Half of all Financial Services Cyber Attacks Start with a Very Costly Phish

Sep 23, 2024 3:18:45 PM By Stu Sjouwerman

New analysis of attacks on the financial sector shows that the combination of phishing emails and compromised credentials is a recurring — and financially impactful — threat.

Zscaler: There are 200 Malicious Lookalike Domains for Every 1 Impersonated Brand

Sep 23, 2024 9:40:17 AM By Stu Sjouwerman

Analysis of typosquatting and brand impersonation activity across 500 of the most visited domains provides insight in to how these techniques come together to effectively deceive.

Online Scams Are Shortening Their Cycles and Making More Money

Sep 20, 2024 10:27:19 AM By Stu Sjouwerman

New analysis of blockchain activity shows scammers are needing less time to obtain crypto payments and are seeing higher payoffs per scam.

Phishing Attacks Abuse Content Creation and Collaboration Platforms

Sep 20, 2024 10:27:16 AM By Stu Sjouwerman

Researchers at Barracuda have observed an increase in phishing attacks that abuse popular content creation and collaboration platforms. These include online graphic design platforms and ...

U.S. Government Indicts Chinese National For Alleged Spear Phishing Attacks

Sep 18, 2024 1:40:36 PM By Stu Sjouwerman

The U.S. Justice Department has indicted a Chinese national, Song Wu, for allegedly sending spear phishing emails to employees at various U.S. military and government entities, research ...

A Must See for KnowBe4 Customers and Partners: Geoff White to Keynote KB4-CON EMEA 2024

Sep 18, 2024 8:48:41 AM By Stu Sjouwerman

As a valued KnowBe4 customer and partner, we're thrilled to bring you exciting news about our upcoming KB4-CON EMEA 2024 in London.

North Korean Hackers Target Software Developers With Phony Coding Tests

Sep 18, 2024 7:59:35 AM By Stu Sjouwerman

Researchers at ReversingLabs warn that North Korea’s Lazarus Group is targeting software developers with phony job interviews.

SANS Releases Guide to Address Rise in Attacks on Manufacturing and Industrial Control Systems

Sep 18, 2024 7:59:23 AM By Stu Sjouwerman

Increased ransomware attacks on industrial control systems (ICS), mixed with general ICS insecurity found across the manufacturing sector, has given rise to a guide specifically ...

New Ransomware Threat Group, RansomHub, is so Effective, the NSA is Already Warning You About Them

Sep 16, 2024 3:43:10 PM By Stu Sjouwerman

The latest evolution of the ransomware service model, RansomHub, has only been around since February of this year, but its affiliates are already successfully exfiltrating data.

BEC Scams Have Caused $55 Billion in Losses Over the Past Ten Years

Sep 16, 2024 3:43:07 PM By Stu Sjouwerman

Business email compromise (BEC) attacks have caused more than $55 billion in losses between 2013 and 2023, according to an advisory from the U.S. Federal Bureau of Investigation (FBI).

Authorized Push Payment Fraud Responsible for Over Half of U.K. Frauds and Scams

Sep 16, 2024 8:42:18 AM By Stu Sjouwerman

Research from The Financial Ombudsman Service, a U.K. based organization dedicated to helping citizens with free financial advice, has found an increase in Authorized Pushed Payment (APP) ...

Attackers Using HTTP Response Headers to Redirect Victims to Phishing Pages

Sep 13, 2024 9:16:55 AM By Stu Sjouwerman

Researchers at Palo Alto Networks’ Unit 42 warn that attackers are using refresh entries in HTTP response headers to automatically redirect users to phishing pages without user ...

Your Lawyers Are Increasingly Targeted by Phishing Attacks, Ransomware

Sep 11, 2024 3:02:21 PM By Stu Sjouwerman

Researchers at Bitdefender warn that law firms are high-value targets for ransomware gangs and other criminal threat actors. Attackers frequently use phishing to gain initial access to an ...

Forget the Talent Gap – It’s an Experience Gap

Sep 11, 2024 9:13:58 AM By Anna Collard

South Africa’s cybersecurity workforce shortage mirrors global trends, but also faces local factors like underinvestment in basic education, underserved communities, digital literacy gaps ...

Losses From Investment Scams have Increased Six-Fold Since 2021

Sep 11, 2024 9:13:49 AM By Stu Sjouwerman

The Better Business Bureau (BBB) has observed a six-fold increase in losses from investment scams over the past three years. The BBB has received more than 4,000 reports of investment ...

Election-Themed Scams Are on the Rise

Sep 9, 2024 4:45:49 PM By Stu Sjouwerman

Researchers at Malwarebytes warn of a surge in election-themed scams ahead of November’s presidential election in the US. These attacks can be expected to increase as the election grows ...

Use of Malicious Links Surges by 133% in Q1, Setting the Tone for the First Half of 2024

Sep 9, 2024 4:45:46 PM By Stu Sjouwerman

Threat actors are opting for malicious links over attachments in email-based attacks because it gives them a critical advantage that many solutions can’t address.

Manufacturing Sector Is the Latest Target of Advanced Credential Harvesting Attacks

Sep 5, 2024 11:22:13 AM By Stu Sjouwerman

A new attack runs slow and steady, focused on compromising large manufacturing companies using contextual social engineering to trick victims into giving up credentials.

Phishing is Still the Top Initial Access Vector

Sep 5, 2024 11:21:58 AM By Stu Sjouwerman

Phishing remains a top initial access vector for threat actors, according to researchers at ReliaQuest. Phishing and other social engineering tactics can bypass security technologies by ...

Threat Actors Increasingly Exploit Deepfakes for Social Engineering

Sep 4, 2024 11:10:59 AM By Stu Sjouwerman

The availability of deepfake technology has given threat actors a valuable tool for social engineering attacks, according to researchers at BlackBerry.

Security Awareness Training Blog

View Topics