Monthly Archives: January 2023

Researchers at Fortinet warn that a phishing campaign is impersonating the Chinese Ministry of Finance. The phishing emails contain a document with a QR code that leads to a credential-harvesting site.

We are excited to have more than 130,000 individuals become (ISC)² Candidates since launching in September 2022. Many of them will go on to earn their Certified in Cybersecurity (CC) as part of our One Million Certified in Cybersecurity pledge. … Read More

Cybersecurity Ventures released a new report that showed cybercrime is going to cost the world $8 trillion USD in 2023.

TikTok is fined for a privacy violation, major corporations suffer breaches and Vice Society attacks another school. Here are the latest threats and advisories for the week of January 20, 2023. Threat Advisories and Alerts U.K. School Survey Reveals Surprising … Read More

An unusual phishing technique has surfaced this week. Avanan, a Check Point Software company, released a blog Thursday morning detailing a new attack in which hackers hide malicious content inside a blank image within an HTML attachment in phishing emails … Read More

Malicious use of the text-based AI has already begun to be seen in the wild, and speculative ways attackers can use ChatGPT may spell temporary doom for cybersecurity solutions.

New data shows that SMBs can clearly see where they have cybersecurity issues and are taking great strides to put their devoted budget to security technology and services that actually have a chance at solving the problem!

Finally some good news from the ransomware front!  Despite bad actors launching a number of ransomware campaigns throughout 2022, organizations refused to submit and paid criminals an estimated $456.8 million – 40% less than the astounding total of $765 million … Read More

Africa’s largest law firmordered to pay R5.5 million to a woman who fell victim to a hacking syndicate. When Judith Hawarden was buying a house, hackers changed the bank account number in a PDF emailed to her by ENSafrica, the … Read More

Mandiant has published a report describing phishing emails that have breached organizations in the industrial sector. Mandiant explains that the majority of phishing attacks are untargeted and opportunistic. Most attackers wait to see which organizations they can compromise, and then … Read More

Researchers at Armorblox warn that a phishing campaign is impersonating DHL with fake shipping invoices.

An analysis of the publicly-accessible data on ransomware attacks shows that these sectors that were a primary target of ransomware in 2021 continued as targets in 2022 to the same degree.

In a new twist, threat actors use a typo squatted domain name to increase the chances that stolen data will be seen by the general public after not being paid the ransom.

Researchers at Group-IB are tracking a previously unknown threat actor dubbed “Dark Pink” that’s using spear phishing attacks to target government, military, and religious organizations. Most of the attacks were focused on countries in Southeast Asia, though one of them … Read More

We often hear that cybersecurity certifications have a global reach. When we spoke with Vanessa Leite we learned how true that actually is. Vanessa holds several certifications, including vendor-specific ones, along with the CISSP and CCSP credentials from (ISC)². She … Read More

Techradar reported that cyberattacks saw a significant rise in 2022, mostly due to the increase in organizations going virtual to combat the effects of the Covid-19 pandemic, and the rise of smaller and more agile hacker and ransomware groups, new research has … Read More

We’re thrilled to announce that the power of KnowBe4’s most popular free password security tool has been brought to your KnowBe4 console as a new feature!

PhishER, KnowBe4’s industry-leading Security Orchestration, Automation and Response (SOAR) platform, takes an otherwise complicated and inefficient threat management workflow and allows admins to quickly reduce risk and train users.