Security Awareness Training Blog

Security Awareness Training Blog

Read the latest news about security awareness training, best practices, why you need it, and what happens when you don't have it in place.

[LIVE DEMO] Are Your Users Making Risky Security Mistakes? Deliver Real-Time Coaching in Response to Risky User Behavior with SecurityCoach

Do you need an easy, automated way to provide real-time feedback the moment your users make risky mistakes to help reinforce the training campaigns you manage today?
Continue Reading

Why BJ Fogg and Daniel Kahneman Are Big Security Pro Must-Knows

You're no stranger to the complexities of safeguarding your organization's digital assets. But have you considered the human element in your security equation? Behavioral economics, ...
Continue Reading

Practical Insights To Improve Security Awareness in Higher Education

I am a strong believer that understanding cybersecurity as part of an organization-wide process is of the utmost importance.
Continue Reading

Deepfakes: The Threat to Reality and How To Defend Against It

Deepfakes have emerged as a serious concern in the digital landscape, presenting a significant threat to truth and trust.
Continue Reading

New Wave of Hospitality Phishing Attacks: Compromise User Credentials, Then Go Phish

The hospitality sector is seeing a new wave of phishing attacks. These new attacks are more plausible because they begin with compromised credentials and move to fraudulent emails sent ...
Continue Reading

[NEW RELEASE]: Unleash the Power of Cybersecurity Education with KnowBe4’s 'Hack-A-Cat' on Roblox

What do cheese, fish and cybersecurity training have in common? Each of these comes together to help keep kids informed about cyber threats and cybersecurity best practices with KnowBe4’s ...
Continue Reading

Cybercriminals Use Google Looker Studio to Host Crypto Scam to Steal Money and Credentials

Security researchers at Check Point have discovered yet another attack that leverages legitimate web applications to host attacks in order to bypass security scanners.
Continue Reading

Tools From Cybercrime Software Vendor W3LL Found to be Behind the Compromise of 56K Microsoft 365 Accounts

A new report uncovers the scope and sophistication found in just one cybercrime vendor’s business that has aided credential harvesting and impersonation attacks for the last 6 years.
Continue Reading

MFA Defenses Fall Victim to New Phishing-As-A-Service Offerings

ZeroFox warns that phishing-as-a-service (PhaaS) offerings are increasingly including features to bypass multi-factor authentication.
Continue Reading

Vanishing Act: The Secret Weapon Cybercriminals Use in Your Inbox

Researchers at Barracuda describe how attackers use legitimate email inbox rules to control compromised accounts and evade detection.
Continue Reading

TikTok Impersonations of Elon Musk Scam Victims of Their Bitcoin

There’s been a surge of Elon Musk-themed cryptocurrency scams on TikTok, BleepingComputer reports. The scammers inform the victims that they can claim their reward after spending a small ...
Continue Reading

Data Breach Costs Rise, But Cybersecurity Pros Still Take Risks

The latest data from IBM shows that the average cost of a data breach has gone up by 2% to a whopping $4.45 million. You would think that in the cybersecurity industry, people would be ...
Continue Reading

Romance Scams That Run Your Crypto Wallet Dry

Scammers are using dating sites to lure victims into phony cryptocurrency investment schemes, according to Sean Gallagher at Sophos.
Continue Reading

The International Joint Commission Falls Victim to Ransomware Attack; 80GB Of Data Stolen

The International Joint Commission (ICJ), an organization that handles water issues along the Canada–United States border, was hit by a ransomware attack, the Register reports.
Continue Reading

Hacker Deepfakes Employee's Voice in Phone Call to Breach IT Company

Last month, Retool, a business software development company, fell victim to a sophisticated cyberattack that compromised 27 of its cloud customers.
Continue Reading

New Scam Impersonates QuickBooks to Steal Credentials, Extract Money

Establishing urgency through a false need to “upgrade” or lose services, this new attack takes advantage of the widespread use of the popular accounting app to attract victims.
Continue Reading

Microsoft (Once Again) Tops the List of Most Impersonated Brands in 2023

Out of the over 350 brands regularly impersonated in phishing attacks, Microsoft continues to stand out because they provide attackers with one unique advantage over other brands.
Continue Reading

Board Members' Lack of Security Awareness Puts Businesses at Risk of Cyber Attacks, Finds Savanti Report

A report from cybersecurity consultancy Savanti reveals that board members are facing challenges in understanding cyber risks, and this has important implications for businesses.
Continue Reading

Can You Guess Common Phishing Themes in Southeast Asia?

Researchers at Cyfirma outline trends in phishing campaigns around the world, finding that Singapore is disproportionately targeted by phishing attacks.
Continue Reading

Microsoft Teams Phishing Campaign Distributes DarkGate Malware

Researchers at Truesec are tracking a phishing campaign that’s distributing the DarkGate Loader malware via external Microsoft Teams messages.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews