Introduction To KnowBe4's Services

Jul 31, 2020 2:30:01 PM By Stu Sjouwerman

KnowBe4 helps organizations to educate and train their employees against social engineering attacks, and carry out other required compliance training. KnowBe4 offers over 1,000 different ...

The Recent Massive Twitter Social Engineering Hack Was Tried And True Pretexting

Jul 31, 2020 11:50:57 AM By Stu Sjouwerman

The verge reported: "Twitter provided an update about the unprecedented July 15th attack that allowed hackers to tweet from some of the most high-profile accounts on the service, in a ...

Wake-up Call: New Study from PWC Exposes Terrifying End-User Security Practices that will Keep Your CISO Up at Night

Jul 31, 2020 7:32:56 AM By Perry Carpenter

I just finished reading PwC’s latest Workforce Pulse Study – and you should be scared. This study of more than 1,100 American workers provides an in-depth look at the ...

[HEADS UP] North Korean Cybercriminals Use Fake Recruitment Emails in Phishing Scam

Jul 31, 2020 7:00:00 AM By Stu Sjouwerman

North Korean hackers have been following that bit of social engineering wisdom to a T. According to researching from McAfee, a months long phishing campaign against aerospace and defense ...

[HEADS UP] Coronavirus Scams in the U.K. You Should be Wary Of

Jul 29, 2020 1:06:20 PM By Stu Sjouwerman

According to a recent report from BBC News, the bad guys are using the coronavirus pandemic to use social engineering to trick people out of their cash.

1 in 3 Employees Rarely or Never Think About Cybersecurity

Jul 29, 2020 11:36:24 AM By Stu Sjouwerman

Eye-opening data around the impact of human error demonstrates how simple user mistakes can compromise your organization’s cybersecurity posture.

Sawfish Spearphishing Attacks Continue, Prompting Password Resets on GitHub and DeepSource

Jul 29, 2020 11:34:04 AM By Stu Sjouwerman

A new wave of attacks on GitHub users via app developer DeepSource has raised concerns over access to user credentials and development code.

New CONTI Ransomware Family Touts Faster Encryption, Better Obfuscation, More Control

Jul 29, 2020 11:29:52 AM By Stu Sjouwerman

Just when you thought ransomware couldn’t sport something new, the latest family discovered by VMware’s Threat Analysis Unit shows significant advances in capabilities and execution.

Social Engineering from an Actuarial Point of View

Jul 29, 2020 8:32:40 AM By Stu Sjouwerman

Employees need to maintain their security habits while working from home, emphasizes Scott Godes, a partner at Barnes & Thornburg. On the CyberWire’s Caveat podcast, Godes explained ...

REvil Criminal Ransomware Syndicate Attacks Spanish State-Owned Railway Operator Again!

Jul 28, 2020 3:43:13 PM By Stu Sjouwerman

As world-wide concern continues to grow over the threat of potential attacks on critical infrastructure, REvil goes after and bites a Railway Operator once again! The Daly Swig reports ...

NEW 2020 Security Culture Survey Now Available

Jul 28, 2020 11:15:00 AM By Stu Sjouwerman

Now live in the ModStore is the latest version of our assessment for evaluating your information security culture, the 2020 Security Culture Survey.

Vanity, Thy URL is Zoom

Jul 28, 2020 8:23:32 AM By Stu Sjouwerman

Zoom has fixed a security flaw that could have allowed attackers to launch hard-to-spot phishing attacks using the platform, according to researchers at Check Point who discovered and ...

Are Account Takeovers Driving Towards a Passwordless Future?

Jul 27, 2020 10:00:39 AM By Javvad Malik

The bad guys will try to take over accounts all the time. Logging onto someone's account with their credentials is usually a whole lot easier than trying to compromise the website ...

Voicemail-Themed Phishing Attacks on the Rise

Jul 27, 2020 8:21:37 AM By Stu Sjouwerman

Researchers at Zscaler warn of an increase in voicemail-themed phishing campaigns designed to steal credentials for enterprise applications. The emails purport to be automatically ...

[Heads up] CISA And NSA Urge “Immediate Action” To Secure National Critical Infrastructure

Jul 25, 2020 11:05:53 AM By Stu Sjouwerman

The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have issued a joint advisory warning that foreign hackers are targeting systems that ...

BEC is the Largest Cyber Threat to UK Sports Entities

Jul 24, 2020 8:55:13 AM By Stu Sjouwerman

The UK’s National Cyber Security Centre (NCSC) released a new report revealing that sports organizations are more than twice as likely to suffer a cyberattack than organizations in other ...

[HEADS UP] Cyber Attack at University of York Steals Personal Information from Staff and Students

Jul 23, 2020 12:50:24 PM By Stu Sjouwerman

In a recent report by the York Press, University of York has launched an investigation after personal information of students and staff was obtained by the bad guys.

Don't Overlook Policy When Designing Security

Jul 23, 2020 8:30:53 AM By Stu Sjouwerman

There’s no single defense against phishing and other social engineering attacks, according to Kevin O’Brien, CEO and co-founder of email security company GreatHorn. On the CyberWire’s ...

I Testified Before U.S. Congress About COVID-19 Phishing Scams

Jul 22, 2020 8:51:55 PM By Stu Sjouwerman

Yesterday, July 21, 2020 I testified before U.S. congress about COVID-19 phishing scams. I was invited by the Senate Commerce Committee's subcommittee on manufacturing, trade, and ...

KnowBe4 Releases New Training Module: Face Masks At Work: 8 Essential Tips

Jul 22, 2020 1:58:03 PM By Stu Sjouwerman

Our team has been working on building a whole new course library of new compliance topics that will likely release sometime in 2021.

Security Awareness Training Blog