State-Sponsored Russian Phishing Campaigns Target a Variety of Industries

Mar 19, 2024 1:18:02 PM By Stu Sjouwerman

Researchers at IBM X-Force are monitoring several ongoing phishing campaigns by the Russian state-sponsored threat actor ITG05 (also known as “APT28” or “Fancy Bear”). APT28 has been tied ...

Phishing-as-a-Service Platforms LabHost and Frappo Help Threat Actors Target Canadian Banks

Mar 19, 2024 9:41:29 AM By Stu Sjouwerman

Analysis of attacks on banking institutions in Canada can be almost perfectly tied to the use and availability of phishing-as-a-service platforms, indicating increased use by threat ...

CISA: Healthcare Organizations Should Be Wary of Increased Ransomware Attacks by ALPHV Blackcat

Mar 18, 2024 10:14:00 AM By Stu Sjouwerman

A joint cybersecurity advisory published last week discusses ransomware attack impacts on healthcare, along with ALPHV’s attack techniques, indicators of compromise (IoCs) and proper ...

Sophos: Over 75% of Cyber Incidents Target Small Businesses

Mar 15, 2024 10:31:48 AM By Stu Sjouwerman

New analysis of incident data shows threat actors are evolving their attack techniques to take advantage of budget and resource-strapped small businesses.

Organizations Are Vulnerable to Image-based and QR Code Phishing

Mar 14, 2024 10:23:31 AM By Stu Sjouwerman

A majority of organizations have a false sense of security regarding their resistance to phishing attacks, according to a new report from researchers at IRONSCALES and Osterman Research.

Despite Feeling Prepared for Image-Based Attacks, Most Organizations Have Been Compromised by Them

Mar 14, 2024 10:20:00 AM By Stu Sjouwerman

With QR-code phishing attacks on the rise, new data sheds light on just how unprepared organizations actually are in stopping and detecting these device-shifting attacks.

New Research: BEC Attacks Rose 246% in 2023

Mar 14, 2024 10:18:23 AM By Stu Sjouwerman

Business email compromise (BEC) attacks surged by 246% last year, according to researchers at ReliaQuest.The researchers believe the increase is due to widely available phishing kits that ...

Compromised Credentials Postings on the Dark Web Increase 20% in Just One Year

Mar 13, 2024 9:31:15 AM By Stu Sjouwerman

Data trends show a clear upward momentum of posts from initial access brokers on the dark web, putting the spotlight on what may become cybersecurity’s greatest challenge.

AI-Driven Voice Cloning Tech Used in Vishing Campaigns

Mar 13, 2024 9:30:10 AM By Stu Sjouwerman

Scammers are using AI technology to assist in voice phishing (vishing) campaigns, the Better Business Bureau (BBB) warns. Generative AI tools can now be used to create convincing ...

Dodging Digital Deception: How to Spot Fake Recruiters and Shield Your Career Search from Phishing Scams

Mar 12, 2024 9:28:58 AM By Stu Sjouwerman

Scammers are impersonating job-seeking platform Dice with phony employment opportunities designed to steal victims’ information.

Generative AI Results In 1760% Increase in BEC Attacks

Mar 12, 2024 9:24:38 AM By Stu Sjouwerman

As cybercriminals leverage tools like generative AI, making attacks easier to execute and with a higher degree of success, phishing attacks continues to increase in frequency.

AI and Ransomware Top the List of Mid-Market IT Cyber Threats

Mar 7, 2024 3:22:08 PM By Stu Sjouwerman

A recent report reveals a significant discrepancy in the priorities of mid-market IT departments when it comes to addressing cyber threats. It's somewhat ironic that IT professionals find ...

European Diplomats Targeted With Phony Invitations to a Wine-Tasting Party

Mar 7, 2024 3:21:56 PM By Stu Sjouwerman

Researchers at Zscaler observed a cyberespionage campaign that targeted European diplomats with malicious PDFs disguised as invitations to a wine-tasting party hosted by the Ambassador of ...

[On-Demand] Customer Spotlight: MESA’s Strategy for Building Strong Security Culture and Email Defense

Mar 7, 2024 8:55:00 AM By Stu Sjouwerman

In a world where digital threats grow more sophisticated by the day, gaining firsthand knowledge from those who have successfully bolstered their organization's defenses is invaluable.

New Research: Spike In DNS Queries Driving Phishing and Cyber Attacks

Mar 6, 2024 2:24:15 PM By Stu Sjouwerman

New analysis of DNS queries shows material growth in phishing, malware and botnets and offers insight into how many threats the average person experiences.

Chicago Man Sentenced to Eight Years in Prison for Phishing Scheme

Mar 6, 2024 2:24:11 PM By Stu Sjouwerman

A 30-year-old man from Chicago, Joseph Alexander Valdez, has been sentenced to eight years in prison for conducting a Snapchat phishing scheme that victimized more than 700 women, CBS ...

Microsoft and OpenAI Team Up to Block Threat Actor Access to AI

Mar 5, 2024 9:46:52 AM By Stu Sjouwerman

Analysis of emerging threats in the age of AI provides insight into exactly how cybercriminals are leveraging AI to advance their efforts.

Planning with Purpose: 10 Tips to Develop Your Year-Long Security and Compliance Training Program

Mar 1, 2024 12:52:49 PM By John Just

Our team at KnowBe4 recently got together to talk about planning for annual security and compliance training.

Cybercriminals Sent 1.76 Billion Social Media Phishing Emails in 2023

Mar 1, 2024 12:52:46 PM By Stu Sjouwerman

As social media phishing reaches new heights, new data reviewing 2023 shows a massive effort by cybercriminals to leverage impersonation of social media brands.

Email-Based Cyber Attacks Increase 222% as Phishing Dominates as the Top Vector

Mar 1, 2024 12:52:43 PM By Stu Sjouwerman

Analysis of the second half of 2023 shows attackers are getting more aggressive with email-based phishing attacks in both frequency and execution.

Security Awareness Training Blog

View Topics