Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

CISA: Healthcare Organizations Should Be Wary of Increased Ransomware Attacks by ALPHV Blackcat

A joint cybersecurity advisory published last week discusses ransomware attack impacts on healthcare, along with ALPHV’s attack techniques, indicators of compromise (IoCs) and proper ...
Continue Reading

If Social Engineering Accounts for up to 90% of Attacks, Why Is It Ignored?

Social engineering and phishing are involved in 70% to 90% of all successful cybersecurity attacks. No other initial root hacking cause comes close.
Continue Reading

Sophos: Over 75% of Cyber Incidents Target Small Businesses

New analysis of incident data shows threat actors are evolving their attack techniques to take advantage of budget and resource-strapped small businesses.
Continue Reading

Organizations Are Vulnerable to Image-based and QR Code Phishing

A majority of organizations have a false sense of security regarding their resistance to phishing attacks, according to a new report from researchers at IRONSCALES and Osterman Research.
Continue Reading

Despite Feeling Prepared for Image-Based Attacks, Most Organizations Have Been Compromised by Them

With QR-code phishing attacks on the rise, new data sheds light on just how unprepared organizations actually are in stopping and detecting these device-shifting attacks.
Continue Reading

New Research: BEC Attacks Rose 246% in 2023

Business email compromise (BEC) attacks surged by 246% last year, according to researchers at ReliaQuest.The researchers believe the increase is due to widely available phishing kits that ...
Continue Reading

Compromised Credentials Postings on the Dark Web Increase 20% in Just One Year

Data trends show a clear upward momentum of posts from initial access brokers on the dark web, putting the spotlight on what may become cybersecurity’s greatest challenge.
Continue Reading

AI-Driven Voice Cloning Tech Used in Vishing Campaigns

Scammers are using AI technology to assist in voice phishing (vishing) campaigns, the Better Business Bureau (BBB) warns. Generative AI tools can now be used to create convincing ...
Continue Reading

[Security Masterminds] The Art of Defending Against Social Engineering in the Age of AI: Insights from Rachel Tobac

Social engineering attacks can seem unpredictable and challenging to defend against. However, with the right approach, organizations can better protect themselves.
Continue Reading

I am announcing AIDA: Artificial Intelligence Defense Agents!

AI is evolving at breakneck speed. Elon Musk recently said: "I've never seen any technology advance faster than AI compute. We are on the edge of the biggest technology revolution ever. ...
Continue Reading

Dodging Digital Deception: How to Spot Fake Recruiters and Shield Your Career Search from Phishing Scams

Scammers are impersonating job-seeking platform Dice with phony employment opportunities designed to steal victims’ information.
Continue Reading

How Much Will AI Help Cybercriminals?

Do not forget, AI-enabled technologies, like KnowBe4’s Artificial Intelligence Defense Agents (AIDA), will make defenses increasingly better.
Continue Reading

Generative AI Results In 1760% Increase in BEC Attacks

As cybercriminals leverage tools like generative AI, making attacks easier to execute and with a higher degree of success, phishing attacks continues to increase in frequency.
Continue Reading

The European Union's Unified Approach to Cybersecurity: The Cyber Solidarity Act

The construction of a more cyber resilient European Union (EU) took a remarkable step forward this past week as negotiators from the European Parliament and the European Council reached a ...
Continue Reading

FBI's 2023 Internet Crime Report Highlights Alarming Trends on Ransomware

The specter of cybercrime continues to grow, with losses soaring to $12.5 billion in 2023, according to the recently released Internet Crime Report by the FBI's Internet Crime Complaint ...
Continue Reading

Three Essential Truths Every CISO Should Know To Guide Their Career

According to my research, it became clear that if CISO's focused on these three items, it would take care of 99% of the vulnerabilities.
Continue Reading

AI and Ransomware Top the List of Mid-Market IT Cyber Threats

A recent report reveals a significant discrepancy in the priorities of mid-market IT departments when it comes to addressing cyber threats. It's somewhat ironic that IT professionals find ...
Continue Reading

European Diplomats Targeted With Phony Invitations to a Wine-Tasting Party

Researchers at Zscaler observed a cyberespionage campaign that targeted European diplomats with malicious PDFs disguised as invitations to a wine-tasting party hosted by the Ambassador of ...
Continue Reading

Customer Spotlight: MESA’s Strategy for Building Strong Security Culture and Email Defense

In a world where digital threats grow more sophisticated by the day, gaining firsthand knowledge from those who have successfully bolstered their organization's defenses is invaluable.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews