60% of the US Workforce Will Be Working Remotely by 2024 (and That’s a Problem)

Sep 24, 2020 10:57:20 AM By Stu Sjouwerman

The latest data from analyst firm IDC shows massive growth in the remote workforce in the coming years – something that puts organizations at greater risk for a cyberattack.

Tribune Publishing apologizes for fake bonus offer in phishing-simulation email

Sep 24, 2020 10:29:04 AM By Stu Sjouwerman

Yesterday at the end of the day, I was called by our PR team who got alerted by tech support about a Twitter post that was going viral. Turns out a custom phishing test created by one of ...

Five Alarming Approaches to Extortion

Sep 23, 2020 8:30:10 AM By Stu Sjouwerman

People should familiarize themselves with common forms of extortion in order to avoid falling victim to these attacks, according to Amer Owaida at ESET. Ransomware might be the most ...

Credential Stuffing to Stuff the Ballot Box

Sep 22, 2020 10:20:17 AM By Stu Sjouwerman

Advanced nation-state actors and petty criminals are both leveraging credential-stuffing attacks to hack into victims’ accounts, according to Byron Acohido, writing for Avast. Rather than ...

Credential Stuffing Used Against Financial Services

Sep 21, 2020 8:27:15 AM By Stu Sjouwerman

A security alert from the FBI warns that hackers are launching credential-stuffing attacks against organizations in the financial sector, ZDNet reports.

[Announcement] KnowBe4 ModStore: New Series "Security Snapshots" from Twist & Shout

Sep 19, 2020 9:58:36 AM By Stu Sjouwerman

They've made you laugh. They've made you cry. You know and love them! Twist & Shout are here once again with a series of 12 stand-alone security micro-dramas! These Security Snapshots ...

Joint Cybersecurity Advisory Outlines Approaches to Discovering and Remediating Attacks

Sep 18, 2020 7:00:00 AM By Stu Sjouwerman

This newly-released report is the result of a collaborative effort by cybersecurity authorities in Australia, Canada, New Zealand, the United Kingdom, and the United States.

Crowdstrike: "More Cyberattacks in the First Half of 2020 Than in All of 2019"

Sep 16, 2020 10:26:18 AM By Stu Sjouwerman

According to a recent study conducted by cybersecurity firm CrowdStrike, recent threat activity throughout its customers’ networks has shown more intrusion attempts within the first half ...

How to Become a Harder Target From Malicious Threat Actors

Sep 16, 2020 8:30:35 AM By Stu Sjouwerman

The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory regarding threat actors associated with China’s Ministry of State ...

Ransomware Dominates 41% of all Cyber Insurance Claims in H1 2020

Sep 11, 2020 11:00:51 AM By Stu Sjouwerman

Just-released data from cyber insurer Coalition shows massive increases in both the frequency of ransomware attacks and the ransom demand with Maze and Ryuk leading the way.

Fake Alert Scams: Actually Unwanted Programs

Sep 10, 2020 3:05:22 PM By Stu Sjouwerman

Mobile tech support scams are on the rise, according to researchers at Sophos. These scams are similar to traditional desktop tech support scams, in that they try to frighten the user ...

They're Back: Bad Guys Spoof KnowBe4 Again

Sep 9, 2020 8:19:57 AM By Eric Howes

Earlier this week customers using the Phish Alert Button (PAB) began reporting yet another round of spoofed KnowBe4 security awareness training emails. The emails reported are fairly ...

Contact Tracing: Real and Bogus

Sep 3, 2020 8:35:54 AM By Stu Sjouwerman

Scammers are posing as COVID-19 contact tracers and attempting to trick people into handing over their payment information, NPR reports. The scammers are using phone calls, texts, and ...

[On-Demand] Stump the Shark: Ask Roger Grimes Your Most Burning IT Security Questions!

Sep 3, 2020 7:00:00 AM By Stu Sjouwerman

Have you ever wanted to pick the brain of one of the most prolific IT security experts? Now is your chance! In our “Ask Me Anything” session with Roger Grimes, Data-Driven Defense ...

New Botnet Promising Free Shoes as Phishbait

Sep 2, 2020 8:34:26 AM By Stu Sjouwerman

Researchers at WhiteOps warn that a family of malicious Android apps are spreading a new ad-fraud botnet by promising free shoes and other products to users who install the apps. The ...

Threat Group DeathStalker Uses PowerShell-based Implant Powersing to Hack into Financial Services Firms

Sep 2, 2020 8:23:15 AM By Stu Sjouwerman

Apparently focused on more intelligence gathering than taking direct malicious action against the organizations they compromise, this attack is filled with ingenuity.

August Fresh Content Updates from KnowBe4: Including New Disinformation Training Content for Your Users

Sep 2, 2020 8:16:50 AM By Stu Sjouwerman

Here are a few important feature and fresh content updates to share with you for the month of August.

The Heart has Its Reasons, but Those Shouldn't Become an Enterprise Risk

Sep 1, 2020 8:26:15 AM By Stu Sjouwerman

The FBI has warned that victims of romance scams lost $475 million in 2019, BleepingComputer reports. In Idaho alone, nearly one hundred of these victims lost more than $1 million each. ...

Phishing with Slack-Files.com: Bad Guys Find Yet Another Free Host for Malicious Files

Aug 31, 2020 9:44:00 AM By Eric Howes

Slack, the ubiquitous communication and collaboration platform, has been getting more and more attention over the past few months as a potential phishing platform and target for malicious ...

The U.K. is Under Massive Cyberattack and They Are Nowhere Near Prepared

Aug 28, 2020 4:26:35 PM By Stu Sjouwerman

New insights into the cybersecurity readiness of U.K. organizations shows cyberattacks are plentiful and costly, and there aren’t enough cybersecurity pros to help.

Security Awareness Training Blog