KnowBe4 Blog

I Can Phish Anyone

I’m a bit surprised by some aggressive corporate anti-phishing policies which say they will fire anyone for one accidental phishing offense. Send me the names and email addresses of the ...

CRN: "Kevin Mandia -- Detect Spear Phishing, Lock Down CEO Email To Stay Safe"

Michael Novinson at CRN had a great article that really explains the issues we are dealing with. He started out with: "Spear phishing remains the most common way for adversaries to ...

Simjacking is Still a Problem, British Food Writer Lost £5,000

British food writer Jack Monroe lost £5,000 due to a simjacking attack, the BBC reports. In a series of tweets, Monroe said someone had taken over her phone number and used the access to ...

It’s Baaaaaaaack! Emotet Trojan Rears Its Ugly Head Once Again After a 3-Month Vacation

One of the most dangerous pieces of malware to-date, this trojan-turned-botnet has come back after a brief hiatus and appears to be a part of a new spear phishing campaign targeting ...

Cyber Risk Remains a Top Concern for Organizations While Lacking Confidence in Addressing Cyber Threats

It appears priority and ability to execute are two very different things when it comes to dealing with cyber threats, according to the latest data from Marsh and Microsoft.

Extremely Embarrassing 250,000-record Data Breach At Hookers.nl

The data of 250,000 users of Hookers.nl, a forum where experiences with prostitutes and escorts are exchanged, have been stolen and offered for sale on the internet. It concerns e-mail ...

Why Hack When You Can Con?

Organizations Experiencing Attacks Rises by 35% as Most Consider Themselves Cyber-Novices

An increase in attacks should equate to a rise in organizational cyber-preparedness. But according to new research from U.K. cyber insurer Hiscox, organizations simply aren’t ready.

U.S. Organizations Involved with Nuclear Deterrence are the Target of North Korean Phishing Attacks

Using some very sophisticated methods, the Kimsuky group is believed to be behind a spear phishing campaign aimed at stealing U.S. secrets.

Virtual Hard Disk Images Containing Malware Are Ignored by Windows and Antivirus Engines

This disturbing find by a CERT researcher demonstrates how attackers can encode malicious files within a Virtual Hard Disk (VHD) image that acts in the same way as a ZIP archive.