[EXCLUSIVE] Indian Cyber Firm Spied on Investors and Politicians Across the Globe

Jun 9, 2020 8:51:41 AM By Stu Sjouwerman

A little-known Indian IT firm offered its phishing services to help clients spy on more than 10,000 email accounts over a period of seven years.

Why BEC Punches Above Its Weight

Jun 9, 2020 8:27:09 AM By Stu Sjouwerman

Business email compromise (BEC) attacks are particularly insidious because they don’t use malware payloads or malicious URLs. That’s a reminder from Evan Reiser, CEO and co-founder of ...

Hurricane Season Means Disaster-Related Scams

Jun 9, 2020 7:00:00 AM By Stu Sjouwerman

June 1 marks the official start of the 2020 Atlantic hurricane season. The Cybersecurity and Infrastructure Security Agency (CISA) warns users to remain on alert for malicious cyber ...

Security Awareness is the Biggest Security Challenge for Remote Workforces

Jun 8, 2020 11:41:03 AM By Stu Sjouwerman

As the dust from enabling employees to work remotely has settles, new data from security vendor PulseSecure highlights where remote security has been – and still is – a challenge.

Why People Don't Learn (It's Not Always Their Fault)

Jun 8, 2020 8:27:48 AM By Stu Sjouwerman

IT and security managers often fail to understand how well their employees actually absorb cybersecurity training, according to a survey from Mimecast and Forrester Consulting. The survey ...

May Content Update: Including New When You Report, We Get Stronger Video Series

Jun 5, 2020 8:00:00 AM By Stu Sjouwerman

Check out new training content added to the KnowBe4 ModStore in the month of May.

Prediction: Ransomware Attacks to Spike as Employees Return to the Office

Jun 5, 2020 7:00:00 AM By Stu Sjouwerman

Because of the nature of ransomware attacks and the mass numbers of workers at home, anti-malware vendor Emisoft believes we’re going to see a rise once work returns to normal.

[HEADS UP] Cybercriminals in Australia Harass Recipients with Abusive Transaction Descriptions on Bank Statements

Jun 4, 2020 4:59:41 PM By Stu Sjouwerman

There are bad guys in Australia that have given away money in order to use social engineering and harass people with abusive transaction descriptions that appear in online banking ...

Excel Macros Bypass Your Filters and Slip in Malware Payloads

Jun 4, 2020 9:56:26 AM By Stu Sjouwerman

Researchers at Lastline warn that attackers are increasingly utilizing Excel 4[.]0 macros to deliver malware while avoiding detection by security products. Excel 4[.]0 (XL4) macros were ...

Remote Work Isn’t Good for Corporate Security (Part 2): 30% of Organizations Have Been the Victim of Phishing Scams Since the Lockdown

Jun 4, 2020 8:24:05 AM By Stu Sjouwerman

Lots of new data is now just coming out of the woodwork demonstrating some of the harsh realities of having employees work from home without proper security in place.

Remote Work Isn’t Good for Corporate Security (Part 1): 6 in 10 Employee’s Online Accounts Have Been Compromised Since Working Remotely

Jun 4, 2020 8:20:45 AM By Stu Sjouwerman

Working from home has its advantages. But, according to new data, one of them isn’t keeping the organization secure.

COVID-19 Tax Refund Phishing Attacks Offering Fake U.K. Government Grants

Jun 3, 2020 9:27:48 AM By Stu Sjouwerman

Researchers at Forcepoint describe an unusual phishing attempt that purported to come from the UK’s tax office, HM Revenue and Customs (HMRC). The email itself was clearly a phishing ...

[Heads Up] The REvil Ransomware Gang Is Now Auctioning Off Their Victim Data

Jun 2, 2020 4:39:34 PM By Stu Sjouwerman

Intrepid investigative Reporter Brian Krebs had the news first. "The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies ...

How Low Will Cybercriminals Go?

Jun 2, 2020 8:58:04 AM By Javvad Malik

Surely Bond villains only exist in movies -- I mean people aren’t truly evil are they? Especially ones who sit behind a computer. This was part of a discussion I was having with my ...

Human Performance as a Risk Factor

Jun 1, 2020 8:25:33 AM By Stu Sjouwerman

Most organizations don’t place enough focus on the human elements of cybersecurity, according to Stephen A. Wilson, Dean Hamilton, and Scott Stallbaum from consulting firm Wilson Perumal ...

Supreme Court “Summons” is the Latest Phishing Attack Aimed at Stealing Your Microsoft 365 Credentials

May 30, 2020 8:31:22 AM By Stu Sjouwerman

Even the Supreme Court isn’t safe from brand impersonation in this scam intent on getting victims to click on a link to a supposed subpoena to attend a hearing.

Verizon: Phishing is the Attack Vector Most Often Seen in Data Breaches

May 30, 2020 8:28:10 AM By Stu Sjouwerman

This year’s much-anticipated Verizon Data Breach Investigations Report sheds some light on how cybercriminals use phishing to achieve their goal of stealing data.

EasyJet Becomes the Latest Victim of Data Breach Impacting 9 Million Customers

May 30, 2020 8:25:32 AM By Stu Sjouwerman

In an apparent attack intent on stealing intellectual property, EasyJet announced that their customer’s personal data had been “accessed” as part of the attack.

[Eye-Opener] More Than Half Of Your Employees Cut Security Corners When They Work Remote

May 29, 2020 1:18:20 PM By Stu Sjouwerman

More than half of your employees are cutting corners with regards to cybersecurity while working from home, putting your organisation at risk. The coronavirus pandemic has forced all of ...

Beware of Phony LogMeIn Security Updates

May 27, 2020 9:32:29 AM By Stu Sjouwerman

Researchers at Abnormal Security warn that a phishing campaign is trying to steal LogMeIn remote desktop credentials. The attackers are sending phishing emails that purport to come from ...

Security Awareness Training Blog