KnowBe4, Friday, February 13th, 2026
New Book! How AI And Quantum Impact Cyber Threats And Defenses
I am excited to announce my latest book, "How AI and Quantum Impact Cyber Threats and Defenses: Shaping Your Cyber Defense Strategies."
more →
232 articles · page 3 of 5
KnowBe4, Friday, February 13th, 2026
I am excited to announce my latest book, "How AI and Quantum Impact Cyber Threats and Defenses: Shaping Your Cyber Defense Strategies."
more →
KnowBe4, Thursday, February 12th, 2026
KnowBe4 Threat Labs has detected a sophisticated phishing campaign targeting North American businesses and professionals.
more →
KnowBe4, Thursday, February 12th, 2026
Researchers at Okta warn that a series of phishing kits have emerged that are designed to help threat actors launch sophisticated voice phishing (vishing) attacks that can bypass multifactor authentication.
more →
KnowBe4, Tuesday, February 10th, 2026
Trusted Platform but Same Old Phish: Now LinkedIn DMs Target Your Execs
more →
KnowBe4, Tuesday, February 10th, 2026
If you look back just a couple of years, the digital landscape looks almost unrecognizable. We've moved from AI being a cool new tool to it being at the heart of our online lives.
more →
KnowBe4, Tuesday, February 10th, 2026
Valentine's Day is usually a time for flowers and candlelight, but in recent years the digital dating landscape has shifted from a place of hope to a high-tech minefield. While "catfishing" was once the primary concern for online daters, 2026 has ushered in a more sinister era: the completely AI-enabled romance scam.
more →
KnowBe4, Monday, February 9th, 2026
The first requirements set forth for the EU AI Act start this month (February). Luckily, this regulation starts with some of the easiest components to comply with; these are related to banned activities and basic AI literacy.
more →
KnowBe4, Thursday, February 5th, 2026
Commodity phishing platforms are now a central component of the cybercriminal economy, according to researchers at Flare. These platforms allow threat actors of all skill levels to carry out advanced attacks at scale.
more →
KnowBe4, Thursday, February 5th, 2026
Researchers at Palo Alto Networks' Unit 42 warn of a proof-of-concept (PoC) attack technique in which threat actors could use AI tools to generate malicious JavaScript in real time on seemingly innocuous webpages.
more →
KnowBe4, Wednesday, February 4th, 2026
In the relentless growth of the phishing landscape, technical advances like AI have made attack methods two-pronged. They target technical weaknesses and use identity-based attacks to bypass defenses that land directly in end user inboxes.
more →
KnowBe4, Tuesday, February 3rd, 2026
A phishing campaign is abusing LinkedIn private messages to target executives and IT workers, according to researchers at ReliaQuest. The messages attempt to trick victims into opening an archive file, which will install a legitimate pentesting tool.
more →
KnowBe4, Tuesday, February 3rd, 2026
QR code phishing scammers are increasingly using visually stylized QR codes to deliver phishing links, Help Net Security reports.
more →
KnowBe4, Thursday, January 29th, 2026
One of my first intentional 'to-dos' this year has been spending time with the World Economic Forum's Global Cybersecurity Outlook 2026, a report I was privileged to actively contribute to over the past year.
more →
KnowBe4, Wednesday, January 28th, 2026
With organizations collecting and storing massive amounts of personal data these days, much of which people share freely, we need to become better at protecting data on both the storing and sharing side of things.
more →
KnowBe4, Tuesday, January 27th, 2026
KnowBe4 Threat Labs recently examined a sophisticated dual-vector campaign that demonstrates the real-world exploitation chain following credential compromise.
more →
KnowBe4, Friday, January 23rd, 2026
Scammers are increasingly using visually stylized QR codes to deliver phishing links, Help Net Security reports. QR code phishing (quishing) is already more difficult to detect, since these codes deliver links without a visible URL. Attackers are now using QR codes with colors, shapes, and logos woven into the code's pattern.
more →
KnowBe4, Thursday, January 22nd, 2026
KnowBe4 Threat Labs recently examined a sophisticated dual-vector campaign that demonstrates the real-world exploitation chain following credential compromise.
more →
KnowBe4, Thursday, January 22nd, 2026
A widespread phishing campaign is targeting LinkedIn users by posting comments on users' posts, BleepingComputer reports.
more →
KnowBe4, Wednesday, January 21st, 2026
While organizations invest heavily in stopping threats from entering their networks, a critical vulnerability often goes underprotected: sensitive data leaving the organization through email.
more →
KnowBe4, Thursday, January 15th, 2026
Attackers are increasingly abusing network misconfigurations to send spoofed phishing emails, according to researchers at Microsoft. This technique isn't new, but Microsoft has observed a surge in these attacks since May 2025.
more →
KnowBe4, Wednesday, January 14th, 2026
Researchers at RavenMail warn that a major phishing campaign targeted more than 3,000 organizations last month, primarily in the manufacturing industry.
more →
KnowBe4, Tuesday, January 13th, 2026
When You Can't Believe Your Eyes: AI and the New Misinformation Playbook
more →
KnowBe4, Thursday, January 8th, 2026
Email has been the backbone of business communication for decades and as such, it remains the attacker's favorite doorway into an organization.
more →
KnowBe4, Wednesday, December 31st, 2025
Find Out What Happens When You Call a Cybercriminal
more →
KnowBe4, Tuesday, December 30th, 2025
Researchers at Push Security have observed a new variant of the ClickFix attack that combines 'OAuth consent phishing with a ClickFix-style user prompt that leads to account compromise.'
more →
KnowBe4, Friday, December 19th, 2025
A popular phone call/voicemail scam (i.e., vishing) involves someone calling you, claiming to be law enforcement with a warrant for your arrest, and then offers you an opportunity to avoid arrest by paying the 'fine.'
more →
KnowBe4, Thursday, December 18th, 2025
Today, anyone can find a picture of absolutely anybody and it is also not difficult to find a sample of their voice. By combining these it is shockingly easy to create a realistic AI deepfake video of that person.
more →
KnowBe4, December 10,2025
State of Human Risk 2025 Report Shows Increase in Both Human-Related Security Incidents and AI Application Breaches
more →
KnowBe4, December 10,2025
Researchers at SpyCloud have observed a 400% year-over-year increase in successful phishing attacks, with a disproportionate number of attacks targeting corporate accounts
more →
KnowBe4, Thursday, December 4th, 2025
KnowBe4, the platform that comprehensively addresses AI and human risk management, has been recognised as a Leader in the 2025 Gartner Magic Quadrant for Email Security Platforms for the second consecutive year and acknowledged specifically for its Ability to Execute and Completeness of Vision.
more →
KnowBe4, Friday, November 28th, 2025
A large phishing campaign is using phony seasonal party invites to trick users into installing remote management and monitoring (RMM) tools, according to researchers at Symantec.
more →
KnowBe4, Friday, November 28th, 2025
Here's a curious thing about people, sometimes we crave the familiar, and sometimes we demand the novel.
more →
KnowBe4, Wednesday, November 26th, 2025
Between 1:48pm ET on October 29 and 6:53pm ET on October 30, 2025, KnowBe4 threat analysts observed a high volume of phishing emails detected by KnowBe4 Defend that were sent from the legitimate domain of one of the world's largest sportswear brands.
more →
IT Security Guru, Tuesday, November 18th, 2025
New KnowBe4 Studios leverages the variety of world-class training brands under the KnowBe4 umbrella; Over 100 million learners educated globally
more →
KnowBe4, Thursday, November 13th, 2025
Cybereason warns that the Tycoon 2FA phishing kit continues to receive upgrades, allowing unskilled cybercriminals to launch sophisticated social engineering attacks. The platform is known for its ability to bypass multi-factor authentication measures.
more →
KnowBe4, Friday, November 7th, 2025
Researchers at Appknox warn that malicious apps are impersonating popular AI tools like ChatGPT and DALL-E to trick users into installing malware on their mobile devices. Some of these apps simply collect user data to be sold to advertising services, while others act as full-fledged malware.
more →
KnowBe4, Friday, November 7th, 2025
A phishing campaign is using invisible characters to evade security filters, according to Jan Kopriva at the SANS Internet Storm Center.
more →
KnowBe4, Tuesday, October 28th, 2025
Block Attackers Who Abuse Grok to Spread Phishing Links
more →
KnowBe4, Monday, October 27th, 2025
This story happened a decade ago, when I was working at a Fortune 10 company. 'Smartest' is subjective, but most of my former coworkers and external customers agreed the guy involved in this story was seen as the 'smartest' guy around.
more →
KnowBe4, Thursday, October 23rd, 2025
A phishing campaign is impersonating LastPass and Bitwarden with phony breach notifications, BleepingComputer reports.
more →
KnowBe4, Wednesday, October 22nd, 2025
Threat actors are abusing X's generative AI bot Grok to spread phishing links, according to researchers at ESET. The attackers achieve this by tricking Grok into thinking it's answering a question, and providing a link in its answer.
more →
KnowBe4, Wednesday, October 22nd, 2025
Cybernews warns that threat actors will likely take advantage of the recent AWS outage to launch phishing attacks against affected users.
more →
KnowBe4, Monday, October 20th, 2025
Ransomware is the gift that keeps on giving. and taking. I've been tracking ransomware for almost nine years now, and I've seen it progress from simple and annoying malware to an organization-ending threat for many.
more →
KnowBe4, Thursday, October 16th, 2025
Google's Mandiant has published guidance on defending against an ongoing wave of social engineering attacks targeting organizations' Salesforce instances.
more →
KnowBe4, Monday, October 13th, 2025
We've come a long way. We've deconstructed the problem, explored the complexity of humans, and laid out a strategic framework and a practical map-all of which can be explored in more detail in our Human Risk Management (HRM) whitepaper.
more →
KnowBe4, Monday, October 13th, 2025
Deepfakes are easier to create than ever and are being used to attack organizations, families and individuals.
more →
KnowBe4, Friday, October 10th, 2025
The conversation about AI in cybersecurity is missing the point. While the industry has been focused on the emergence of AI-generated phishing emails, perhaps a far more profound shift has been somewhat ignored.
more →
KnowBe4, October 1,2025
The calendar has flipped into October, so now it's time to let the Cybersecurity Awareness Month games begin!
more →
KnowBe4, September 30,2025
Law firms really are under constant pressure to meet tight deadlines, maintain client confidentiality and protect privileged communications.
more →
KnowBe4, Thursday, September 25th, 2025
Researchers at Varonis warn of a new phishing automation platform called "SpamGPT" that 'combines the power of generative AI with a full suite of email campaign tools.'
more →