Monthly Archives: December 2022

Despite good intentions, layered security measures, and efficacy claims by security solution vendors, new data shows that email-based threats are still getting all the way to the Inbox.

Analysis of the year’s breaches shows Finance and Insurance businesses are the most targeted and have lost a material count of records as a result.

Check out the 36 new pieces of training content added in December, alongside the always fresh content update highlights and new features.

New data focused on cyberattacks in the second half of the year-to-date shows phishing taking the overwhelming lead as the initial attack vector of choice.

By Roger A. Grimes. KnowBe4 recommends that everyone use a password manager to create and use strong passwords as a part of their password policy https://info.knowbe4.com/wp-password-policy-should-be

Dec. 27, 2022, The Ohio Supreme Court ruled in favor of an insurance company, determining that its contract to cover any direct physical loss or damage to property did not encompass ransom payments made when a hacker illegally gained access … Read More

By Aaron Weathersby, CISSP. Aaron is the Chief Information Officer for Charles R. Drew University of Medicine and Science and holds a Doctor of Science in Cyber Security from Marymount University. He is an Information Technology professional with over 18 … Read More

QBot malware phishing campaigns have adopted a new distribution method using SVG files to perform HTML smuggling that locally creates a malicious installer for Windows.

Impersonating Facebook using its own platform against them, a new phishing attack takes advantage of victim’s inability to distinguish legitimate from illegitimate.

Ransomware hits hard around the world – again, Cybercriminals steal food and Fortnite’s developer is fined millions. Here are the latest threats and advisories for the week of December 23, 2022.  Threat Advisories and Alerts  Criminal Actors Use BEC Attacks … Read More

The malicious abuse of several developer program accounts in Microsoft’s Windows Hardware Developer Program allowed threat actors to have malware evade detection.

Researchers at ESET warn that a Chinese-speaking threat actor dubbed “MirrorFace” targeted Japanese political organizations with spear phishing emails in the run-up to the Japanese House of Councillors election in July 2022.

As an apparent method of political commentary on the war in Ukraine, the new Azov wiper uses a mix of intermittent overwriting and trojanizing Windows binaries to annihilate its’ victims.

New data shows that while ransomware remains somewhat flat, massive increases in business email compromise and response-based email attacks were seen last quarter.

From fighting the ever-present ransomware threat to securing cloud infrastructures to honing identity management practices, the past year’s showcase of (ISC)² webinar topics was wide-ranging and thought-provoking. A cursory look at the topics we tackled throughout 2022 provides a reflection of … Read More

A well-trained Knowster posted: “I lost my dog this weekend and my mother in law was trying to be helpful and put my real phone number on a few social media posts she made. Now im getting these kinds of … Read More

We are thrilled to announce that KnowBe4 has been named a leader in the latest G2 Grid Report that compares Security Awareness Training (SAT) vendors based on user reviews, customer satisfaction, popularity and market presence.

We are excited to announce that KnowBe4 has been named a leader in the Winter 2023 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR) for the PhishER platform for the seventh consecutive quarter!

Dear (ISC)² Members, Associates and Candidates:  I hope this message finds you well. As 2022 comes to an end, I am grateful for the opportunity to reflect on the past year and all we have achieved together.   Launching an entry-level certification … Read More