Security Awareness Training Blog

Security Awareness Training Blog

Read the latest news about security awareness training, best practices, why you need it, and what happens when you don't have it in place.

Is it a Quiz Scam? Is it Bad? Is it Back With a Vengeance?

The answer to all three questions would seem to be, "yes." Quiz scams have become widespread over the past year, but they’ve gone largely unremarked, researchers at Akamai have found. ...
Continue Reading

July Fresh Content Updates from KnowBe4: Including New Recommended Training Suggestions in the ModStore

Here are a few important fresh content and feature updates to share with you for the month of July.
Continue Reading

[MOST WANTED] Criminal Hacker Of The Week: Maksim Viktorovich Yakubets

The FBI said: The United States Department of State’s Transnational Organized Crime Rewards Program is offering a reward of up to $5 million for information leading to the arrest and/or ...
Continue Reading

Introduction To KnowBe4's Services

KnowBe4 helps organizations to educate and train their employees against social engineering attacks, and carry out other required compliance training. KnowBe4 offers over 1,000 different ...
Continue Reading

The Recent Massive Twitter Social Engineering Hack Was Tried And True Pretexting

The verge reported: "Twitter provided an update about the unprecedented July 15th attack that allowed hackers to tweet from some of the most high-profile accounts on the service, in a ...
Continue Reading

Wake-up Call: New Study from PWC Exposes Terrifying End-User Security Practices that will Keep Your CISO Up at Night

I just finished reading PwC’s latest Workforce Pulse Study – and you should be scared. This study of more than 1,100 American workers provides an in-depth look at the ...
Continue Reading

[HEADS UP] North Korean Cybercriminals Use Fake Recruitment Emails in Phishing Scam

North Korean hackers have been following that bit of social engineering wisdom to a T. According to researching from McAfee, a months long phishing campaign against aerospace and defense ...
Continue Reading

[HEADS UP] Coronavirus Scams in the U.K. You Should be Wary Of

According to a recent report from BBC News, the bad guys are using the coronavirus pandemic to use social engineering to trick people out of their cash.
Continue Reading

1 in 3 Employees Rarely or Never Think About Cybersecurity

Eye-opening data around the impact of human error demonstrates how simple user mistakes can compromise your organization’s cybersecurity posture.
Continue Reading

Sawfish Spearphishing Attacks Continue, Prompting Password Resets on GitHub and DeepSource

A new wave of attacks on GitHub users via app developer DeepSource has raised concerns over access to user credentials and development code.
Continue Reading

New CONTI Ransomware Family Touts Faster Encryption, Better Obfuscation, More Control

Just when you thought ransomware couldn’t sport something new, the latest family discovered by VMware’s Threat Analysis Unit shows significant advances in capabilities and execution.
Continue Reading

Social Engineering from an Actuarial Point of View

Employees need to maintain their security habits while working from home, emphasizes Scott Godes, a partner at Barnes & Thornburg. On the CyberWire’s Caveat podcast, Godes explained ...
Continue Reading

REvil Criminal Ransomware Syndicate Attacks Spanish State-Owned Railway Operator Again!

As world-wide concern continues to grow over the threat of potential attacks on critical infrastructure, REvil goes after and bites a Railway Operator once again! The Daly Swig reports ...
Continue Reading

NEW 2020 Security Culture Survey Now Available

Now live in the ModStore is the latest version of our assessment for evaluating your information security culture, the 2020 Security Culture Survey.
Continue Reading

Vanity, Thy URL is Zoom

Zoom has fixed a security flaw that could have allowed attackers to launch hard-to-spot phishing attacks using the platform, according to researchers at Check Point who discovered and ...
Continue Reading

Are Account Takeovers Driving Towards a Passwordless Future?

The bad guys will try to take over accounts all the time. Logging onto someone's account with their credentials is usually a whole lot easier than trying to compromise the website ...
Continue Reading

Voicemail-Themed Phishing Attacks on the Rise

Researchers at Zscaler warn of an increase in voicemail-themed phishing campaigns designed to steal credentials for enterprise applications. The emails purport to be automatically ...
Continue Reading

[Heads up]  CISA And NSA Urge “Immediate Action” To Secure National Critical Infrastructure

The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have issued a joint advisory warning that foreign hackers are targeting systems that ...
Continue Reading

BEC is the Largest Cyber Threat to UK Sports Entities

The UK’s National Cyber Security Centre (NCSC) released a new report revealing that sports organizations are more than twice as likely to suffer a cyberattack than organizations in other ...
Continue Reading

[HEADS UP] Cyber Attack at University of York Steals Personal Information from Staff and Students

In a recent report by the York Press, University of York has launched an investigation after personal information of students and staff was obtained by the bad guys.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews