Cybersecurity issues more commonly arise from insider activity than outside activity. Of course, attacks by external threat actors still occur, but insider incidents cause most data breaches and leaks. Often, insider threat and insider risk are used interchangeably to describe cybersecurity risks posed by people with inside knowledge of a company.

For most folks, social media has become integral to their daily lives in today's hyperconnected world. They use platforms like Facebook, Twitter and Instagram to share their thoughts, experiences and personal moments with friends and family. Being online has even become a business for content creators, who share their insights and thoughts of their daily lives, from “Getting Ready With Me” (GRWM) to recording video trends of jumping over your camera to the beach or the latest dance craze.

The long-awaited annual Verizon Data Breach Investigations Report is out, and it’s made very clear that users continue to be a problem in phishing attacks. I’ve said it before, if you only read one report each year, the Verizon Data Breach Investigations Report is one you shouldn’t miss. And this year’s report starts off with a topic close to our hearts here at KnowBe4: users engaging with phishing emails and clicking links.

An offensive security strategy is a sophisticated and dynamic approach that extends beyond mere testing. It's a comprehensive plan that aligns with an organization's core mission, transforming security from a passive shield to an active spearhead. After all, in any fight, a combatant can only block punches for so long before striking back.

The cyberthreat landscape is in a state of constant evolution. As the digital dependency of businesses grows, so do the opportunities for those looking to take advantage of it. In recent years, we have witnessed an upsurge in a new type of malicious actor: the non-technical cybercriminal.

What is the government if not an organization dedicated to the creation of paperwork? All of that paperwork means something, though, and it can range from trivial to vitally important. One of the more important forms, if it’s required for your business or institution to fill out, is the DD2345 form. What is it, what is it used for, do you need one, and how does it interact with CMMC?

Higher education institutions are a growing target for cybercriminals due to the high volume of sensitive information and data they collect and use. From enrollment to matriculation, colleges and universities utilize student data for everything from financial aid packages to determining eligibility for coursework. According to a report by Check Point Research, the education sector (specifically higher education) has experienced significantly more cyber attacks than any other industry in recent years.

The EU Cyber Diplomacy Toolbox is a framework developed by the European Union to enhance its ability to prevent, deter, and respond to malicious cyber activities that may threaten its external security. The European Commission adopted the Toolbox in 2017 as part of the EU's broader strategy to promote a global, open, stable, and secure cyberspace.

Shadow IT – the use of apps or devices outside IT’s oversight – can mean that important business information is at risk of being exposed.

This month we dive into CVE-2024-27198 for JetBrains TeamCity and the controversy surrounding the patching process that contributed to it being exploited in the wild.