New data from Verizon makes it clear that the Education sector is under attack, but also breaks down which threat actions and patterns are used most. We’ve seen Education institutions become a major focus for cybercriminals and entities like the New York State Education Department and the FBI have issued warnings.

Innovative analysis of data breaches shows which attack vectors are being used and how they’re enabled, highlighting the roles phishing and credentials play. In light of the recent release of the Verizon Data Breach Investigations Report this week, we have delved into the findings to continue our coverage of important cybersecurity issues, specifically data breaches and phishing.

For most folks, social media has become integral to their daily lives in today's hyperconnected world. They use platforms like Facebook, Twitter and Instagram to share their thoughts, experiences and personal moments with friends and family. Being online has even become a business for content creators, who share their insights and thoughts of their daily lives, from “Getting Ready With Me” (GRWM) to recording video trends of jumping over your camera to the beach or the latest dance craze.

The long-awaited annual Verizon Data Breach Investigations Report is out, and it’s made very clear that users continue to be a problem in phishing attacks. I’ve said it before, if you only read one report each year, the Verizon Data Breach Investigations Report is one you shouldn’t miss. And this year’s report starts off with a topic close to our hearts here at KnowBe4: users engaging with phishing emails and clicking links.

Is "RogerLovesTaco$24" a strong password? No! Everyone has a ton of passwords. They should be strong and unique for every site and service you use. Everyone knows this. Note: The information and recommendations in this post are supported in detail by the KnowBe4 ebook,

Newly-released data highlights our worst fears about the prevalence of phishing, and some glimmer of hope that the good guys may be winning the fight. Every quarter, the Anti-Phishing Working Group puts out a Phishing Activity Trends Report to highlight the changes in phishing attacks, including the number of campaigns, attacks, targets, and brands impersonated. The focus of the report covering 4th Quarter 2023 was the significant dip in the number of attacks in Q3 of last year.

Suspected North Korean threat actors are attempting to trick software developers into downloading malware during phony job interviews, according to researchers at Securonix. The threat actors contact software developers with seemingly legitimate employment opportunities before scheduling virtual job interviews.

With all great power, there comes an equal potential for misuse. Among the sophisticated arsenal of threat actors, impersonation attacks have surged to the forefront, which questions our sense of trust.

For many fresh out of college, the drive to land that first professional role is a top priority. Yet, new graduates can be exposed to sophisticated scams that can jeopardize not just their finances but also their identities. Imagine receiving an email that mentions your former school dean or a professor, claiming they've personally recommended you for a fantastic job opportunity.

This blog was co-written by Javvad Malik and Erich Kron. Let’s dive into the cautionary world of phishing simulations gone wrong. You know, those attempts to train users not to fall for phishing that somehow end up setting off more alarms than a Hawaiian missile alert system. Let's explore why we need to phish our users, but more importantly, how not to phish them. We turn to two of our trusted security awareness advocates Javvad Malik (JM) and Erich Kron (EK) to shed some light on the matter.