New Wave of Hospitality Phishing Attacks: Compromise User Credentials, Then Go Phish

Sep 25, 2023 9:54:21 AM By Stu Sjouwerman

The hospitality sector is seeing a new wave of phishing attacks. These new attacks are more plausible because they begin with compromised credentials and move to fraudulent emails sent ...

[NEW RELEASE]: Unleash the Power of Cybersecurity Education with KnowBe4’s 'Hack-A-Cat' on Roblox

Sep 25, 2023 8:30:00 AM By Stu Sjouwerman

What do cheese, fish and cybersecurity training have in common? Each of these comes together to help keep kids informed about cyber threats and cybersecurity best practices with KnowBe4’s ...

Cybercriminals Use Google Looker Studio to Host Crypto Scam to Steal Money and Credentials

Sep 25, 2023 8:15:00 AM By Stu Sjouwerman

Security researchers at Check Point have discovered yet another attack that leverages legitimate web applications to host attacks in order to bypass security scanners.

Tools From Cybercrime Software Vendor W3LL Found to be Behind the Compromise of 56K Microsoft 365 Accounts

Sep 25, 2023 8:00:00 AM By Stu Sjouwerman

A new report uncovers the scope and sophistication found in just one cybercrime vendor’s business that has aided credential harvesting and impersonation attacks for the last 6 years.

MFA Defenses Fall Victim to New Phishing-As-A-Service Offerings

Sep 25, 2023 8:00:00 AM By Stu Sjouwerman

ZeroFox warns that phishing-as-a-service (PhaaS) offerings are increasingly including features to bypass multi-factor authentication.

Vanishing Act: The Secret Weapon Cybercriminals Use in Your Inbox

Sep 21, 2023 11:57:30 AM By Stu Sjouwerman

Researchers at Barracuda describe how attackers use legitimate email inbox rules to control compromised accounts and evade detection.

TikTok Impersonations of Elon Musk Scam Victims of Their Bitcoin

Sep 20, 2023 9:07:37 AM By Stu Sjouwerman

There’s been a surge of Elon Musk-themed cryptocurrency scams on TikTok, BleepingComputer reports. The scammers inform the victims that they can claim their reward after spending a small ...

Data Breach Costs Rise, But Cybersecurity Pros Still Take Risks

Sep 20, 2023 8:10:03 AM By Stu Sjouwerman

The latest data from IBM shows that the average cost of a data breach has gone up by 2% to a whopping $4.45 million. You would think that in the cybersecurity industry, people would be ...

Romance Scams That Run Your Crypto Wallet Dry

Sep 19, 2023 9:31:19 AM By Stu Sjouwerman

Scammers are using dating sites to lure victims into phony cryptocurrency investment schemes, according to Sean Gallagher at Sophos.

The International Joint Commission Falls Victim to Ransomware Attack; 80GB Of Data Stolen

Sep 18, 2023 12:04:34 PM By Stu Sjouwerman

The International Joint Commission (ICJ), an organization that handles water issues along the Canada–United States border, was hit by a ransomware attack, the Register reports.

Hacker Deepfakes Employee's Voice in Phone Call to Breach IT Company

Sep 15, 2023 10:20:40 AM By Stu Sjouwerman

Last month, Retool, a business software development company, fell victim to a sophisticated cyberattack that compromised 27 of its cloud customers.

New Scam Impersonates QuickBooks to Steal Credentials, Extract Money

Sep 15, 2023 10:20:14 AM By Stu Sjouwerman

Establishing urgency through a false need to “upgrade” or lose services, this new attack takes advantage of the widespread use of the popular accounting app to attract victims.

Microsoft (Once Again) Tops the List of Most Impersonated Brands in 2023

Sep 15, 2023 10:19:58 AM By Stu Sjouwerman

Out of the over 350 brands regularly impersonated in phishing attacks, Microsoft continues to stand out because they provide attackers with one unique advantage over other brands.

Board Members' Lack of Security Awareness Puts Businesses at Risk of Cyber Attacks, Finds Savanti Report

Sep 15, 2023 10:19:45 AM By Stu Sjouwerman

A report from cybersecurity consultancy Savanti reveals that board members are facing challenges in understanding cyber risks, and this has important implications for businesses.

Can You Guess Common Phishing Themes in Southeast Asia?

Sep 13, 2023 9:07:52 AM By Stu Sjouwerman

Researchers at Cyfirma outline trends in phishing campaigns around the world, finding that Singapore is disproportionately targeted by phishing attacks.

Microsoft Teams Phishing Campaign Distributes DarkGate Malware

Sep 11, 2023 8:55:42 AM By Stu Sjouwerman

Researchers at Truesec are tracking a phishing campaign that’s distributing the DarkGate Loader malware via external Microsoft Teams messages.

Scary New IT Admin Attack Exposes Your MFA Weakness

Sep 7, 2023 8:44:27 AM By Stu Sjouwerman

Identity and authentication management provider Okta has warned of social engineering attacks that are targeting IT workers in an attempt to gain administrative privileges within ...

CISA Says to Exercise Caution For Disaster-Related Malicious Scams

Sep 6, 2023 9:45:36 AM By Stu Sjouwerman

The US Cybersecurity and Infrastructure Security Agency (CISA) has warned that scammers are exploiting the recent hurricanes that have hit the US. Criminals frequently impersonate ...

You Asked and Here It Is! KnowBe4's New Content Manager Feature is Unveiled

Sep 1, 2023 8:00:00 AM By Stu Sjouwerman

We heard you, and we're thrilled to tell you about the all-new Content Manager feature for KMSAT!

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

Aug 31, 2023 12:18:44 PM By Stu Sjouwerman

Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.

Security Awareness Training Blog