One Out of Five Organizations Must Improve Their Security Posture to be Eligible for Cyber Insurance

Oct 9, 2023 8:16:12 AM By Stu Sjouwerman

As insurers become more educated on what a “secure organization” looks like, they are tightening their requirements that puts the onus on organizations to be more secure.

Clorox Experiences Significant Financial Loss Stemming From Recent Cyber Attack

Oct 6, 2023 9:53:51 AM By Stu Sjouwerman

American global manufacturer of cleaning products Clorox stated that recent sales and profit loss were related to a cyber attack.

New Gartner Forecast Shows Global Security and Risk Management Spending to Increase by 14% in 2024

Oct 5, 2023 3:26:29 PM By Stu Sjouwerman

Gartner issued a press release that forecasted global security and risk management end-user spending to reach $188.1 billion, along with worldwide end-user spending on security and risk ...

Senior Executives Beware: The Rise of EvilProxy Phishing Campaigns

Oct 5, 2023 8:20:01 AM By Stu Sjouwerman

Menlo Security warns that a social engineering campaign is using the EvilProxy phishing kit to target senior executives across a range of industries, including banking and financial ...

Open-Source Intelligence (OSINT): Learn the Methods Bad Actors Use to Hack Your Organization

Oct 4, 2023 10:55:26 AM By Stu Sjouwerman

They are out there, watching and waiting for an opportunity to strike; the bad actors who have carefully researched your organization in order to set the perfect trap using easily found ...

Generative AI and the Automation of Social Engineering Increasingly Used By Threat Actors

Oct 3, 2023 10:43:44 AM By Stu Sjouwerman

Threat actors continue to use generative AI tools to craft convincing social engineering attacks, according to Glory Kaburu at Cryptopolitan.

Lazarus Attack on Spanish Aerospace Company Started with Messages from Phony Meta Recruiters

Oct 2, 2023 12:29:11 PM By Stu Sjouwerman

A recent attack on an undisclosed Spanish aerospace company all started with messages to the company's employees that appeared to be coming from Meta recruiters, via LinkedIn Messaging. ...

New SMS Phishing Campaign Impersonating The US Postal Service

Oct 2, 2023 10:45:00 AM By Stu Sjouwerman

DomainTools is tracking an increase in SMS phishing (or “smishing”) campaigns impersonating the US Postal Service (USPS). The text messages inform recipients that there’s a problem with ...

Security Awareness Is Dead. Long Live Security Awareness

Sep 29, 2023 4:47:31 PM By Martin Kraemer

Our actions determine outcomes, not our thoughts, our knowledge, or our intentions.

Your KnowBe4 Fresh Content Updates from September 2023

Sep 29, 2023 9:00:00 AM By Stu Sjouwerman

Check out the 66 new pieces of training content added in September, alongside the always fresh content update highlights, events and new features.

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

Sep 29, 2023 8:00:00 AM By Stu Sjouwerman

Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.

Ransomware Now Considered a “Crisis” in the Financial Services Sector

Sep 28, 2023 4:20:16 PM By Stu Sjouwerman

A recent panel discussion of banking CISOs and experts at the SIBOS conference focused on the current state of ransomware and what institutions should do to protect themselves.

It’s Official – Generative AI Has Made Phishing Emails Foolproof

Sep 28, 2023 4:20:04 PM By Stu Sjouwerman

The most basic use of tools like ChatGPT to script out professional-looking emails has all but eliminated improperly written content as an indicator of a potential phishing scam.

Threat Group UNC3944 Continues to See Success Using Text-Based Social Engineering

Sep 28, 2023 4:19:51 PM By Stu Sjouwerman

A new update on UNC3944 group's activities shows how they are evolving their focus squarely on SMiShing credential harvesting attacks that result in data theft/extortion attacks.

Pharma Industry Seeing Reduction in Data Breach Costs, But Still Have Much to Do

Sep 28, 2023 4:19:36 PM By Stu Sjouwerman

Insights from IBM’s Cost of a Data Breach Report on the Pharmaceutical Industry shows that while the overall cost has improved, there are clear areas of risk that need to be addressed.

Facebook Messenger Becomes the Delivery Mechanism for Infostealer Malware Attack

Sep 28, 2023 4:19:23 PM By Stu Sjouwerman

Millions of business accounts on Facebook are the target of a new malware attack, which is seeing a success rate of 1 out of 70, causing concern for the security of corporate credentials.

How Zero-Point Fonts in Phishing Emails Make Them Look Safe

Sep 28, 2023 12:56:43 PM By Stu Sjouwerman

Attackers are using zero-point fonts to make phishing emails appear as though they’ve been verified by security scanners, BleepingComputer reports.

New Threat Actor Impersonates the Red Cross to Deliver Malware

Sep 28, 2023 9:17:22 AM By Stu Sjouwerman

Researchers at NSFOCUS are tracking a phishing campaign by a new threat actor called “AtlasCross” that’s impersonating the Red Cross in order to deliver malware.

[LIVE DEMO] Are Your Users Making Risky Security Mistakes? Deliver Real-Time Coaching in Response to Risky User Behavior with SecurityCoach

Sep 28, 2023 8:15:00 AM By Stu Sjouwerman

Do you need an easy, automated way to provide real-time feedback the moment your users make risky mistakes to help reinforce the training campaigns you manage today?

Why BJ Fogg and Daniel Kahneman Are Big Security Pro Must-Knows

Sep 27, 2023 8:47:40 AM By Stu Sjouwerman

You're no stranger to the complexities of safeguarding your organization's digital assets. But have you considered the human element in your security equation? Behavioral economics, ...

Security Awareness Training Blog