Security Awareness Training Blog

Security Awareness Training Blog

Read the latest news about security awareness training, best practices, why you need it, and what happens when you don't have it in place.

Researchers Warn of EtterSilent Facilitating Risky Malware Delivery

Cybercriminals are using a new malicious document builder dubbed “EtterSilent,” according to researchers at Intel 471. The builder is used to craft Microsoft Office documents with macros ...
Continue Reading

Lazarus Group Uses New Technique to Avoid Detection

North Korea’s Lazarus group is using an interesting method to evade security measures, according to researchers at Malwarebytes. The threat actor is sending phishing emails with malicious ...
Continue Reading

Evil Corp Tries to Work Around U.S. Treasury Sanctions Using Hades Ransomware

The cybercriminal group linked to over $100 Million in financial damages has pivoted their execution strategy to bypass sanctions that prevent U.S. companies from paying them ransom.
Continue Reading

Mobile is a Problem: 97% of Organizations Experienced Mobile Attacks in 2020

Everything from applications, social apps, OS vulnerabilities and even mobile device management acted as initial attack vectors troubling nearly every single organization globally.
Continue Reading

Cybercriminals Use Job-Specific Social Media Platforms to Target UK Citizens With Fake Accounts

At least 10,000 UK citizens have been targeted by nation-state actors via fake LinkedIn accounts over the past five years, the BBC reports. Ken McCallum, Director-General of MI5, said ...
Continue Reading

A Legitimate Charity Prompts Scam Imitators

Scammers are impersonating philanthropist Mackenzie Scott, the billionaire ex-wife of Jeff Bezos, the New York Times reports. Scott prefers to give money directly and contacts charities ...
Continue Reading

FBI Obtains Authorization to Access US Servers to Remove Webshells Due to Exchange Vulnerability

Your server could have been compromised and the FBI was trying to mitigate the issue without you even knowing it yet.
Continue Reading

Forrester TEI Study Shows KnowBe4 Can Deliver a Customer ROI of 276% with a Less Than 3-Month Payback

KnowBe4 commissioned Forrester Consulting to conduct a Total Economic Impact™ (TEI) study, examining the potential Return on Investment (ROI) enterprises might realize by implementing the ...
Continue Reading

Eavesdrop on the Back-and-Forth of Negotiating with a Criminal Ransomware Organization

Details around the recent successful ransomware attack on fashion retailer FatFace provide some insight into what you should expect when you become a victim.
Continue Reading

[New Benchmarking Feature] Compare Your Organization’s Security Awareness Proficiency with Other Companies in Your Industry

We are excited to announce that the KnowBe4 Industry Benchmarking feature has been expanded to now include industry benchmark comparison data for Security Awareness Proficiency Assessment ...
Continue Reading

3 Ways To Protect Your Identity Online

Within security awareness training programs, cybersecurity experts promote various tactics and best practices to implement within personal and work environments to protect your identities ...
Continue Reading

[HEADS UP] DocuSign Issues Alert of Malicious New Hacking Tool

Earlier this week, DocuSign issued an alert that notified users of a new hacking tool. This tool is imitating DocuSign so then the bad guys can drop malware into victims' systems.
Continue Reading

H Layer Credentialing Announces Security Awareness and Culture Professional (SACP)® Certification

This is a very exciting development for the Cyber Security industry as a whole and particularly those of us that believe that Security Awareness Training is a critical step in a complete ...
Continue Reading

Australian Organizations Increase Cyber Security Spend to Nearly A$5B in 2021

The rise in cyberattacks in Australia is seeing its natural result – organisations realizing the need to put more budget focused on cybersecurity, with the largest portion going towards ...
Continue Reading

The Digital Workplace is a Cybersecurity Disaster!

New data reviewing how the 2020 shift to a remote workforce impacted organizational security shows all too well that since the pandemic onset, cybersecurity has become critically worse.
Continue Reading

APT Group Use Voice-Changing Software to Impersonate Women as Part of Espionage Attacks

The middle eastern threat group known as APT-C-23 are targeting male soldiers in the Israel Defense Forces in an attempt to get their victims to download and install malware.
Continue Reading

LinkedIn Data of 500 Million Users Hacked, Up For Sale: Report

Microsoft-owned social network LinkedIn is reportedly the latest victim of a massive data breach where data of 500 million user profiles has been allegedly leaked by cybercriminals. The ...
Continue Reading

[Security Culture Report 2021] A Global Security Culture Perspective During a Pandemic

The 2021 KnowBe4 Security Culture Report is the largest study of its kind, measuring organizations' security cultures and surveying more than 320,000 employees across 1,872 organizations ...
Continue Reading

Key Findings From the 2021 SANS Security Awareness Report

Like most security professionals, there are a few industry reports that I really look forward to reading each year. Pretty high on that list is the SANS Security Awareness report. SANS ...
Continue Reading

[HEADS UP] Millions of Facebook Users' Personal Information Has Been Leaked Online

A hacking forum recently published over 553 million personal data of Facebook users. The type of exposed data ranged from phone numbers, Facebook ID's, full names, locations, birthdates, ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews