Security Awareness Training Blog

Security Awareness Training Blog

Read the latest news about security awareness training, best practices, why you need it, and what happens when you don't have it in place.

KnowBe4 Content Updates and New Resources - December 2019

We've got a few important updates to share with you for the month of November!
Continue Reading

[Heads Up] Iran Has Launched Evil New Malware That Wipes Your Windows Workstations

Zak Doffman posted: "Iran’s state-sponsored hackers have deployed a new strain of malicious malware, warns IBM, which has been aimed at the “industrial and energy sectors” in the Middle ...
Continue Reading

You Have Not Suffered A Data Breach But How Do You Prevent Credential-Stuffing Attacks?

Frequent data breaches and the widespread availability of automated tools to take advantage of the compromised information have greatly increased the efficiency of credential stuffing ...
Continue Reading

Europol Finds Majority of Attack Groups Rely on Spear Phishing as Primary Infection Vector

A new report from Europol’s European Cybercrime Center (EC3) breaks down how targeted phishing attacks are being done, and how to avoid becoming a victim.
Continue Reading

Gift Card Scams are Decreasing in Light of Other Business Email Compromise Scams

New data from email security vendor Agari shows Business Email Compromise (BEC) attacks shifting tactics last quarter, in favor of scams resulting in larger payouts.
Continue Reading

Identity Deception-Based Phishing Attacks Show an Increase in Impersonating Individuals

The use of impersonating a person or brand as part of an attack in on the rise, giving attackers the upper hand, establishing instant credibility and lowering the defenses of the ...
Continue Reading

Phishing for Gamers Uses A Fake Skin Giveaway

BleepingComputer warns that a fake Steam skin giveaway site is stealing users’ Steam credentials. The site appears to be running a 26-day promotion giving away free skins for ...
Continue Reading

Insecure Database Exposes Millions of Private SMS Messages

Researchers discovered an unprotected TrueDialog database hosted by Microsoft Azure with diverse and business-related data from tens of millions of users.
Continue Reading

Netflix "Account Freeze" Phishing Campaign In The Wild

A Netflix phishing scam is going after users’ payment information and Netflix credentials, according to Naked Security. The phishing emails inform recipients that they’ve missed a payment ...
Continue Reading

Pervasive Ransomware Infection Cost German Software Company Pilz Tens Of Millions Of Euros

A pervasive ransomware infection cost the German automation company Pilz an estimated tens of millions of euros, says Jan Tournois, director of the Dutch department of the multinational.
Continue Reading

You Can’t Always Trust a Dot-Gov Domain

It may be easier than one thinks to register a dot-gov domain, according to KrebsOnSecurity. People have tended to regard urls with the top-level domain dot gov as generally reliable, but ...
Continue Reading

Business Email Compromise Topples Over $26 Billion in Losses

This lucrative business of tricking companies into fraudulently transferring funds into cybercriminal-owned bank accounts is showing signs of growing. Scammers use many forms of attack to ...
Continue Reading

Global Utilities See Cyberattacks as Greater Threat to Operations than IT with Half Experiencing Outages

Global industrial organizations are seeing and feeling the effects of cyberattacks, recognizing the material impact potential upon operations.
Continue Reading

Over Half of SMBs Experience Phishing and Social Engineering Attacks

The assertion that SMBs aren’t a cyber-target is officially dead. SMBs are victims of the very same attacks as enterprises in growing numbers, according to new research.
Continue Reading

Insurers Get Serious About Social Engineering Attacks Citing a Lack of Awareness as the Problem

With specific endorsements to protect against social engineering scams, insurers are realizing where the true risk lies in cyberattacks and make recommendations of how to mitigate it.
Continue Reading

Join Us for a Live Demo on Simulated Phishing and Awareness Training

See Ridiculously Easy Security Awareness Training and Phishing in Action!
Continue Reading

Merchant fined for failing to train employees — Former NYDFS Superintendent Vullo Talks About Cybersecurity Regs

Mark Harrop, Director of Communications, Corporates at Thomson Reuters made me aware of a very interesting interview with Maria Vullo, the former Superintendent of New York’s Department ...
Continue Reading

‘Professional’ ransomware gang targets 1,800 large organizations worldwide, Dutch investigators find

Filip Truta at Bitdefender blogged: "A confidential report from the Netherlands’ National Cyber ​​Security Center warns that ransomware operators are targeting at least 1,800 large ...
Continue Reading

Phishing scams on the up in the Netherlands

Mina Solanki, an expat in Holland wrote: "After years of declining, phishing is on the up. In 2018, the (monetary) damage caused by it had almost quadrupled compared to previous years. ...
Continue Reading

Singapore government must realise human error also a security breach

Eileen Yu, for By The Way at ZDNet wrote: "A recent data breach has highlighted a need for the Singapore government to realise human errors are cybersecurity risks that need to be ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews