Network SecurityFour ways to mitigate the abuse of generic top-level domainsStu SjouwermanJanuary 7, 2025Here’s why bad actors go after gTLDs for domain impersonation attacks – and what to do about it.
PhishingClicker Beware: Understanding and preventing open redirect attacksStu SjouwermanNovember 7, 2024Four ways security teams can mitigate open redirect attacks.
Generative AIFive ways to protect AI modelsStu SjouwermanOctober 30, 2024Here’s how bad actors attack good AI models – and what to do about it.
Distributed WorkforceFour lessons learned from our experience with a fake North Korean remote IT workerStu SjouwermanSeptember 25, 2024KnowBe4’s experience getting tricked by a remote North Korean IT worker proves that today’s state-sponsored threat actors can deceive anybody.
RansomwareWhat to do about the rise of unknown attack vectors in the ransomware playbookStu SjouwermanJune 17, 2024Many of these "unknown" attacks are old wine in new bottles, so by focusing on familiar vectors like phishing, teams will find that these threats will decrease.
PhishingWhat security agencies, regulators, and businesses get wrong about cybersecurityStu SjouwermanApril 9, 2024The industry needs to focus on the root cause of the vast majority breaches: human error.
Cloud SecurityStop chasing shadow IT: Tackle the root causes of cloud breachesStu SjouwermanFebruary 6, 2024Here are the five root causes of cloud breaches and five ways to mitigate them.
Email securityHow a layered security approach can prevent AI-based phishing Stu SjouwermanJuly 24, 2023Here are four ways to protect the organization from AI-based phishing attacks.
ContentFlying Under the Radar: Four Increasingly Common Phishes You Should Know AboutStu SjouwermanJune 19, 2018
