Monthly Archives: September 2023

The hospitality sector is seeing a new wave of phishing attacks. These new attacks are more plausible because they begin with compromised credentials and move to fraudulent emails sent from within a trusted network. The compromised systems are legitimate booking … Read More

What do cheese, fish and cybersecurity training have in common?  Each of these comes together to help keep kids informed about cyber threats and cybersecurity best practices with KnowBe4’s first ever entry into the Roblox gaming platform: Hack-A-Cat!

ZeroFox warns that phishing-as-a-service (PhaaS) offerings are increasingly including features to bypass multi-factor authentication.

A new report uncovers the scope and sophistication found in just one cybercrime vendor’s business that has aided credential harvesting and impersonation attacks for the last 6 years.

Security researchers at Check Point have discovered yet another attack that leverages legitimate web applications to host attacks in order to bypass security scanners.

Seen Christopher Nolan’s movie Inception? If you haven’t, it’s about a thief who is given the task of planting an idea into the mind of a CEO. The technology of implanting ideas is nothing new. Communist regimes were the very … Read More

WIRED just published an article that made me both disappointed and surprised at the same time. Security researchers found USB-based Sogu espionage malware spreading within African operations of European and US firms.

[BUDGET AMMO] Jeremy King is a partner at Olshan Frome Wolosky. He wrote an article for Bloomberg where he analyzed cyber risk management issues that companies should prioritize in response to new SEC reporting requirements for cybersecurity incidents and threats.

Researchers at Barracuda describe how attackers use legitimate email inbox rules to control compromised accounts and evade detection.

New data on the state of cyber insurance shows that it’s becoming more difficult to get a policy, and the organizations obtaining one share that circumstances could cause denial of claims.

A new SMS-based phishing attack uses a smishing kit-as-a-service to impersonate the U.S. Postal Service.

Now entering its third year in business, the phishing platform, Classicam, represents the highest evolution of an “as a service” cybercrime, aiding more than 1000 attack groups worldwide.

There’s been a surge of Elon Musk-themed cryptocurrency scams on TikTok, BleepingComputer reports. The scammers inform the victims that they can claim their reward after spending a small amount of bitcoin (about $132) to activate their account.

The latest data from IBM shows that the average cost of a data breach has gone up by 2% to a whopping $4.45 million. You would think that in the cybersecurity industry, people would be all about safety and security, right? … Read More

WASHINGTON – In a startling revelation, FBI Director Chris Wray disclosed at a recent conference that China’s cyber espionage capabilities are so extensive, they bigger than the efforts of all other major nations combined.

Scammers are using dating sites to lure victims into phony cryptocurrency investment schemes, according to Sean Gallagher at Sophos.

The International Joint Commission (ICJ), an organization that handles water issues along the Canada–United States border, was hit by a ransomware attack, the Register reports.

Now there’s a super easy way to keep malicious emails away from all your users through the power of the KnowBe4 PhishER platform!

Dallas Mavericks owner and well-known investor Mark Cuban reportedly lost nearly $900,000 in a phishing attack targeting his MetaMask cryptocurrency wallet.