Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

How Hackers Exploit Microsoft Teams in Social Engineering Attacks

Attackers are using Microsoft Teams calls to trick users into installing the Matanbuchus malware loader, which frequently precedes ransomware deployment, according to researchers at Morphisec. Matanbuchus is a malware-as-a-service offering that allows threat actors to install additional payloads onto infected Windows systems. “Over the past nine months, Matanbuchus has been used in highly targeted campaigns that have potentially led to ransomware compromises,” Morphisec says.

Malicious Connectors Potentially Impact Hundreds of Millions of Microsoft 365 Users

Most Microsoft 365 users aren’t aware of this recently growing serious email threat vector. I have been teaching about the risks of Microsoft email rules, forms and connectors on email clients and servers for decades. Both can be created by an attacker learning your email address and logon credentials (e.g., password or MFA codes).

Boost Your Browsing Security: Integrate SecurityCoach with Microsoft Edge for Business

Managing the security gap between your technical defenses and user behavior just got easier! Introducing KnowBe4 SecurityCoach for Microsoft Edge for Business integration. As one of the only human risk management platforms with a native reporting connector in Microsoft Edge for Business, SecurityCoach now transforms your browser into a real-time coaching platform.

KnowBe4 Named a 2025 Gartner Peer Insights Customers' Choice for Email Security Platforms

KnowBe4 is excited to announce that we have been recognized as an overall Customers’ Choice in the July 2025 Gartner Peer Insights Voice of the Customer for Email Security Platforms Report. The Gartner Peer Insights Customers’ Choice distinction is based on feedback and ratings from end-user professionals who have experience purchasing, implementing and/or using a product or service.

Bridging the Gap: Human Risk in African Cybersecurity

Africa's cybersecurity landscape presents a paradox: a widespread belief in preparedness among organisations, although significant blind spots continue to exist, particularly concerning their human layer - their employees. The KnowBe4 Africa Human Risk Management Report 2025, drawing insights from 124 senior cybersecurity decision-makers across 30 African countries, uncovers several concerns in the continent's cyber readiness.

Warning: Ransomware Attacks Surged by 63% Last Quarter

Ransomware attacks increased by 63% year-over-year in the second quarter of 2025, with a total of 276 publicly disclosed incidents, according to a new report from BlackFog. Notably, there were far more ransomware attacks that weren’t publicly disclosed. The researchers note, “The figures also reveal that the scale of hidden activity remains significant, with 80.9% of all ransomware attacks going unreported.

Ransomware Trends in 2025

I’ve been following ransomware since the first one, the AIDS Cop Trojan, was released in December 1989. It locked up victim computers and asked for $300 to be sent to a Panama P.O. Box. A lot has changed since then. The invention of cryptocurrencies, particularly Bitcoin in January 2009, was largely responsible for the explosion of ransomware by 2013. This was when CryptoLocker ransomware was released to the world. Ransomware gangs have been making many billions of dollars per year ever since.

Job Seekers Beware: Many People Are Falling for Employment Scams

More than one in ten people who were targeted by job scams this year fell victim, according to a report from Resume.org. Younger people, particularly young men, are more likely to fall victim. “In total, 14% of those who received a job scam text fell victim,” the report says. “Younger workers are more likely to have fallen victim to the scam. “Twenty percent of Gen Zers fell for a job scam, followed by 16% of millennials, 10% of Gen Xers, and just 4% of boomers.

FTC Advisory: How to Protect Yourself Against Job Scams

The US Federal Trade Commission (FTC) has issued an advisory warning of job scams that impersonate well-known companies with tempting employment opportunities. The scammers are trying to steal users’ personal and financial information in order to steal their money or launch further attacks.

Thousands of Spoofed News Sites Are Pushing Push Investment Fraud Scams

Scammers are using over 17,000 phony news sites to push investment fraud, according to a new report from CTM360. These websites, which the researchers call “Baiting News Sites (BNS),” spread via legitimate ad platforms such as Google or Meta. The sites impersonate well-known news providers, including CNN, the BBC, CNBC, News24, and ABC News. If a user clicks on one of these sites, they’ll be shown a fake news article about a well-known figure promoting a phony investment opportunity.