Security Awareness Training Blog

Security Awareness Training Blog

Read the latest news about security awareness training, best practices, why you need it, and what happens when you don't have it in place.

Remote Employees Adopt Bad Cybersecurity Habits While Working from Home

A new report focused on businesses looking to bring employees back to the office makes it very clear that security leaders are concerned, as remote workers have been anything but secure.
Continue Reading

Microsoft Takes Down Homoglyph Domains

Microsoft has taken legal action to shut down eighteen domains that were being used in business email compromise (BEC) attacks. The sites in question used homoglyphs to impersonate ...
Continue Reading

[On-Demand Webinar] 2021 Phishing By Industry Benchmarking Report

As a security leader, you have a lot on your plate. Even as you increase your budget for sophisticated security software, your exposure to cybercrime keeps going up. IT security seems to ...
Continue Reading

KnowBe4 Fresh Content Updates from June

Here are important fresh content updates to share with you that happened in the month of June.
Continue Reading

Social Engineering and Organizational Culture

Consistent awareness training is necessary to fend off phishing attacks, according to Keatron Evans, a principal security researcher, instructor, and author with Infosec. In an interview ...
Continue Reading

KnowBe4 Named a Leader in the Summer 2021 G2 Grid Report for Security Awareness Training

The latest G2 Grid Report compares Security Awareness Training (SAT) vendors based on user reviews, customer satisfaction, popularity and market presence.
Continue Reading

Yet Another Disk Image File Format Spotted in the Wild Used to Deliver Malware

Disguised as an invoice, cybercriminals use a Windows-supported disk image to obfuscate malware from email gateways and security scanners. The question is how viable will it be?
Continue Reading

Cybersecurity and Business Priorities Don’t Appear to Be Aligning – and That’s Bad for Your Security Stance

Despite organizational leadership believing cyber security initiatives can support business goals, the way businesses approach cybersecurity seems to prove otherwise.
Continue Reading

An Unusual Attachment is Most Likely a Phishing Campaign

A phishing campaign is using Windows Imaging Format (WIM) files to deliver malware, according to researchers at Trustwave. WIM files aren’t commonly thought of as potentially malicious, ...
Continue Reading

Misconfigured Cloud Database Increases Risk of Social Engineering

DreamHost, a major website hosting provider, exposed 814 million user account records in an unsecured database, researchers at Website Planet have found. The data exposed included a ...
Continue Reading

Threat Actors use Google Ads to Target People Migrating to Encrypted Messaging Services like Signal and Telegram

Researchers at eSentire warn that threat actors have been using Google Ads to target people migrating from WhatsApp to other encrypted messaging services, particularly Signal and Telegram.
Continue Reading

60% of Orgs Needed New Security Policies to Secure Their Remote Workforce

According to security compliance vendor ThreatSwitch in their 2021 Industrial Security Benchmark Report, organizations are waking up to the need for better awareness training.
Continue Reading

KnowBe4 Makes eSecurity Planet's Best Security Awareness Training for Employees 2021 List

Security awareness training has made leaps and bounds in the last couple of years. With the old-school approach, a few bagels and long, boring powerpoint presentations can only get you so ...
Continue Reading

Credential Stuffing in the Travel and Retail Sectors

The travel and retail sectors are the top targets for credential stuffing attacks, according to Auth0’s State of Secure Identity report. Credential stuffing is a type of brute-force ...
Continue Reading

[Heads Up] If You're an Amazon Prime Shopper, Heed This Prime Day Phishing Alert

Amazon Prime Day is approaching on June 21st with special promotions. This also mean cybercriminals are ready to strike with leveraging 'special deals' on the online days that they will ...
Continue Reading

Bad Security Habits During the Pandemic

56% of IT workers believe employees have acquired poor security habits while working remotely, according to Tessian’s Back to Work Security Behaviors report.
Continue Reading

KnowBe4 Earns 2021 Top Rated Award from TrustRadius

We are proud to announce that TrustRadius has recognized KnowBe4 with a 2021 Top Rated Award.
Continue Reading

Deal or No Deal: The Double-edged Sword of the IT Security Bundle

The concept of “bundling” has become very popular among large IT vendors over the past decade as it promises a number of benefits. 
Continue Reading

KnowBe4 Fresh Content Updates from May: Including New Mobile-First Training Modules

Here are important fresh content updates and new features to share with you that happened in the month of May.
Continue Reading

Fake Positive Reviews Mask Spoofed Browser Extensions

Malicious browser extensions often have fake positive reviews to garner trust from users, according to Brian Krebs. Krebs describes a phony Microsoft Authenticator extension in the Google ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews