Search This Blog

BuzzSec

One-stop-shop for information security and threat intelligence news.

KnowBe4 - KnowBe4 Halloween 2018

Get link
Facebook
X
Pinterest
Email
Other Apps

October 31, 2018

Just a shot of almost 600 people in costume !!!

from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/knowbe4-halloween-2018

KnowBe4 Security Awareness Training Blog

Get link
Facebook
X
Pinterest
Email
Other Apps

Comments

KnowBe4 - Scam Of The Week: "When Users Add Their Names to a Wall of Shame"

January 14, 2019

Eric Howes , KnowBe4 Principal Lab Researcher, found out about another insidious bad guy trick: " If you work in IT there has undoubtedly come a dark moment when you wondered to yourself just who among your employee users would be gullible enough to click through a phishing email and potentially bring down your organization. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/when-users-add-their-names-to-a-wall-of-shame

KnowBe4 - Uncovering the Sophisticated Phishing Campaign Bypassing M365 MFA

February 12, 2026

Lead Analysts: Jeewan Singh Jalal, Prabhakaran Ravichandhiran and Anand Bodke KnowBe4 Threat Labs has detected a sophisticated phishing campaign targeting North American businesses and professionals. This attack compromises Microsoft 365 accounts (Outlook, Teams, OneDrive) by abusing the OAuth 2.0 Device Authorization Grant flow, bypassing strong passwords and Multi-Factor Authentication (MFA). The victim is directed to the legitimate Microsoft domain ( microsoft.com/devicelogin ) portal to enter an attack-supplied device code. This action authenticates the victim and issues a valid OAuth access token to the attacker’s application. The real-time theft of these tokens grants the attacker persistent access to the victim’s Microsoft 365 accounts and corporate data. from Human Risk Management Blog https://blog.knowbe4.com/uncovering-the-sophisticated-phishing-campaign-bypassing-m365-mfa

The Hacker News - ⚡ Weekly Recap: WhatsApp 0-Day, Docker Bug, Salesforce Breach, Fake CAPTCHAs, Spyware App & More

September 01, 2025

Cybersecurity today is less about single attacks and more about chains of small weaknesses that connect into big risks. One overlooked update, one misused account, or one hidden tool in the wrong hands can be enough to open the door. The news this week shows how attackers are mixing methods—combining stolen access, unpatched software, and clever tricks to move from small entry points to large from The Hacker News https://thehackernews.com/2025/09/weekly-recap-whatsapp-0-day-docker-bug.html

Labels

Inc.
Black Hills Information Security
Bleeping Computer
BleepingComputer
Business Insider
BuzzSec
Center for Public Integrity
CISA All NCAS Products
CNET
CPA Practice Adviser

CSBS
csoonline
Cyber Crimes Stories
Cyberint
Dark Reading
Dark Reading:
DSU
et al
GSB
HACKMAGEDDON
Human Risk Management Blog
Inc.
InfoSecurity-Magazine
KnowBe4 Security Awareness Training Blog
Krebs on Security
PeerLyst
Rapid7 Blog
Rapid7 Cybersecurity Blog
Recorded Future
Resources
SANS Digital Forensic and Incident Response
SANS Digital Forensics and Incident Response Blog
SANS Institute | Newsletters - Newsbites - RSS
SBS CyberSecurity
Schneier on Security
Security
Security Week
TechCrunch
Tekkersit
The Hacker News
The Hacker News - Cybersecurity News and Analysis
The Hacker News - Most Trusted Cyber Security and Computer Security Analysis
The Register - Security
Threatpost
TrustedSec
Trustwave
US-CERT: The United States Computer Emergency Readiness Team
Verdict
Wired
zdnet

Show more Show less