Tag: KnowBe4

Sawfish Spearphishing Attacks Continue, Prompting Password Resets on GitHub and DeepSource

A new wave of attacks on GitHub users via app developer DeepSource has raised concerns over access to user credentials and development code. I’ve written about phishing attacks targeting GitHub users previously. But this month, users of GitHub partner DeepSource were notified of a security incident in which at least one of DeepSource’s employee credentials […]

1 in 3 Employees Rarely or Never Think About Cybersecurity

Eye-opening data around the impact of human error demonstrates how simple user mistakes can compromise your organization’s cybersecurity posture. It’s something we all know – employees that aren’t paying attention to corporate security aren’t helping. But new data from email security vendor Tessian quantifies this notion with some pretty surprising data. In their Psychology of […]

An Old Dog with Some New Tricks

The Emotet botnet is now including stolen attachments in its phishing emails to increase the appearance of authenticity, BleepingComputer reports. The botnet is well-known for targeting the contacts of compromised email accounts with phishing emails that are sent as replies to existing email threads, but the use of legitimate, benign attachments in these emails is […]

New Phishing Attack Targets 200M+ Microsoft 365 Accounts Via Malicious Excel .SLK Files to Bypass Security

Using an old (but supported) Excel filetype, attackers can bypass both Exchange Online Protection and Advanced Threat Protection to run malicious macros. Security researchers at Avanan have discovered a new attack method where cybercriminals send phishing emails that contain what appears to be an Excel spreadsheet. The file is actually an SLK file – a […]

New Calendar Invitations as Phishbait Attack Wave

BleepingComputer warns that cybercriminals are using calendar invites to send phishing links to Wells Fargo customers. Researchers at Abnormal Security discovered this phishing campaign in mid-June, and it’s targeted more than 15,000 people. The attackers are sending emails purporting to come from Wells Fargo that inform the recipient that they need to update their security […]

WARNING: The List of Ransomware-Turned-Data Breach Operators is Getting Long

Seeing a better opportunity to generate more “revenue” from their victims, the idea of ransomware also exfiltrating data to be used to extort the payment is gaining steam. Ransomware started as little more than a nuisance, impacting just a few endpoints. Then the idea of spreading throughout a network to infect as many machines as […]

Pyongyang’s Phishing with Job Offers

An attack campaign with possible ties to North Korea’s Lazarus Group targeted aerospace and military companies in Europe and the Middle East with spear phishing attacks late last year, according to researchers at ESET. The campaign, which the researchers call “Operation In(ter)ception,” used social engineering attacks on LinkedIn to trick employees into opening malware-laden documents. […]

Prediction: Ransomware Attacks to Spike as Employees Return to the Office

Because of the nature of ransomware attacks and the mass numbers of workers at home, anti-malware vendor Emisoft believes we’re going to see a rise once work returns to normal. Ransomware is a numbers game: launch enough attacks and a percentage of them will return revenue back to you. This rings true regardless of whether […]

Why People Don’t Learn (It’s Not Always Their Fault)

IT and security managers often fail to understand how well their employees actually absorb cybersecurity training, according to a survey from Mimecast and Forrester Consulting. The survey gathered responses from 120 senior IT and cybersecurity managers at companies in Australia, Hong Kong, New Zealand, and Singapore, as well as from 240 employees that worked within […]

COVID-19 Security Hints & Tips Email Templates In 10 Additional Languages

KnowBe4’s Product Content team is happy to announce that their 9 COVID-19 Security Hints and Tips email templates are now available in 10 additional languages. The new emails are available in: German (DE-DE) French – Canada (FR-CA) French – France (FR-FR) Japanese (JP-JP) Dutch (NL-NL) Portuguese – Brazil (PT-BR) Spanish – Latin America (ES-LA) Spanish […]