KnowBe4 Blog

Security Awareness Training

Read the latest news about security awareness training, best practices, why you need it, and what happens when you don't have it in place.

Business Email Compromise Attack Uses a “Man-in-the-Middle” Email Attack to Steal $1M

Dubbed the “ultimate” Man-in-the-Middle attack by security researchers at Checkpoint, this CEO fraud attack shows how brazen cybercriminals can be – and how organizations need to be ...

Ransomware Attacks Step Up their Game and Now Look for NAS Devices

It used to be that ransomware just looked for office files. Then backups became a secondary victim. New data from Kaspersky shows NAS devices are being added as targets.

New TrickBot Malware Attack Leverages Google Drive to Deliver Its Payload and Ensure Infection

New details from Palo Alto Network’s Unit 42 research team show TrickBot rearing its ugly head once again, using legitimate cloud services – and employee greed – as its path to success. ...

Penn State Warns of Spear Phishing Attacks

Penn State is warning its community about a recent spike in phishing attacks targeting the university’s employees. Attackers are sending emails posing as real Penn State employees and ...

Security Generation Gaps

People from different generations tend to approach cybersecurity differently. Organizations should tailor their security programs and phishing tests with this in mind. According to Azeem ...

Announcing A New 8-Minute Training Module - Social Media: Staying Secure in a Connected World

As you probably know, social media is the number one place that attackers can get intel about your organization to make their "hacking of your humans" more effective. We have been hearing ...

U.S. Government Issues Warning About Possible Iranian Cyberattacks

Christopher C. Krebs, Director of Cybersecurity and Infrastructure Security Agency issued a warning about a potential new wave of Iranian cyber-attacks targeting U.S. assets after Maj. ...

Seven Kinds of Malware, and all Arrive by Social Engineering

Naked Security outlines seven different categories of malware and describes how each of them through social engineering techniques can affect your organization. Some or all of these ...

Global Climate Change Phishbait

A number of phishing campaigns have been using Christmas-themed emails encouraging recipients to support climate activist Greta Thunberg, according to Paul Ducklin at Naked Security. ...

Wawa Data Breach Class Action Filed

There was a massive data breach suffered by Wawa, a convenience store chain of more than 850 stores around the country. Wawa had recently disclosed that it had suffered a data breach that ...