Report: Shadow AI Poses an Increasing Risk to Organizations
The use of “shadow AI” is an increasing security risk within organizations, according to a new report from Netskope.
Cancel
Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.
The use of “shadow AI” is an increasing security risk within organizations, according to a new report from Netskope.
The State of California’s Franchise Tax Board (FTB) has warned of an ongoing SMS phishing (smishing) campaign targeting residents, Malwarebytes reports.
I occasionally get human risk management (HRM) administrators asking me to help them with ideas of “contests” to better educate their end-users.
Healthcare organizations need to be prepared for an increase in AI-assisted phishing attacks, according to Zack Martin, Senior Policy Advisor at Venable.
A super common voice phone call phishing scam (i.e., vishing) is when the scammer calls you and pretends to be a law enforcement official with a warrant for your arrest for not answering ...
Threat actors can now use AI tools to automate entire attack operations, according to a new report from Anthropic.
Attackers are using a newly discovered phishing-as-a-service (PhaaS) platform dubbed “Salty 2FA” to target a wide range of industries across North America and Europe, according to ...
Professional phishing groups are targeting customers of brokerage firms in order to manipulate stock prices, KrebsOnSecurity reports. The attackers use a technique called “ramp and dump” ...
Attackers are using a Japanese Unicode character to replace forward slashes in phishing URLs, BleepingComputer reports.
In this series, we first explored the psychology that makes HR phishing so effective, then showcased the real-world lures attackers use to trick your employees. Now, we’re going under the ...
Phishing attacks impersonating HR are on the rise. Between January 1 – March 31, 2025, our Threat Lab team observed a 120%surge in these attacks reported via our PhishER product versus ...
We all trust HR - or at least we do when we think they’re emailing us! Data from KnowBe4’s HRM+ platform reveals that phishing simulations with internal subject lines dominate the list of ...
The North Korean threat actor ScarCruft has incorporated ransomware into its arsenal, according to researchers at South Korean security firm S2W.
In today's world, cyberattacks are a constant threat. While technical defenses are crucial, people often remain the easiest attack vector for cybercriminals.
A phishing campaign is targeting Instagram users with phony notifications about failed login attempts, according to researchers at Malwarebytes.
A global retail and wholesale company transformed their security posture after implementing KnowBe4's Phish Alert Button (PAB) and security awareness training, achieving an astonishing ...
More than one in ten people who were targeted by job scams this year fell victim, according to a report from Resume.org.
Getting through secure email gateways (SEGs) is simply the cost of doing business for a cybercriminal. Literally, detection at the perimeter by a SEG is the same as falling at the first ...
Employees are expected to behave securely, and the definition of “securely” is often written down in a myriad of security policies. Yet, people do not always comply with security policies ...
Social engineering remains a primary initial access vector for cybercriminals, according to a new report from Europol.
