New Research: Phishing Remains the Most Popular Technique for Bad Actors

Oct 12, 2023 12:11:26 PM By Stu Sjouwerman

A report from Trustwave notes that phishing remains one of the most popular and effective techniques for attackers to gain access to organizations.

Harvested Credentials Are Put Up for Sale Monthly on the Dark Web at a Rate of 10,000 a Month

Oct 12, 2023 8:01:59 AM By Stu Sjouwerman

Credential harvesting has become a business in and of itself within the cybercrime economy. New insight from Microsoft details the types of attacks your organization should watch out for.

Business Email Compromise Attempts Skyrocket in the Last Year

Oct 12, 2023 8:01:44 AM By Stu Sjouwerman

Threat actors launched 156,000 business email compromise (BEC) attempts per day between April 2022 and April 2023, according to Microsoft’s latest Digital Defense Report. While most of ...

[INFOGRAPHIC] KnowBe4’s SecurityCoach: Top 10 Integrations

Oct 12, 2023 8:00:00 AM By Stu Sjouwerman

Real-time security coaching helps improve your organization’s security culture by enabling real-time coaching of your users in response to risky security behaviors.

Smishing Triad Threat Actor Sets Its Sights on the UAE

Oct 10, 2023 4:05:50 PM By Stu Sjouwerman

Resecurity warns that the Smishing Triad threat actor has “vastly expanded its attack footprint” in the United Arab Emirates (UAE).

Ransomware Attack Dwell Time Drops by 77% to Under 24 Hours

Oct 9, 2023 8:17:46 AM By Stu Sjouwerman

As attackers evolve their toolsets and processes, the significant drop in dwell time signifies a much higher risk to organizations that now have less time to detect and respond to initial ...

One Out of Five Organizations Must Improve Their Security Posture to be Eligible for Cyber Insurance

Oct 9, 2023 8:16:12 AM By Stu Sjouwerman

As insurers become more educated on what a “secure organization” looks like, they are tightening their requirements that puts the onus on organizations to be more secure.

Energy Sector Experiences Three Times More Operational Technology Cybersecurity Incidents Than Any Other Industry

Oct 9, 2023 8:14:04 AM By Stu Sjouwerman

While industries like financial services and healthcare tend to dominate in IT attacks, the tables are turned when looking at Operational Technology (OT) cyber attacks – and the energy ...

Senior Executives Beware: The Rise of EvilProxy Phishing Campaigns

Oct 5, 2023 8:20:01 AM By Stu Sjouwerman

Menlo Security warns that a social engineering campaign is using the EvilProxy phishing kit to target senior executives across a range of industries, including banking and financial ...

Generative AI and the Automation of Social Engineering Increasingly Used By Threat Actors

Oct 3, 2023 10:43:44 AM By Stu Sjouwerman

Threat actors continue to use generative AI tools to craft convincing social engineering attacks, according to Glory Kaburu at Cryptopolitan.

New SMS Phishing Campaign Impersonating The US Postal Service

Oct 2, 2023 10:45:00 AM By Stu Sjouwerman

DomainTools is tracking an increase in SMS phishing (or “smishing”) campaigns impersonating the US Postal Service (USPS). The text messages inform recipients that there’s a problem with ...

Security Awareness Is Dead. Long Live Security Awareness

Sep 29, 2023 4:47:31 PM By Martin Kraemer

Our actions determine outcomes, not our thoughts, our knowledge, or our intentions.

Ransomware Now Considered a “Crisis” in the Financial Services Sector

Sep 28, 2023 4:20:16 PM By Stu Sjouwerman

A recent panel discussion of banking CISOs and experts at the SIBOS conference focused on the current state of ransomware and what institutions should do to protect themselves.

It’s Official – Generative AI Has Made Phishing Emails Foolproof

Sep 28, 2023 4:20:04 PM By Stu Sjouwerman

The most basic use of tools like ChatGPT to script out professional-looking emails has all but eliminated improperly written content as an indicator of a potential phishing scam.

Pharma Industry Seeing Reduction in Data Breach Costs, But Still Have Much to Do

Sep 28, 2023 4:19:36 PM By Stu Sjouwerman

Insights from IBM’s Cost of a Data Breach Report on the Pharmaceutical Industry shows that while the overall cost has improved, there are clear areas of risk that need to be addressed.

Facebook Messenger Becomes the Delivery Mechanism for Infostealer Malware Attack

Sep 28, 2023 4:19:23 PM By Stu Sjouwerman

Millions of business accounts on Facebook are the target of a new malware attack, which is seeing a success rate of 1 out of 70, causing concern for the security of corporate credentials.

Cyber Insurance Claims Increased by 12% in First Half of 2023, Attacks More Frequent and Severe Than Ever

Sep 28, 2023 12:55:44 PM By Stu Sjouwerman

The latest cyber claims report from Coalition, a digital risk insurance provider, finds a 12% increase in cyber insurance claims in the first half of 2023 over the second half of 2022, ...

[LIVE DEMO] Are Your Users Making Risky Security Mistakes? Deliver Real-Time Coaching in Response to Risky User Behavior with SecurityCoach

Sep 28, 2023 8:15:00 AM By Stu Sjouwerman

Do you need an easy, automated way to provide real-time feedback the moment your users make risky mistakes to help reinforce the training campaigns you manage today?

Why BJ Fogg and Daniel Kahneman Are Big Security Pro Must-Knows

Sep 27, 2023 8:47:40 AM By Stu Sjouwerman

You're no stranger to the complexities of safeguarding your organization's digital assets. But have you considered the human element in your security equation? Behavioral economics, ...

New Wave of Hospitality Phishing Attacks: Compromise User Credentials, Then Go Phish

Sep 25, 2023 9:54:21 AM By Stu Sjouwerman

The hospitality sector is seeing a new wave of phishing attacks. These new attacks are more plausible because they begin with compromised credentials and move to fraudulent emails sent ...

Security Awareness Training Blog

View Topics