Blackhat 2015 Survey: End-User Wins Easily As IT's Big Worry

Jul 17, 2015 3:50:00 PM By Stu Sjouwerman

According to the 2015 Black Hat Attendee Survey, nearly three quarters (73 percent) of top security professionals think it likely that their organizations will be hit with a major data ...

Spear Phishing Attack Results In $5.3 Million Bitcoin Cyberheist

Jul 9, 2015 2:20:00 PM By Stu Sjouwerman

"Newly leaked, confidential documents have revealed details into a cyberattack aimed at Bitstamp, a company that fundamentally deals as a cryptocurrency trader, according to a report in ...

What KnowBe4 Customers Say About Us July 3, 105

Jul 3, 2015 1:09:38 PM By Stu Sjouwerman

Hi Stu, "We're happy with the product. Getting good feedback from users who've gone through the programme and my management is highly impressed with the quality of the information given. ...

Scam Of The Week: Payment By Facebook Friend

Jul 2, 2015 5:37:00 PM By Stu Sjouwerman

As of last Tuesday, Facebook has switched on person-to-person (P2P) payments for users in the US to "instant-message" money to their friends, using the debit cards connected to their bank ...

Confidence In Antivirus Falls To All-time Low

Jul 2, 2015 11:17:00 AM By Stu Sjouwerman

Bromium is a company with a new antivirus mousetrap, so it will try to make old mousetraps look, well... old. However, they do point out correctly that traditional antivirus is starting ...

The Seven Deadly Social Engineering Vices Updated

Jun 17, 2015 12:09:00 PM By Stu Sjouwerman

You may not be aware that there is a scale of seven deadly vices connected to social engineering (SE). The deadliest SE attacks are the ones that have the highest success rates, often ...

Gone phishing: How I taught my users to stop clicking everything

Jun 13, 2015 11:24:03 AM By Stu Sjouwerman

Familiar with SpiceWorks? It's the world's largest IT Admin community. One user wrote the 392nd entry in their Spotlight on IT. This is the story. There is a link at the end to the ...

The Truth About The Massive OPMgate Hacking Scandal

Jun 13, 2015 9:17:00 AM By Stu Sjouwerman

The recent U.S. Government Office of Personnel Management hack is getting worse by the day. In Saturday's Wall Street Journal they revealed that apart from more than 4 million personal ...

Some Interesting Security Awareness Computer-Based Training Numbers

May 30, 2015 9:37:00 AM By Stu Sjouwerman

You may know Gartner, the 800-pound gorilla in the IT Analyst space. When a market is mature enough they create their so-called Magic Quadrant (MQ) with the leading vendors in that ...

Will Your Contractors Take Down Your Business?

May 26, 2015 11:07:22 AM By Stu Sjouwerman

Will Your Contractors Take Down Your Business? Do you know how well your vendors, business associates, contracted third parties (who I will collectively call “contractors”) are protecting ...

Starbucks Hack: A Great Example Why You Should Not Reuse Passwords

May 17, 2015 11:58:00 AM By Stu Sjouwerman

Use this story and send it to your employees as a cautionary tale to make it real to them they should not reuse passwords in general, but especially not for any online payment accounts! ...

Get Real About User Security Training

May 12, 2015 10:13:00 AM By Stu Sjouwerman

Do you despair that users will never learn to avoid stupid security mistakes that compromise your organization? Maybe you're not spending enough time and effort on training. Roger Grimes ...

Phishing in the C-Suite: 96% of Executives Vulnerable to Attacks

May 11, 2015 9:50:36 AM By Stu Sjouwerman

According to a recent survey, 96% of executives failed to tell the difference between a real email and a phishing email 100% of the time.

What our customers are saying about our security awareness training

May 7, 2015 10:49:00 AM By Stu Sjouwerman

One of our customers sent us this today: "I wanted to give you an update on our security awareness training. When we did the baseline phishing campaign for 85 employees and we had a click ...

10 Lessons Learned From Painful Ryanair $5M Cyberheist

May 1, 2015 5:44:00 PM By Stu Sjouwerman

Low-cost airline Ryanair shamefacedly came clean last week that they fell victim to a cyberheist which stole almost 5 million dollars out of its fuel bank account. The money was siphoned ...

Social Engineering Exploit Fools HR with Infected IT Resumes

May 1, 2015 1:58:17 PM By Stu Sjouwerman

Proofpoint threat researchers recently detected a clever email-based attack that combines phishing and social engineering techniques in order to trick users into opening a malicious ...

Tesla Attack Caused By Social Engineering

Apr 29, 2015 10:28:23 AM By Stu Sjouwerman

A few days ago, you may have read the news that Tesla Motors had their website and Twitter accounts hijacked by pranksters. OpenDNS has a blog post that goes into great technical detail.

Ransomware Mafia Now Uses Bitcoin As Obfuscation Layer

Apr 26, 2015 1:09:00 PM By Stu Sjouwerman

Bitcoin is a very speculative currency, still relatively easy to manipulate compared to the major currencies, and subject to massive increases and drops in value. Currently the falling ...

How Criminals Exploit Gaps In Your Security Awareness Training

Apr 26, 2015 12:29:00 PM By Stu Sjouwerman

I was at RSA in San Francisco last week. Great show, with ~30,000 attendees and packed exhibit halls at the Moscone Center. We invited KnowBe4 customers who were attending RSA for a ...

The 5 Security Awareness Training Generations [CARTOON]

Apr 19, 2015 1:41:00 PM By Stu Sjouwerman

Today, your employees are frequently exposed to advanced phishing and ransomware attacks. Your users are the weak link in your IT security. There are 5 ways (generations) to train ...

Security Awareness Training Blog