KnowBe4

Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

Equifax Reports Data Breach Possibly Impacting 143 Million U.S. Consumers

The Wall Street Journal just reported that Credit-reporting company Equifax Inc. disclosed Thursday that hackers gained access to some of its systems, compromising the personal ...
Continue Reading

These 4 Maps Will Make You Understand Russia's Aggressive Cyber Attacks

There are many kinds of maps, they can show roads or general geography, but sometimes they shed light on other dimensions like economic, political and/or military perspectives. First of ...
Continue Reading

Introducing Behavioral Information Security

Ben Tomhave posted a great article on his "The Falcon's View" blog. Loved the concept and I'm cross-posting the whole thing in it's entirety without any edits with grateful ...
Continue Reading

Criminals Use Social Engineering To Make Victims Install Malicious Chrome Extensions

  The attackers did reconnaissance on their targets, using social networks which people inside the organization were involved in making financial transactions. These victims were then ...
Continue Reading

Here Is A Cool And Useful INFOGRAPHIC About Social Engineering

Kevin Mitnick, KnowBe4's Chief Hacking Officer retweeted a link to well-executed infographic about Social Engineering, and here it is, courtesy of the team at Smartfile.com  
Continue Reading

Top White House officials fall for prankster social engineering tricks

A UK-based email prankster used social engineering tactics to fool several top White House officials into responding to his messages, including the Trump administration’s cybersecurity ...
Continue Reading

Lessons from Social Engineering Disasters to Improve Security

Michele Fincher from the excellent team at www.social-engineer.com wrote: "In my fantasy life, I’m Ruby Rose from John Wick: Chapter 2, Gina Carano from Haywire, with possibly some ...
Continue Reading

New Dark Web Site Offers Automated Social Engineering-As-A-Service

This Site Creates Robocalls to Steal People’s Credit Card PINs A June 30, 2017 post on Motherboard revealed a V1.0 of a site that does automated social engineering as a service, and has ...
Continue Reading

Windows 10 Stops Ransomware Cold? Not So Fast!

Recently, Microsoft claimed that no known ransomware could penetrate the new Win10 Creators Update. Presenting new anti-ransomware protection features added in Win 10 CU, Robert Lefferts, ...
Continue Reading

See Me On Video At The NYSE Cyber Investing Summit Pitching KnowBe4

The CyberWire wrote: Pitches: "Innovation from Young Companies The Pitch Panel was the Cyber Investing Summit's fast round of innovation pitches, moderated by Allegis's Bob Ackerman and ...
Continue Reading

New PowerPoint Social Engineering Attack Installs Malware Without Requiring Macros

Researchers at Security firm SentinelOne reported that a group of hackers is using malicious PowerPoint files to distribute 'Zusy,' a banking Trojan, also known as 'Tinba' (Tiny Banker). ...
Continue Reading

Proofpoint:"Cyber Criminals Shifting To Social Engineering."

In their new "The Human Factor Report 2017" Proofpoint wrote: "Cyber criminals relied less on automated attacks and exploits, shifting instead to social engineering." The change to social ...
Continue Reading

Inside the Tech Support Scam Ecosystem

Dennis Fisher at OnThe Wire reported on some fascinating research by three PhD candidates at Stony Brook University. He wrote: "Fake tech support schemes have been a scourge on the ...
Continue Reading

Verizon: "Most Breaches Trace to Phishing, Social Engineering"

BankInfoSecurity wrote: "Ninety percent of data breaches seen by Verizon's data breach investigation team have a phishing or social engineering component to them. Not coincidentally, one ...
Continue Reading

Phishing Attack Uses Stuxnet Technology And Makes PCs Into Roombugs

Researchers have uncovered an advanced malware-based operation that siphoned more than 600 gigabytes from about 70 targets in a broad range of industries, including news media, and ...
Continue Reading

KnowBe4 Introduces New “Social Engineering Indicators” Training Method

Today, we are introducing a new training method that IT managers can use to better manage the continually increasing social engineering threats. Social Engineering Indicators (SEI) turns ...
Continue Reading

Criminal India Call Center Uses Social Engineering To Scam 15,000 Americans

I got alerted by a Slashdot story about we have been covering here several times.  An FBI agent based in India says the country has now become a major hub for call-center fraud, blaming ...
Continue Reading

Expect Malicious Machine Learning In 2017, making social engineering more effective

Intel Security's McAfee Threat Predictions for 2017 (PDF) observes that advances in technology are essentially neutral and that developments like machine learning should be welcomed, but ...
Continue Reading

Russian Breach US Grid? Nah, Someone Fell For Social Engineering And Enabled Macros

Breathlessly, the Washington Post reports that the Russian Grizzly Steppe malware was found within the system of a Vermont power utility.  Nah, they just dodged a bullet. This time ...
Continue Reading

Disk-Killer Malware Adds Ransomware Feature And Charges $200,000+ 

Talk about adding insult to injury with this new KillDisk version. Here is how social engineering can cost you dearly.  The Sandworm cybercrime gang has upped its game. They were ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews