We are proud to announce that TrustRadius has recognized KnowBe4 with a 2023 Top Rated Award. With a trScore of 9.0 out of 10 and over 800 verified reviews and ratings, KnowBe4 is recognized by the TrustRadius community as a valuable player in the Security Awareness Training category. Reviewers on TrustRadius gave high marks for KnowBe4’s overall ease of use, the variety of training and phishing content available, and great customer support.

A newly identified criminal organization has been observed running a large number of business email compromise (BEC) scams. Since February 2021, Abnormal Security reports the gang has been responsible for some 350 BEC campaigns against a range of companies. No particular sector is favored, but the scammers favor larger organizations, with more than 100 of the targets being multinational corporations with offices in several countries.

New data shows a resurgence in successful ransomware attacks with organizations in specific industries, countries and revenue bands being the target. While every organization should always operate under the premise that they may be a ransomware target on any given day, it’s always good to see industry trends to paint a picture of where cybercriminals are currently focusing their efforts.

According to the 2023 “Open Source Security and Risk Analysis” (OSSRA) report, 96% of commercial code contains open source. In fact, 76% of the code scanned by Black Duck® Audit Services was open source. In other words, no matter what applications your organization builds, uses, or sells, you can be virtually certain that the application contains open source.

For many companies, a business credit card is part of the organization’s lifeblood. As such access to it must be vigilantly maintained. One potential area of risk is employees sharing credit card details in collaborative SaaS applications like Slack, where these details are at significant risk of being exposed to unauthorized parties.

Security professionals were once confident that the valuable data they protected was safely tucked away inside heavily fortified data centers. But as businesses of all sizes undergo digital transformation, moving their data to the cloud and across numerous distributed locations, the demands placed on legacy data protection systems have changed drastically.

Privileged Access Management (PAM) in cybersecurity is how organizations manage and secure access to highly sensitive accounts, systems and data. Without PAM, organizations are at greater risk of a cyberattack impacting privileged accounts. Continue reading to learn more about PAM and its crucial role in cybersecurity.

Too many organizations fail to see advanced threats as they make their way into and through their systems. This is partially because organizations have too many tools feeding them more information than their staff can handle, and partially because those tools are siloed off and improperly managed, preventing comprehensive information and complete understanding of what’s happening within an organization’s IT infrastructure.

For many financial institutions and retail businesses, there is a need to balance the risks associated with payment fraud and advanced persistent threats against the economic imperative to provide excellent customer experiences in a competitive market. When good users are mistakenly flagged as fraudsters and can’t access payment services, customers get angry and brands lose revenue. These false declines result in lost customers, damaged reputation and lower revenue.

Typosquatting goes by many names: URL hijacking, domain mimicry and domain typo-squatting, to name a few. However, they all mean the same thing: malicious attackers register domain names similar to popular websites but with common typos and variations. Typosquatting aims to trick users who mistype the legitimate URL into visiting and using the fraudulent site. It is a widespread practice.