Reducing human risk in cybersecurity requires a human-first approach that relies on effective training and practice for people to gain security knowledge, practice secure behavior, and ...
Researchers at Trellix warn of a spear-phishing campaign that’s targeting CFOs around the world with phony employment offers.
A criminal threat actor tracked as “UNC6040” is using voice phishing (vishing) attacks to compromise organizations’ Salesforce instances, according to researchers at Google’s Threat ...
Human risk remains one of the most underestimated threats in cybersecurity. Even with major advancements in defensive technology, human error still accounts for the majority of data ...
A KnowBe4 co-worker of mine recently got this SMS phishing message (i.e., smish).
The FBI is warning that the Silent Ransom Group (SRG) is targeting law firms with IT-themed social engineering attacks and callback phishing emails.
Researchers at Certo warn that a new AI chatbot called “Venice[.]ai” can allow cybercriminals to easily generate phishing messages or malware code.
Researchers at IBM Security warn that a major phishing campaign is targeting users in France, incorporating leaked personal data to make the emails more convincing.
The FBI is warning that threat actors are impersonating senior US officials in phishing attacks designed to compromise users’ accounts.
I was once enrolled in a programming module back at university. We had been given a task, to code something, so we all sat banging out whatever code we could on our keyboards.
Since March 2025, the KnowBe4 Threat Labs team has observed a surge in phishing attacks that exploit Google’s AppSheet platform to launch a highly targeted, sophisticated campaign ...
Many organizations, after a period of relative quiet, might believe the ransomware bubble has burst. The headlines may have shifted, and other emerging cyber threats might seem to ...
I got this Coinbase-related scam in my personal inbox last week.
Commodity phishing kits are increasingly serving dynamically generated phishing pages, according to researchers at ESET.
Agentic AI-enabled ransomware is not here yet, but likely will be very soon. I am talking this year or by 2026.
Business email compromise (BEC) attacks and funds transfer fraud (FTF) accounted for 60% of cyber insurance claims in 2024, according to a new report from Coalition.
When it comes to artificial intelligence (AI) and human risk management (HRM), not all AI is created equal.
Mandiant warns that the Scattered Spider cybercriminal group is using “brazen” social engineering attacks to target large enterprise organizations in a wide range of sectors.
Cybersecurity professionals face an increasingly aggressive phishing threat landscape, and the 2025 KnowBe4 Phishing By Industry Benchmarking Report makes one thing crystal clear: ...
Just because you’re using a passkey doesn’t mean your password is gone.
