Read the latest news about security awareness training, best practices, why you need it, and what happens when you don't have it in place.
Providing users with Security Awareness Training is a critical part of a security strategy. According to the latest data from SANS, more organizations are using awareness training in 2019.
Social Engineering tactics seek to use any means that’s familiar to the intended victim – and unsubscribing is perceived as being so benign, it may just be the perfect way to fool your ...
Last month saw a number of utility sector businesses targeted with spear phishing attacks that utilize a new remote access Trojan (RAT) that provides attackers with admin access.
StateScoop reports: "Citing several recent ransomware attacks at the state and local levels, Georgia Gov. Brian Kemp this week issued an executive order instructing state employees to ...
By Eric Howes, KnowBe4 Principal Lab Researcher. Malicious actors are becoming very skilled at exploiting popular online services that enjoy the familiarity and trust of millions of ...
A survey by Barracuda found that one in seven organizations experienced lateral phishing attacks over the course of seven months, and that 42% of these attacks were not reported by ...
Brian Krebs has reported that a dubious Internet provider, “Resnet,” was renting out tens of thousands of residential IP addresses to be used as proxies by fraudsters and spammers. ...
DarkReading reports: "Ransomware masquerading as game "cheats" is hitting Fortnite players. Fortunately, there are ways to recover without paying a ransom." Similar to phishing attacks on ...
The long-standing argument over whether or not to pay may have come to an end, with a resolution from the U.S. Conference of Mayors calling on cities to not pay up.
Overtaking wire transfers and payroll diversion, gift cards have taken a material lead as one of the easiest and least recoverable ways to cash out of a fraud scam.
In light of the recent string of attacks that seem to be targeting government agencies and municipalities, a new multi-agency press release provides guidance on how to be resilient.
A phishing scam is stealing Steam accounts by promising free games to victims if they log in to a website with their Steam credentials, according to a recent post by BleepingComputer.
Business email compromise (or CEO fraud) has its reconnaissance phase, too. Researchers at Agari say they’ve found that blank, unsolicited emails are often an early sign that a BEC gang ...
August 16, 2019 - Randy Maniloff wrote about Kevin in the WSJ "Weekend Interview". It's a great article that covers his start as a teenage hacker, how he wound up in jail, and how he ...
There are too many ransomware attacks to ignore the similarities. It’s either government networks are easy prey, or someone is trying to cash out on the U.S., one attack at a time.
The success of social engineering as part of phishing and spear phishing attacks has caused organizations to realize they need an effective tactic to make employees vigilant.
BleepingComputer has come across a phishing campaign that’s spoofing “Unusual sign-in” warnings from Microsoft to steal users’ credentials. The emails look nearly identical to Microsoft’s ...
...they can still be helping the bad guys compromise your organization. Sad but true.
Led by internet privacy researchers Noam Rotem and Ran Locar, vpnMentor’s team recently discovered a huge data breach in biometrics security platform BioStar 2. Once stolen, fingerprint ...
A new survey by Nationwide Insurance found that while 83 percent of small businesses let their employees work from home when necessary, one-fifth of these companies don’t provide ...
