213 articles · page 2 of 5
KnowBe4, Sunday, March 15th, 2026
Sending an unsecured email can be likened to writing sensitive information on a sticky note and leaving it on someone else's desk: anybody can intercept and share that information. Fortunately, there are ways to ensure your emails are safe from the prying eyes of hackers through encryption, meaning your message - no matter how sensitive - is seen only by the intended recipient.
more →
KnowBe4, Saturday, March 14th, 2026
When we think about misdirected email, we often put ourselves in the shoes of the sender. After all, nobody wants to tell their manager that they might (however accidentally) be responsible for a data breach. But what you do when you're on the other side of the inbox?
more → KnowBe4, Friday, March 13th, 2026
- What is Email Data Loss Prevention (DLP)? - Traditionally, email data loss prevention software has used static rules to stop users from emailing sensitive or confidential data. Specifically, email DLP protects organizations from accidentally exposing sensitive data such as bank account numbers, passwords, credit card numbers, intellectual property, or trade secrets.
more → KnowBe4, Thursday, March 12th, 2026
The US Federal Bureau of Investigation (FBI) has issued an advisory warning of a phishing campaign that's impersonating city and county officials to send phony requests for permit fees.
more → KnowBe4, Wednesday, March 11th, 2026
The number of ransomware attacks increased by 50% in 2025, even though the number of victims who decided to pay the ransom fell to an all-time low, according to a new report from Chainalysis.
more → KnowBe4, Tuesday, March 10th, 2026
Our increasing dependence on the internet and specifically email for business and personal communication has produced the perfect environment for cybercriminals to launch phishing attacks.
more → KnowBe4, Tuesday, March 10th, 2026
Security awareness programs are built on measurement. Before you can reduce human risk, you need a clear understanding of where knowledge gaps exist across your workforce. For many organizations, that process starts with a baseline assessment.
more → KnowBe4, Tuesday, March 10th, 2026
Yes, you need AI to defeat AI. Long-time followers of mine know that I am not an AI hype person. Some people might even call me an AI critic. I prefer to call myself an AI realist.
more → KnowBe4, Monday, March 9th, 2026
As I wrote in my recent book, How AI and Quantum Impacts Cyber Threats and Defenses, as we humans use AI more and more, AI will begin to communicate with itself using new AI-only communication methods that humans cannot easily see or read.
more → KnowBe4, Monday, March 9th, 2026
More than 90% of successful cyberattacks start with email, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA). That's not because security teams lack tools, but because attackers target human decision-making.
more → KnowBe4, Saturday, March 7th, 2026
OSINT stands for open-source intelligence. It is the collection, analysis, and dissemination of information from publicly available sources, such as social media, government reports, newspapers, and other public documents.
more → KnowBe4, Friday, March 6th, 2026
Email attacks have become one of the key ways for hackers to target organizations and individuals. The sheer number of tools available has made it easier than ever for non-technical cybercriminals to launch sophisticated cyber attacks. As a result, many resources are available for each stage of the kill chain - from reconnaissance to delivery to weaponization.
more → KnowBe4, Friday, March 6th, 2026
Fake calendar invites have been a problem on Gmail for years. Even though they could appear on other calendar services, I hadn't seen or read about a lot of it. Gmail had been taking the brunt of the fake calendar invites.
more → KnowBe4, Friday, March 6th, 2026
Most data breaches don't happen because systems fail. They happen because people make routine errors.
more → KnowBe4, Thursday, March 5th, 2026
Messaging platforms are now a major vector for phishing and other social engineering attacks, according to a new report from NCC Group's Fox-IT.
more → KnowBe4, Thursday, March 5th, 2026
Email-based threats are evolving faster than traditional solutions can keep up. According to Verizon's 2025 Data Breach Investigations Report, the use of synthetically generated text in malicious emails has doubled over the past two years.
more → KnowBe4, Thursday, March 5th, 2026
Spear phishing is on the rise in the US and is quickly becoming the biggest cybersecurity threat for businesses. With more sophisticated, human-like emails and a greater reliance on email communication in general, it can be difficult to spot a standard phishing attack, let alone a spear phishing one.
more → KnowBe4, Wednesday, March 4th, 2026
Phishing isn't just increasing. It's outpacing the way many organizations test for it. Attacks have surged 400% year over year, and corporate users are now more likely to be targeted by phishing than by malware.
more → KnowBe4, Wednesday, March 4th, 2026
Our increasing dependence on the internet and, specifically, email for business and personal communication has produced the perfect environment for cybercriminals to launch phishing attacks.
more → KnowBe4, Tuesday, March 3rd, 2026
Sending a work email to the wrong person - it's something all of us have done at least once in our working lives. For some people, it's a regular occurrence. But just how risky is it?
more → KnowBe4, Tuesday, March 3rd, 2026
Threat actors are using phony meeting invites for Zoom, Microsoft Teams, Google Meet and other video conferencing applications to trick users into installing remote monitoring and management (RMM) tools, according to researchers at Netskope.
more → KnowBe4, Friday, February 27th, 2026
By the end of 2026, over 90% of all credential compromise attacks are estimated to be enabled by modular Phishing-as-a-Service (PhaaS) kits like the sophisticated, global threat, Kratos.
more → KnowBe4, Tuesday, February 24th, 2026
Social engineering remains the most reliable way into an organization-and attackers are getting better at it every day.
more → KnowBe4, Tuesday, February 24th, 2026
Threat actors are using phony meeting invites for Zoom, Microsoft Teams, Google Meet, and other video conferencing applications to trick users into installing remote monitoring and management (RMM) tools, according to researchers at Netskope.
more → KnowBe4, Tuesday, February 24th, 2026
Do Passwords Need to Be 25+ Characters Due to AI and Quantum Attacks?
more → KnowBe4, Sunday, February 22nd, 2026
Cybercriminals continually evolve their techniques, leading to more successful phishing attacks. Using techniques such as text-based attacks that utilize social engineering and highly targeted spear phishing, bad actors are able to bypass traditional email security and land in their target's inbox.
more → KnowBe4, Friday, February 20th, 2026
There's a beautiful moment happening right now, and by "beautiful" I mean "horrifying in that can't-look-away-from-the-car-crash sense'.
more → KnowBe4, Thursday, February 19th, 2026
Social engineering remained the top initial access vector for cyberattacks in 2025, with increasing assistance from AI tools, according to a report from ThreatDown. The researchers warn that AI will likely become a core component of social engineering attacks throughout 2026.
more → KnowBe4, Wednesday, February 18th, 2026
Prior to my further research into AI and quantum for my latest book, How AI and Quantum Impact Cyber Threats and Defenses, I had pretty solid password policy recommendations:
more → KnowBe4, Tuesday, February 17th, 2026
There's a moment in every security professional's career when they realise the game has fundamentally changed. Mine came last Tuesday at 3:47 PM, watching my colleague Erich argue with an AI agent about expense policy while simultaneously being phished by what I'm 87% certain was another AI agent pretending to be from IT.
more → KnowBe4, Tuesday, February 17th, 2026
Cybercriminals are abusing legitimate invoices and dispute notifications from popular services to send scam emails that bypass security filters, according to researchers at Kaseya's INKY. The attackers have used this technique to impersonate PayPal, Apple, DocuSign, HelloSign, and others.
more → KnowBe4, Friday, February 13th, 2026
I am excited to announce my latest book, "How AI and Quantum Impact Cyber Threats and Defenses: Shaping Your Cyber Defense Strategies."
more → KnowBe4, Thursday, February 12th, 2026
KnowBe4 Threat Labs has detected a sophisticated phishing campaign targeting North American businesses and professionals.
more → KnowBe4, Thursday, February 12th, 2026
Researchers at Okta warn that a series of phishing kits have emerged that are designed to help threat actors launch sophisticated voice phishing (vishing) attacks that can bypass multifactor authentication.
more → KnowBe4, Tuesday, February 10th, 2026
Trusted Platform but Same Old Phish: Now LinkedIn DMs Target Your Execs
more → KnowBe4, Tuesday, February 10th, 2026
If you look back just a couple of years, the digital landscape looks almost unrecognizable. We've moved from AI being a cool new tool to it being at the heart of our online lives.
more → KnowBe4, Tuesday, February 10th, 2026
Valentine's Day is usually a time for flowers and candlelight, but in recent years the digital dating landscape has shifted from a place of hope to a high-tech minefield. While "catfishing" was once the primary concern for online daters, 2026 has ushered in a more sinister era: the completely AI-enabled romance scam.
more → KnowBe4, Monday, February 9th, 2026
The first requirements set forth for the EU AI Act start this month (February). Luckily, this regulation starts with some of the easiest components to comply with; these are related to banned activities and basic AI literacy.
more → KnowBe4, Thursday, February 5th, 2026
Commodity phishing platforms are now a central component of the cybercriminal economy, according to researchers at Flare. These platforms allow threat actors of all skill levels to carry out advanced attacks at scale.
more → KnowBe4, Thursday, February 5th, 2026
Researchers at Palo Alto Networks' Unit 42 warn of a proof-of-concept (PoC) attack technique in which threat actors could use AI tools to generate malicious JavaScript in real time on seemingly innocuous webpages.
more → KnowBe4, Wednesday, February 4th, 2026
In the relentless growth of the phishing landscape, technical advances like AI have made attack methods two-pronged. They target technical weaknesses and use identity-based attacks to bypass defenses that land directly in end user inboxes.
more →
KnowBe4, Tuesday, February 3rd, 2026
A phishing campaign is abusing LinkedIn private messages to target executives and IT workers, according to researchers at ReliaQuest. The messages attempt to trick victims into opening an archive file, which will install a legitimate pentesting tool.
more → KnowBe4, Tuesday, February 3rd, 2026
QR code phishing scammers are increasingly using visually stylized QR codes to deliver phishing links, Help Net Security reports.
more → KnowBe4, Thursday, January 29th, 2026
One of my first intentional 'to-dos' this year has been spending time with the World Economic Forum's Global Cybersecurity Outlook 2026, a report I was privileged to actively contribute to over the past year.
more → KnowBe4, Wednesday, January 28th, 2026
With organizations collecting and storing massive amounts of personal data these days, much of which people share freely, we need to become better at protecting data on both the storing and sharing side of things.
more → KnowBe4, Tuesday, January 27th, 2026
KnowBe4 Threat Labs recently examined a sophisticated dual-vector campaign that demonstrates the real-world exploitation chain following credential compromise.
more → KnowBe4, Friday, January 23rd, 2026
Scammers are increasingly using visually stylized QR codes to deliver phishing links, Help Net Security reports. QR code phishing (quishing) is already more difficult to detect, since these codes deliver links without a visible URL. Attackers are now using QR codes with colors, shapes, and logos woven into the code's pattern.
more → KnowBe4, Thursday, January 22nd, 2026
KnowBe4 Threat Labs recently examined a sophisticated dual-vector campaign that demonstrates the real-world exploitation chain following credential compromise.
more → KnowBe4, Thursday, January 22nd, 2026
A widespread phishing campaign is targeting LinkedIn users by posting comments on users' posts, BleepingComputer reports.
more → KnowBe4, Wednesday, January 21st, 2026
While organizations invest heavily in stopping threats from entering their networks, a critical vulnerability often goes underprotected: sensitive data leaving the organization through email.
more →