Security Awareness Training Blog

Security Awareness Training Blog

Read the latest news about security awareness training, best practices, why you need it, and what happens when you don't have it in place.

Beware of Bogus Roborock Retailers: The Perils of Misleading URLs in E-Commerce

Roborock's online storefronts have been used for cybercrime schemes in the past, and it seems attackers are continuing to create fake online shops. After all, the Chinese-originated robot ...
Continue Reading

New Cyber Attack Techniques Will Not Replace Old-School Social Engineering

Even though there are new attack types for cybercriminals, they are still leveraging old-school attack vectors. Why? Because they still work.
Continue Reading

Business Email Compromise Attempts Skyrocket in the Last Year

Threat actors launched 156,000 business email compromise (BEC) attempts per day between April 2022 and April 2023, according to Microsoft’s latest Digital Defense Report. While most of ...
Continue Reading

KnowBe4 Named a Leader in the Fall 2023 G2 Grid Report for Security Awareness Training

We are thrilled to announce that KnowBe4 has been named a leader in the latest G2 Grid Report that compares security awareness training (SAT) vendors based on user reviews, customer ...
Continue Reading

Register for KB4-CON EMEA 2023 Now!

Exciting news, registration for KB4-CON EMEA 2023 is open!
Continue Reading

Ransomware Attack Dwell Time Drops by 77% to Under 24 Hours

As attackers evolve their toolsets and processes, the significant drop in dwell time signifies a much higher risk to organizations that now have less time to detect and respond to initial ...
Continue Reading

One Out of Five Organizations Must Improve Their Security Posture to be Eligible for Cyber Insurance

As insurers become more educated on what a “secure organization” looks like, they are tightening their requirements that puts the onus on organizations to be more secure.
Continue Reading

Clorox Experiences Significant Financial Loss Stemming From Recent Cyber Attack

American global manufacturer of cleaning products Clorox stated that recent sales and profit loss were related to a cyber attack.
Continue Reading

New Gartner Forecast Shows Global Security and Risk Management Spending to Increase by 14% in 2024

Gartner issued a press release that forecasted global security and risk management end-user spending to reach $188.1 billion, along with worldwide end-user spending on security and risk ...
Continue Reading

Senior Executives Beware: The Rise of EvilProxy Phishing Campaigns

Menlo Security warns that a social engineering campaign is using the EvilProxy phishing kit to target senior executives across a range of industries, including banking and financial ...
Continue Reading

Open-Source Intelligence (OSINT): Learn the Methods Bad Actors Use to Hack Your Organization

They are out there, watching and waiting for an opportunity to strike; the bad actors who have carefully researched your organization in order to set the perfect trap using easily found ...
Continue Reading

Generative AI and the Automation of Social Engineering Increasingly Used By Threat Actors

Threat actors continue to use generative AI tools to craft convincing social engineering attacks, according to Glory Kaburu at Cryptopolitan.
Continue Reading

Lazarus Attack on Spanish Aerospace Company Started with Messages from Phony Meta Recruiters

A recent attack on an undisclosed Spanish aerospace company all started with messages to the company's employees that appeared to be coming from Meta recruiters, via LinkedIn Messaging. ...
Continue Reading

New SMS Phishing Campaign Impersonating The US Postal Service

DomainTools is tracking an increase in SMS phishing (or “smishing”) campaigns impersonating the US Postal Service (USPS). The text messages inform recipients that there’s a problem with ...
Continue Reading

Security Awareness Is Dead. Long Live Security Awareness

Our actions determine outcomes, not our thoughts, our knowledge, or our intentions.
Continue Reading

Your KnowBe4 Fresh Content Updates from September 2023

Check out the 66 new pieces of training content added in September, alongside the always fresh content update highlights, events and new features.
Continue Reading

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.
Continue Reading

Ransomware Now Considered a “Crisis” in the Financial Services Sector

A recent panel discussion of banking CISOs and experts at the SIBOS conference focused on the current state of ransomware and what institutions should do to protect themselves.
Continue Reading

It’s Official – Generative AI Has Made Phishing Emails Foolproof

The most basic use of tools like ChatGPT to script out professional-looking emails has all but eliminated improperly written content as an indicator of a potential phishing scam.
Continue Reading

Threat Group UNC3944 Continues to See Success Using Text-Based Social Engineering

A new update on UNC3944 group's activities shows how they are evolving their focus squarely on SMiShing credential harvesting attacks that result in data theft/extortion attacks.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews