Discovered This Year: 5,334 Kits Offering Evasive Criminal Phishing-as-a-Service

Jul 8, 2019 8:00:00 AM By Stu Sjouwerman

Commodity phishing kits are making it easier for unskilled criminals to run sophisticated phishing campaigns for a low price, according to a report from cloud security provider Cyren.

[Heads-up] IT Pros In The Trenches Of Iran And China's New Cyber War Against The U.S.

Jul 8, 2019 8:00:00 AM By Stu Sjouwerman

You did not sign up for this, but you are finding yourself in the trenches of a cyber war which is slowly but surely moving from a cold to a hot stage. The latest development is that the ...

“Lack of Security Awareness” a Major Reason Why Financial Firms Are 300 Time More Likely to Fall Prey to Cyberattacks

Jul 8, 2019 8:00:00 AM By Stu Sjouwerman

The bad guys always go where the money is. And financial firms are grossly ill-prepared for cyberattacks and suffer higher costs in addressing successful attacks. Boston Consulting Group ...

80% of all Brand Deception Phishing Scams Targeting Execs Pretend to be Microsoft

Jul 8, 2019 8:00:00 AM By Stu Sjouwerman

The prevalence of Office 365 and the Windows OS has caused cybercriminals to choose the software titan as their primary brand used in identity deception phishing scams.

Over Half of Employees Don’t Adhere to Email Security Protocols

Jul 5, 2019 10:18:37 AM By Stu Sjouwerman

A new survey by Barracuda Networks shows that the vast majority (87%) of decision makers believe email threats will rise in the coming year. However, companies are ill-prepared to defend ...

Globally, One-Third of Organizations Experience Ransomware Attacks Weekly

Jul 3, 2019 10:44:18 AM By Stu Sjouwerman

The latest data from Australian telecommunications provider Telstra shows ransomware is running rampant, with security breaches not far behind in frequency.

Cyber Crime Refines Their Social Engineering Tactics

Jul 2, 2019 9:43:52 AM By Stu Sjouwerman

Attackers are improving their strategies by accounting for new developments in technology, Help Net Security reports. Researchers at FireEye analyzed 1.3 billion phishing emails and ...

Enter Facebook's Libra, with Scammers in its Train

Jul 2, 2019 8:49:03 AM By Stu Sjouwerman

Within twenty-four hours of Facebook’s announcement of its new Libra cryptocurrency and Calibra digital wallet, more than three-hundred sites were registered with domain names associated ...

Dridex Credential Stealer Returns With New Antivirus Evasion - Including Application Whitelisting

Jul 1, 2019 4:41:32 PM By Stu Sjouwerman

SCMag reported that a new strain of the notorious Dridex malware has been spotted using polymorphism antivirus evasion techniques in phishing emails. The Dridex credential-stealer that ...

Brand-New Tool: Social Media Phishing Test Checks for Users Vulnerable to Social Media Related Attacks

Jul 1, 2019 9:47:08 AM By Stu Sjouwerman

Phishing is still the #1 threat action used in social engineering attacks, and spear phishing, in particular, takes advantage of your users’ socially networked lives.

Instagram Vanity Makes for Vulnerability

Jul 1, 2019 9:34:08 AM By Stu Sjouwerman

Scammers are targeting Instagram users with phony offers to verify their accounts in order to receive Instagram’s blue checkmark, Threatpost reports. Researchers at Sucuri came across a ...

New Malware Pretends to Be You by Matching Your Keystroke Characteristics

Jul 1, 2019 8:32:33 AM By Stu Sjouwerman

Cybersecurity researchers have developed a new keystroke impersonation attack that avoids being detected by keystroke-based biometric security solutions.

Microsoft Kills Password Expiration Policy Recommendation with Latest Security Baseline for Windows 10

Jul 1, 2019 8:28:52 AM By Stu Sjouwerman

This change from Microsoft highlights the need for organizations to readdress the user-based insecurity of passwords caused by password expirations.

KnowBe4 Fresh Content and Feature Updates - June 2019

Jun 28, 2019 10:24:07 AM By Stu Sjouwerman

Check out the content and feature updates in the KnowBe4 platform for the month of June!

Chinese Hackers Infiltrate Global Telecom Networks With Spear Phishing

Jun 25, 2019 6:59:27 AM By Stu Sjouwerman

The WSJ revealed a brazen hack by Chinese state-sponsored bad actors who totally owned more than 10 global telecom networks, and had full admin access to their networks. They were able to ...

[NEW FEATURE] KnowBe4 User Event API Helps You Tailor Security Awareness Training Based on Custom User Risk Events

Jun 24, 2019 10:14:37 AM By Stu Sjouwerman

You already know the importance of frequent year-round simulated phishing attacks and security awareness training for your users to help you build a more resilient and secure ...

Phishing Attacks Go Mobile as Cybercriminals Leverage Push Notifications

Jun 24, 2019 7:07:42 AM By Stu Sjouwerman

Taking advantage of the inherent trust in mobile content, the bad guys are using a mixture of phishing text messages and look-alike sites to trick users into giving up credentials.

[Heads-up] The U.S. Launched A Cyber Attack On Iran, And We're Expecting Spear Phishing Strike Backs

Jun 23, 2019 11:30:59 AM By Stu Sjouwerman

The tension in the Middle-East apparently prompted a game-changing move by the U.S. President. Washington Post sources say exactly 10 years after Stuxnet, the President approved a ...

UK Forensic Crime Labs Shut Down Due To Ransomware Attack

Jun 22, 2019 10:48:19 AM By Stu Sjouwerman

Every police force across England and Wales has been forced to prioritize evidence for forensic testing following a criminal cyber attack affecting one of the primary forensic service ...

FBI Alert: Last Week Conflict With Iran Can Cause Spear Phishing Retaliation

Jun 22, 2019 10:34:21 AM By Stu Sjouwerman

This blog post has been superseded by a more recent one. You can find this new post here.

Security Awareness Training Blog