Back-to-School: a Buzzkill in More Ways than One

40% of the top twenty universities in the US aren’t using DMARC to mitigate phishing attacks that impersonate the universities’ domains, according to researchers at Tessian. Additionally, ...

July 8, 2020 Stu Sjouwerman

Gartner: You Should Focus On These 7 Specific COVID-19 IT Security Areas

Gartner observed: "Rapid responses to the coronavirus pandemic leave organizations vulnerable to security breaches. Security and risk teams must remain vigilant and focus on strategic ...

July 8, 2020 Stu Sjouwerman

Microsoft Seizes Six Domains Used in Sophisticated Phishing Scheme

Microsoft announced that the US District Court for the Eastern District of Virginia has ruled that the company can seize six domains that were being used in a widespread phishing ...

July 7, 2020 Stu Sjouwerman

[Heads Up] The First-Ever Russian BEC Gang, Cosmic Lynx, Was Uncovered. They Spear Phish Multinational & Fortune 500 Senior Executives

“This is a historic shift to the global email threat landscape and portends new and sophisticated social engineering attacks that CISOs around the world must brace for now,” according to ...

July 7, 2020 Stu Sjouwerman

FakeSpy Android Malware Distributed via Smishing

Researchers at Cybereason are tracking a sophisticated malware campaign targeting Android devices around the world. The campaign involves a new version of the FakeSpy information-stealing ...

July 6, 2020 Stu Sjouwerman

New Calendar Invitations as Phishbait Attack Wave

BleepingComputer warns that cybercriminals are using calendar invites to send phishing links to Wells Fargo customers. Researchers at Abnormal Security discovered this phishing campaign ...

July 3, 2020 Stu Sjouwerman

Half of all Remote Employees Aren’t the Slightest Bit Prepared for Cyberattacks

New data from IBM suggests that employees, their devices, training, and organizational policies are all lacking when it comes making sure remote workers don’t become a victim of ...

July 3, 2020 Stu Sjouwerman

Microsoft 365 Phishing Attacks Masterfully Use Brand Name Sites to Establish Legitimacy

New voicemail phishing scam uses legitimate branded domains from companies like Samsung and Adobe to facilitate redirects to compromised websites intent on stealing credentials.

July 3, 2020 Stu Sjouwerman

Business Email Compromise Attacks Focused on Invoice Fraud Surge by 75%

As attacks on the C-Suite decline, new data shows that employees in finance department roles are critical to the success of shifts in attack campaign strategy.

July 1, 2020 Stu Sjouwerman

A "Secure DNS" Scam: an Upgrade that's a Downgrade

A phishing campaign is targeting website owners with convincing, personalized emails that purport to come from WordPress, Naked Security reports. The emails claim that WordPress is ...

KnowBe4 Blog

Phishing

View Topics

Back-to-School: a Buzzkill in More Ways than One

Gartner: You Should Focus On These 7 Specific COVID-19 IT Security Areas

Microsoft Seizes Six Domains Used in Sophisticated Phishing Scheme

[Heads Up] The First-Ever Russian BEC Gang, Cosmic Lynx, Was Uncovered. They Spear Phish Multinational & Fortune 500 Senior Executives

FakeSpy Android Malware Distributed via Smishing

New Calendar Invitations as Phishbait Attack Wave

Half of all Remote Employees Aren’t the Slightest Bit Prepared for Cyberattacks

Microsoft 365 Phishing Attacks Masterfully Use Brand Name Sites to Establish Legitimacy

Business Email Compromise Attacks Focused on Invoice Fraud Surge by 75%

A "Secure DNS" Scam: an Upgrade that's a Downgrade

Subscribe To Our Blog

Posts By Topic

Get the latest insights, trends and security news. Subscribe to CyberheistNews.

Get the latest insights, trends and security news. Subscribe to CyberheistNews.