The Good, the Better, and the Best in Information Security

Dec 31, 2019 12:16:27 PM By James McQuiggan

Every day, there is news about the latest data breaches, phishing attacks, the number of records that were exposed, how organizations are not doing enough to protect themselves. All of ...

[LEGAL ALERT] What You May Have Overlooked in the Run Up to CCPA Compliance

Dec 27, 2019 12:04:30 PM By Stu Sjouwerman

LAW.COM had a very good reminder that you really need to keep in mind. Here is an extract: "With just days to go before the California Consumer Privacy Act (CCPA) compliance date, some ...

PayPal Scammers Want More than Just Your PayPal Credentials

Dec 27, 2019 9:30:25 AM By Stu Sjouwerman

Researchers at ESET have come across phishing sites that try to steal PayPal logins along with a wide range of personal and financial information. The scam begins with phishing emails ...

Veterans are High-Payoff Social Engineering Targets for Scammers

Dec 27, 2019 9:05:27 AM By Stu Sjouwerman

Veterans are particularly valuable targets for various types of social engineering attacks, according to Mary K. Talbot at the Providence Journal. Veterans are often respected leaders in ...

FBI Issues Alert For "Sleeper" LockerGoga and MegaCortex Ransomware

Dec 26, 2019 2:37:28 PM By Stu Sjouwerman

The FBI has issued a warning to private industry recipients to provide information and guidance on the LockerGoga and MegaCortex Ransomware.

How Phishing is Evolving

Dec 23, 2019 10:10:12 AM By Stu Sjouwerman

Attackers are always using new tactics to stay ahead of defenders, and Microsoft’s Office 365 Threat Research Team describes three noteworthy phishing techniques they’ve observed in 2019. ...

Whaling: Like Phishing, but After Bigger Game

Dec 23, 2019 9:55:53 AM By Stu Sjouwerman

Organizations have to acknowledge their responsibility for ensuring their employees are able to recognize targeted phishing attacks, according to James McGachie, Legal Director of DLA ...

Top 9 IT Security Trends You Need to Watch Out For in 2020

Dec 20, 2019 10:12:12 AM By Stu Sjouwerman

Cyber security and security awareness training landscapes are constantly changing. IT Professionals, like you, always need to know what is coming next in order to build (and maintain) ...

Royal Mail Scam: Sorry, You Haven't in Fact Won that iPhone 11 Pro

Dec 19, 2019 9:42:55 AM By Stu Sjouwerman

An SMS phishing scam is targeting people in the UK with fake notifications that appear to come from the Royal Mail postal service, The Sun reports. The messages are personalized, and they ...

Dancing with Hackers

Dec 19, 2019 9:25:11 AM By Javvad Malik

Dancing with the Stars pro Witney Carson announced on Twitter that her Facebook account had been hacked. Unknown miscreants gained control of Carson’s Facebook through a unique phishing ...

Financial Advisor Fined After Falling for BEC Scam

Dec 18, 2019 8:23:32 AM By Stu Sjouwerman

The Financial Industry Regulatory Authority (FINRA) fined and temporarily suspended a financial advisor working for UBS after he was tricked into transferring $511,870 from a client’s ...

Mysterious Global Phishing Campaign Uncovered

Dec 13, 2019 5:55:48 PM By Stu Sjouwerman

A mysterious phishing campaign was spotted by threat researchers from Anomali. The global credential gathering phishing campaign was directed primarily at government procurement ...

67% of UK Employees Flout Internal IT Security Rules

Dec 12, 2019 8:35:50 AM By Stu Sjouwerman

Businesses are leaving themselves unnecessarily exposed to significant security risks, it’s claimed by a cloud and IT business continuity services company, According to Databarracks’ data ...

New Ransomware Attack Reboots Systems into Safe Mode to Bypass Antivirus!

Dec 10, 2019 11:15:48 AM By Stu Sjouwerman

The latest strain of Snatch ransomware performs a devious task to ensure tools designed to protect against ransomware are nowhere to be found during encryption.

5 Things You May Not Know About Security Awareness Training

Dec 9, 2019 7:00:00 AM By Perry Carpenter

By Perry Carpenter, KnowBe4 Chief Evangelist and Strategy Officer. Let me open by making an observation: the discipline of security awareness training is chock-full of assumptions and ...

KnowBe4 Content Updates and New Resources - November 2019

Dec 6, 2019 11:00:00 AM By Stu Sjouwerman

We've got a few important updates to share with you for the month of November!

[Heads Up] Iran Has Launched Evil New Malware That Wipes Your Windows Workstations

Dec 5, 2019 8:16:15 AM By Stu Sjouwerman

Zak Doffman posted: "Iran’s state-sponsored hackers have deployed a new strain of malicious malware, warns IBM, which has been aimed at the “industrial and energy sectors” in the Middle ...

You Have Not Suffered A Data Breach But How Do You Prevent Credential-Stuffing Attacks?

Dec 5, 2019 7:02:26 AM By Stu Sjouwerman

Frequent data breaches and the widespread availability of automated tools to take advantage of the compromised information have greatly increased the efficiency of credential stuffing ...

Europol Finds Majority of Attack Groups Rely on Spear Phishing as Primary Infection Vector

Dec 4, 2019 6:52:41 AM By Stu Sjouwerman

A new report from Europol’s European Cybercrime Center (EC3) breaks down how targeted phishing attacks are being done, and how to avoid becoming a victim.

Gift Card Scams are Decreasing in Light of Other Business Email Compromise Scams

Dec 4, 2019 6:48:49 AM By Stu Sjouwerman

New data from email security vendor Agari shows Business Email Compromise (BEC) attacks shifting tactics last quarter, in favor of scams resulting in larger payouts.

Security Awareness Training Blog