Use of Malicious Links Surges by 133% in Q1, Setting the Tone for the First Half of 2024

Sep 9, 2024 4:45:46 PM By Stu Sjouwerman

Threat actors are opting for malicious links over attachments in email-based attacks because it gives them a critical advantage that many solutions can’t address.

Threat Actors Increasingly Exploit Deepfakes for Social Engineering

Sep 4, 2024 11:10:59 AM By Stu Sjouwerman

The availability of deepfake technology has given threat actors a valuable tool for social engineering attacks, according to researchers at BlackBerry.

[Security Masterminds Podcast] The Human Side of Cybersecurity: Bridging the Gap with Empathy and Strategy

Sep 4, 2024 10:58:25 AM By James McQuiggan

In cybersecurity, technology often takes center stage. From the latest AI-driven defenses to sophisticated encryption techniques, it's easy to overlook the most crucial element: the human ...

Organizations in the Middle East Targeted By Malware Impersonating Palo Alto GlobalProtect VPN

Sep 3, 2024 2:46:10 PM By Stu Sjouwerman

A social engineering campaign is targeting entities in the Middle East using malware that impersonates Palo Alto Networks’ GlobalProtect VPN, according to researchers at Trend Micro.

Your KnowBe4 Compliance Plus Fresh Content Updates from August 2024

Sep 3, 2024 8:00:00 AM By Stu Sjouwerman

Check out the August updates in Compliance Plus so you can stay on top of featured compliance training content.

Scammers Use Fake Funeral LiveStream Social Media Posts to Extort Victims

Aug 30, 2024 12:03:13 PM By Stu Sjouwerman

In a troubling new low, cybercriminals are targeting individuals grieving the loss of a loved one by charging their credit cards with excessive fees through a heartless scam. According to ...

Your KnowBe4 Fresh Content Updates from August 2024

Aug 30, 2024 8:00:00 AM By Stu Sjouwerman

Check out the 29 new pieces of training content added in August, alongside the always fresh content update highlights, events and new features.

More Carrots and Fewer Sticks

Aug 27, 2024 7:30:00 AM By Roger Grimes

This blog was co-written by Perry Carpenter and Roger A. Grimes. As I sit in the 2024 Seattle Convene conference this week and listen to speaker after speaker talk about their successful ...

Business Email Compromise Scams Rise 20%, Making up Nearly Half of all Spam Emails

Aug 23, 2024 3:07:33 PM By Stu Sjouwerman

New research on email threats points to AI-based tools to assist in generating BEC content. And the overwhelming targeted role may or may not surprise you.

The Number of Email-Based Cyber Attacks Detected Surge 239% in 1H 2024

Aug 23, 2024 3:07:30 PM By Stu Sjouwerman

New data shows the most prevalent and obvious path into an organization – email – continues to be exploited by a growing number of cybercriminals.

Malvertising Campaign Impersonates Dozens of Google Products

Aug 23, 2024 8:48:25 AM By Stu Sjouwerman

A malvertising campaign is abusing Google ads to impersonate Google’s entire product line, according to researchers at Malwarebytes. The malicious ads are designed to lure victims into a ...

Phishing Scammers Leverage Microsoft Dynamics 365 to Target US Government Contractors

Aug 21, 2024 4:02:07 PM By Stu Sjouwerman

Analysis of a phishing campaign targeting thousands of government contractors, dubbed “Operation Uncle Sam,” takes advantage of some sophisticated steps to avoid detection.

Ransomware Group Known as ‘Royal’ Rebrands as BlackSuit and Is Leveraging New Attack Methods

Aug 19, 2024 8:34:46 AM By Stu Sjouwerman

The ransomware threat group formerly known as "Royal" has rebranded itself as BlackSuit and updated their attack methods, warns the FBI.

Is Disabling Clickable URL Links Enough?

Aug 19, 2024 8:34:42 AM By Roger Grimes

Recently, we had a customer reach out to ask if disabling clickable uniform resource locator (URL) links in emails was enough protection by itself to potentially not need employee ...

Ransomware Payments Decline While Data Exfiltration Payments Are On The Rise

Aug 15, 2024 12:28:35 PM By Stu Sjouwerman

The latest data from Coveware shows a slowing of attack efficacy, a decrease in ransom payments being made, and a shift in initial access tactics.

Summer Lovin' or Summer Scammin'?

Aug 13, 2024 1:54:34 PM By Javvad Malik

Summer. The season of sun, sand, and romance scams. As the weather heats up, so does the activity of romance scammers, who prey on the vulnerabilities of those seeking love and ...

62% of Phishing Emails Bypassed DMARC Checks in 1H of 2024

Aug 7, 2024 3:32:01 PM By Stu Sjouwerman

A report from Darktrace has found that 62% of phishing emails in the first half of 2024 were able to bypass DMARC verification checks in order to reach users’ inboxes.

“Pastejacking” Attacks Are Becoming a Thing (Because Users are Falling for Them)

Aug 7, 2024 3:29:49 PM By Stu Sjouwerman

New analysis shows users can be convinced to copy and paste malicious code on behalf of the attacker.

New Research: Smaller Companies Receiving Higher Rates Of Phishing Emails

Aug 2, 2024 9:44:44 AM By Stu Sjouwerman

Researchers at Barracuda have found that smaller companies tend to receive a higher rate of phishing attacks spread across the organization, according to a report looking at the phishing ...

KnowBe4 Named a Leader in the Summer 2024 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR) Software

Aug 1, 2024 8:00:00 AM By Stu Sjouwerman

We are excited to announce that KnowBe4 has been named a leader in the Summer 2024 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR) for the PhishER platform for ...

Security Awareness Training Blog