A Case of Password Spraying

May 31, 2019 8:00:00 AM By Stu Sjouwerman

Citrix last month confirmed the FBI’s suspicions that hackers had used a technique known as “password spraying” to compromise the company’s networks before stealing a massive amount of ...

Impersonation Phishing Attacks Up 67% in Last 12 Months

May 31, 2019 8:00:00 AM By Stu Sjouwerman

Social engineering attacks using impersonation tactics increased by 67% over the past twelve months, according to Mimecast’s annual State of Email Security report. Mimecast surveyed more ...

Why KnowBe4 Is The Only True Global Security Awareness Training Vendor

May 29, 2019 3:37:10 PM By Stu Sjouwerman

Security awareness, by its very nature, relies on communication. And that communication, in turn, relies on clarity so that it can be fully understood and applied by the learner. To be ...

Red Flags Warn of Social Engineering

May 29, 2019 7:54:53 AM By Stu Sjouwerman

The easiest way to avoid falling for scams and other social engineering attacks is to have an understanding of the tactics employed by attackers, according to Roger A. Grimes, writing in ...

Phishing Canadian Targets

May 28, 2019 2:34:49 PM By Stu Sjouwerman

We have recently blogged about KrebsOnSecurity's story on compromised Canadian business email addresses. Here is some updated background on threats to Canadian organizations.

A Single Tweet Saw One Woman's Bank Account Entirely Wiped Out

May 28, 2019 9:36:02 AM By Stu Sjouwerman

Dean Dunham at The Mirror in the UK reported: "Social media is often disgruntled customers first port of call when they want to make a complaint about goods or services these days, but ...

“Monster” Data Breaches Result in an Average Cost of $347 Million

May 28, 2019 8:00:00 AM By Stu Sjouwerman

Data breaches in the hundreds of millions of records have made the news over the last two years. The latest report from Bitglass covers the results and repercussions of the breaches.

Over 10 Million People Hit In Single Australian Data Breach

May 28, 2019 8:00:00 AM By Stu Sjouwerman

The Office of the Australian Information Commissioner's (OAIC) quarterly data breach report also revealed private health was again the country's most affected sector.

UK Says It Warned 16 Nato Allies Of Russian Hacking Activities

May 28, 2019 8:00:00 AM By Stu Sjouwerman

The UK has shared information on Russian hacking attacks with 16 NATO allies over the last 18 months, a British government official said today. "I can disclose that in the last 18 months, ...

72 Percent Of Cyber Security Professionals Have Considered Quitting Over Lack Of Resources

May 28, 2019 8:00:00 AM By Stu Sjouwerman

Ian Barker at Betanews commented on something astounding.

[Heads-up] Scary Phishing Attack Uses Legal Threats From Law Firm

May 25, 2019 10:38:15 AM By Stu Sjouwerman

Brian Krebs just posted the following alert: "Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Such scams typically notify the ...

Employees Don’t Take USB Security Seriously, Putting Organizations at Risk

May 23, 2019 2:29:40 PM By Stu Sjouwerman

USB devices continue to be a necessity for employees, an entry point for attackers, and an insecure medium to connect the two, spelling trouble for organizations.

U.S. Department of Homeland Security Issues List of Office 365 Security Vulnerabilities and Best Practices

May 23, 2019 2:26:17 PM By Stu Sjouwerman

The latest Analysis Report covers both areas of concern around Office 365 configurations that impact security, and offers up some simple recommendations to shore up vulnerabilities.

KnowBe4 Acquires CLTRe; Shines Spotlight on Security Culture Measurement

May 21, 2019 7:59:51 AM By Stu Sjouwerman

I'm happy to announce our acquisition of CLTRe, which we feel demonstrates the importance of managing the human risk. We’re excited to welcome Kai and the CLTRe team to the KnowBe4 family ...

[On-Demand Webinar] Empowering Your Human Firewall: The Art & Science of Secure Behavior

May 20, 2019 9:45:00 AM By Stu Sjouwerman

You know that "security awareness" is key to a comprehensive security strategy. But just because someone is aware doesn't mean they care. So how can you design programs that work with, ...

“Hack for Hire” Groups Offer Single Account Break-In Services For Just $750

May 20, 2019 9:32:47 AM By Stu Sjouwerman

Along with everything else malicious that’s available “as-a-Service”, the latest addition takes the burden of trying to initially hack an organization off of the plate of would-be ...

Global GozNym Takedown Shows The Anatomy Of A Modern Cybercrime Supply Chain

May 17, 2019 7:12:21 AM By Stu Sjouwerman

By Javvad Malik, our new Security Awareness Advocate for EMEA. A multi-national collaborative law enforcement effort has arrested individuals allegedly behind Nymaim and Gozi, also known ...

Account Takeover Attacks Increase as Cybercriminals Fine-Tune Their Brand Impersonation, Social Engineering, and Phishing Skills

May 17, 2019 6:35:31 AM By Stu Sjouwerman

The latest Spear Phishing Report from Barracuda highlights how cybercriminals are systematically improving their game… and are becoming more successful for it. The capturing of user ...

6 Signs You’ve Successfully Created a Security Culture

May 17, 2019 6:31:36 AM By Stu Sjouwerman

Security culture is much more than just IT policies and processes; it requires buy-in and participation from every user. Learn 6 ways to tell if you’re on the right path to building a ...

What's Wrong With The New Bill That Proposes Cyber Security Training for U.S. House Members?

May 14, 2019 2:18:44 PM By Stu Sjouwerman

A bill introduced last week requires all members, officers and employees of the U.S. House of Representatives to undergo cybersecurity training.

Security Awareness Training Blog