Security must evolve from a static training program into dynamic, AI-powered human and AI risk orchestration embedded across the organization.
![]()
Security must evolve from a static training program into dynamic, AI-powered human and AI risk orchestration embedded across the organization.
![]()
Fran Roberts – Studios General Manager, KnowBe4
I am thrilled to be writing my first message to you as KnowBe4’s new Studios General Manager. I joined KnowBe4 because I believe that one of the most impactful areas for next-level storytelling is in security awareness — content that genuinely changes behavior and protects people.
![]()
An initial access broker associated with the Payouts King ransomware group is using Microsoft Teams phishing to deploy a malicious Microsoft Edge web browser extension, according to researchers at Zscaler. Once the hackers have a foothold within an organization, they sell the access to the ransomware gang to conduct follow-on attacks.
![]()
Threat actors are abusing Shop, a legitimate app developed by Shopify, to launch phishing attacks, according to researchers at Gen Digital. Shop is used for making purchases and tracking orders, but threat actors are exploiting the platform to generate in-app notifications for phony invoices.
![]()
A phishing campaign is targeting small businesses across Europe, Asia, the Middle East, and the United States with emails that impersonate Interpol’s cybercrime investigation unit, researchers at Bitdefender report.
![]()
Boxers will often say, the punches that hurt the most aren’t the ones which are thrown with the most force, but the ones they didn’t see coming. I think the same is true in cybersecurity. It’s not the most advanced technically efficient, 0-day utilizing attacks that have the biggest impact, but rather those quiet ones. With no malware or suspicious login at three in the morning from an IP address in a country your company has never done business with. No alert fires. No dashboard turns red.
![]()
There’s an important metric that can tell you exactly how vulnerable your high-risk employees and departments are to the next generation of social engineering.
![]()
For years, security teams have poured resources into locking down the inbox, and for good reason. Email has always been the front door for phishing and social engineering. Unfortunately, another door has been left wide open: Microsoft Teams.
![]()