KnowBe4

Security Awareness Training Blog

Security Awareness Training Blog

Read the latest news about security awareness training, best practices, why you need it, and what happens when you don't have it in place.

Awareness Training is the Key to a Culture of Security

Here’s a follow-up to an earlier post of ours, with amplification of points well-worth making.
Continue Reading

It Only Takes 1 Phish: “Unremarkable” Phishing Attack Results in a Breach in the European Union’s Diplomatic Communications Network

A three-year-long cyber-attack led to the successful breach of the all communications between all EU member states, putting countries and their futures at risk.
Continue Reading

International Legal Tech Association: "KnowBe4 Is The Biggest Winner In Awareness Content"

The International Legal Technology Association is the premier peer-driven association for technologists in the legal field. The ILTA's most prestigious publication each year is their ...
Continue Reading

Phishing Kit Uses Custom Font Files to Decode Text

Researchers at Proofpoint discovered a phishing template that uses a unique method for encoding text using web fonts. The researchers found that the source code of the landing page ...
Continue Reading

Judge Calls for County Officials to Resign After Falling Victim to a $500K CEO Fraud Scam

Months after a classic fraud scam took Galveston County for $525,000, County Judge Mark Henry is now asking for the County Auditor and Purchasing Agent to resign.
Continue Reading

Malicious Business Email Campaign Uses Google Cloud Storage to Target Banks and Financial Services Companies

Researchers at Menlo Labs have spotted and tracked a new campaign aimed at tricking employees of US and UK financial firms and banks into downloading Houdini Malware.
Continue Reading

KnowBe4 Fresh Content Update & New Features December 2018

Here's a few important updates to share with you for the month of December!
Continue Reading

You Must Know What You're Clicking On Even With MFA

By Roger Grimes, KnowBe4's Data-driven Defense Evangelist.  I’ve been in computer security for over 30-years and I’ve been giving presentations nearly as long. And in that time, no talk ...
Continue Reading

Iranian Hacker Group Beats 2FA with New Phishing Campaign Targeting Google Users

A new phishing attack method shows that even the mighty two-factor authentication can be beaten without needing to possess a user’s mobile device.
Continue Reading

Real Estate Transactions are Increasingly Vulnerable to CEO Fraud

The real estate industry is a particularly attractive target for BEC (Business Email Compromise—also known as CEO Fraud—attacks, according to FBI spokesman David Fitz. Fitz told The ...
Continue Reading

UK Companies Cite a Lack of Cybersecurity Support from the Government

With cyberattacks occurring at such a regular frequency, UK organizations are desiring for the government to provide guidance and support on how to prepare for and address attacks.
Continue Reading

These Incredibly Realistic Fake Faces Show How AI Can Now Mess With Us

This starts to be more than a bit concerning. The faces in this post look like pretty normal humans. They could be social media shots. However, they were generated by a recent type of ...
Continue Reading

Ransomware Recovery Expert Scams Victims and Turns Out to be Nothing More than a Bitcoin Middleman

Organizations falling victim to ransomware look for any way to ensure they get their files back. One Belasurian businessman promises decryption but is merely conning victims out of more ...
Continue Reading

WARNING: Your Head of Finance May Be 1 of 50,000 Execs Targeted in BEC Scams

According to a report from email security & protection vendor Agari, the cybercriminal group dubbed London Blue are directing their latest scams at very specific finance execs.
Continue Reading

Giveaway Scam Offers Free Volkswagens to Generate Ad Revenue

A scam campaign is promising free Volkswagen car giveaways to trick social media users into visiting third-party ad servers, according to researchers at Sucuri.
Continue Reading

A Call for More Consumer Privacy Laws Could Spell Penalties in Your Future

In the wake of the Marriott data breach, U.S. senators are calling for tougher privacy laws and stiff fines for organizations that do not properly protect consumer data.
Continue Reading

Scammers are Posing as Huawei’s Captive CFO

An advance fee scam is targeting individuals in China following the arrest of Huawei’s CFO, Meng Wanzou, according to the SANS Internet Storm Center. Ms. Meng, who is also the daughter of ...
Continue Reading

Half of Management Teams Don’t Understand Business Process Compromise

A new survey by Trend Micro reveals that 43% of organizations in twelve countries have been affected by Business Process Compromise (BPC) attacks. In spite of this, 50% of management ...
Continue Reading

Employee Education and Training is a Key Component of a Culture of Security

Organizations need to focus on education and training rather than blaming employees for security gaffes, according to the speakers in a panel debate at Computing′s Enterprise Security and ...
Continue Reading

Cybercriminals Use 1.7 Million Compromised PCs in Botnet Advertising Fraud Scam

The Russian-born, botnet-driven advertising fraud scam, 3ve, generated over $29 million in revenue using fileless malware variant Kovter, botnets, and unsuspecting users.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews