored hacking group known as Midnight Blizzard, also ...

Oct 11, 2023 9:02:25 AM By Jacqueline Jayne

[Cybersecurity Awareness Month] Password Security: Do Not Get Bit by Count Hackula

Our login credentials of a username and password are sometimes all that stands between our personal identifiable information and cybercriminals. Count Hackula could be waiting in the ...

Sep 28, 2023 9:17:38 AM By Stu Sjouwerman

[HEADS UP] If You're a LastPass User, You May be the Next Phishing Email Target

Cybercriminals are not holding back on LastPass users as a new phishing campaign has recently launched with the intent to steal your data.

Sep 14, 2023 7:41:24 AM By Martin Kraemer

Can Someone Guess My Password From the Wi-Fi Signal On My Phone?

Cybercriminals can't ascertain your phone password just from a Wi-Fi signal, but they can come close according to a method described in a recent research paper. Researchers have ...

Sep 6, 2023 8:53:21 AM By Roger Grimes

How Secure Is Your Authentication Method?

I frequently write about authentication, including PKI, multi-factor authentication (MFA), password managers, FIDO, Open Authentication, and biometrics. I have written dozens of articles ...

Aug 9, 2023 1:55:02 PM By Stu Sjouwerman

New PCI Password Requirements Could Be the Impetus for Credential Harvesting Scams

As the retirement countdown for the current version of PCI is now less than six months, a new standard for password length, complexity, and change frequency may create some risk.

Jun 13, 2023 8:00:00 AM By Stu Sjouwerman

[ON-DEMAND] A Master Class on Cybersecurity: Roger Grimes Teaches Password Best Practices

What really makes a “strong” password? And why are you and your end-users continually tortured by them? How do hackers crack your passwords with ease? And what can/should you do to ...

May 4, 2023 8:00:00 AM By Stu Sjouwerman

[FREE RESOURCE KIT] New Password Security Resource Kit to Celebrate World Password Day!

It's World Password Day! This holiday is to ensure everyone always practices good password hygiene. This year, we wanted to share the best password resources with you to share with your ...

Jan 25, 2023 4:03:39 PM By Roger Grimes

How Does Quantum Impact Passwords?

Yeah, quantum computers are likely to be able to crack passwords from every angle.

Jan 17, 2023 8:15:27 AM By Roger Grimes

Is Your Organization’s Password Complexity Requirement Strong Enough? Probably Not

Is your organization’s password complexity strong enough?

Jan 16, 2023 9:21:53 AM By Stu Sjouwerman

[New Feature] Continuously Monitor for Any Detected Password Vulnerabilities Within Your User Base with PasswordIQ

We’re thrilled to announce that the power of KnowBe4’s most popular free password security tool has been brought to your KnowBe4 console as a new feature!

Jan 11, 2023 10:38:29 AM By Stu Sjouwerman

21% of federal agency passwords cracked in their security audit

Some excellent work here. An internal US Government agency audit showed that a fifth of passwords were easy to crack. Their recently published study showed that hashes for well over ...

Jan 10, 2023 4:43:49 PM By Roger Grimes

Password Managers Can Be Hacked Lots of Ways and Yes, You Should Still Use Them

The recent hack (at least 7th) of the LastPass password manager has lots of people wondering if they should use a password manager.

Subscribe

Search Our Blog


New call-to-action

Subscribe To Our Blog

Posts By Topic

View all

Get the latest insights, trends and security news. Subscribe to CyberheistNews.