KnowBe4’s Automated Security Awareness Program Builder Now Available in Nine Languages

Aug 17, 2021 9:26:20 AM By Stu Sjouwerman

Now that the KnowBe4 Security Awareness Training and Simulated Phishing Platform is available in nine localized languages, starting your organization's security awareness training program ...

Words of Advice for Organizations on Cybersecurity Best Practices

Aug 13, 2021 9:27:56 AM By Stu Sjouwerman

We recently attended Black Hat USA 2021 this year and Erich Kron, Security Awareness Advocate for KnowBe4, sat down with Cybersecurity Ventures to give words of advice for all ...

Your KnowBe4 Fresh Content Updates from July

Aug 6, 2021 3:35:34 PM By Stu Sjouwerman

With 25 new pieces of training content added this month, check out the always fresh content update highlights and new features from the month of July.

12 Steps to a Security Ignorance Program

Aug 6, 2021 9:25:03 AM By Javvad Malik

Most people working for organisations have been exposed at some point in their careers to security awareness programs. Some of these programs are well-executed and delivered, while others ...

79% of Employees Have Knowingly Engaged in Risky Online Activities in the Past Year

Aug 4, 2021 1:59:07 PM By Stu Sjouwerman

With employees not believing that it’s important to personally worry about cyber security risks, they also tend to believe they’re not a target, new data suggest as the reason for the ...

Remote Employees Adopt Bad Cybersecurity Habits While Working from Home

Jul 23, 2021 8:24:43 AM By Stu Sjouwerman

A new report focused on businesses looking to bring employees back to the office makes it very clear that security leaders are concerned, as remote workers have been anything but secure.

Microsoft Takes Down Homoglyph Domains

Jul 22, 2021 10:44:51 AM By Stu Sjouwerman

Microsoft has taken legal action to shut down eighteen domains that were being used in business email compromise (BEC) attacks. The sites in question used homoglyphs to impersonate ...

[On-Demand Webinar] 2021 Phishing By Industry Benchmarking Report

Jul 19, 2021 8:00:00 AM By Stu Sjouwerman

As a security leader, you have a lot on your plate. Even as you increase your budget for sophisticated security software, your exposure to cybercrime keeps going up. IT security seems to ...

KnowBe4 Fresh Content Updates from June

Jul 9, 2021 10:13:30 AM By Stu Sjouwerman

Here are important fresh content updates to share with you that happened in the month of June.

Social Engineering and Organizational Culture

Jul 8, 2021 9:40:03 AM By Stu Sjouwerman

Consistent awareness training is necessary to fend off phishing attacks, according to Keatron Evans, a principal security researcher, instructor, and author with Infosec. In an interview ...

Yet Another Disk Image File Format Spotted in the Wild Used to Deliver Malware

Jun 29, 2021 2:00:41 PM By Stu Sjouwerman

Disguised as an invoice, cybercriminals use a Windows-supported disk image to obfuscate malware from email gateways and security scanners. The question is how viable will it be?

Cybersecurity and Business Priorities Don’t Appear to Be Aligning – and That’s Bad for Your Security Stance

Jun 29, 2021 9:37:51 AM By Stu Sjouwerman

Despite organizational leadership believing cyber security initiatives can support business goals, the way businesses approach cybersecurity seems to prove otherwise.

An Unusual Attachment is Most Likely a Phishing Campaign

Jun 29, 2021 9:37:48 AM By Stu Sjouwerman

A phishing campaign is using Windows Imaging Format (WIM) files to deliver malware, according to researchers at Trustwave. WIM files aren’t commonly thought of as potentially malicious, ...

Misconfigured Cloud Database Increases Risk of Social Engineering

Jun 28, 2021 8:49:19 AM By Stu Sjouwerman

DreamHost, a major website hosting provider, exposed 814 million user account records in an unsecured database, researchers at Website Planet have found. The data exposed included a ...

Threat Actors use Google Ads to Target People Migrating to Encrypted Messaging Services like Signal and Telegram

Jun 24, 2021 10:34:26 AM By Stu Sjouwerman

Researchers at eSentire warn that threat actors have been using Google Ads to target people migrating from WhatsApp to other encrypted messaging services, particularly Signal and Telegram.

60% of Orgs Needed New Security Policies to Secure Their Remote Workforce

Jun 24, 2021 8:33:36 AM By Stu Sjouwerman

According to security compliance vendor ThreatSwitch in their 2021 Industrial Security Benchmark Report, organizations are waking up to the need for better awareness training.

KnowBe4 Makes eSecurity Planet's Best Security Awareness Training for Employees 2021 List

Jun 21, 2021 3:47:18 PM By Stu Sjouwerman

Security awareness training has made leaps and bounds in the last couple of years. With the old-school approach, a few bagels and long, boring powerpoint presentations can only get you so ...

Credential Stuffing in the Travel and Retail Sectors

Jun 21, 2021 10:34:53 AM By Stu Sjouwerman

The travel and retail sectors are the top targets for credential stuffing attacks, according to Auth0’s State of Secure Identity report. Credential stuffing is a type of brute-force ...

[Heads Up] If You're an Amazon Prime Shopper, Heed This Prime Day Phishing Alert

Jun 17, 2021 10:00:25 AM By Stu Sjouwerman

Amazon Prime Day is approaching on June 21st with special promotions. This also mean cybercriminals are ready to strike with leveraging 'special deals' on the online days that they will ...

Bad Security Habits During the Pandemic

Jun 17, 2021 8:56:44 AM By Stu Sjouwerman

56% of IT workers believe employees have acquired poor security habits while working remotely, according to Tessian’s Back to Work Security Behaviors report.

Security Awareness Training Blog