Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Your Email is Protected. Is Your Teams Chat?

For years, security teams have poured resources into locking down the inbox, and for good reason. Email has always been the front door for phishing and social engineering. Unfortunately, another door has been left wide open: Microsoft Teams. Threat actors are increasingly posing as IT helpdesk staff inside Microsoft Teams chats, exploiting the built-in trust employees place in their internal collaboration tools to steal credentials and take over accounts.

Hyper-Targeted Social Engineering Needs Real-Time Video Response

There’s an important metric that can tell you exactly how vulnerable your high-risk employees and departments are to the next generation of social engineering. It’s not phishing click rates or training completion percentages. It probably doesn’t show up on any security dashboard. It’s the precise number of days it takes your team to respond to a live, context-specific threat with adequate training – training time to market.

2026 Phishing by Industry Benchmarking Report: Findings on Human Risk

Every year, KnowBe4 analyzes millions of simulated phishing tests to measure one thing: how likely is your workforce to fall for a phishing attack? The results, published in the 2026 Phishing by Industry Benchmarking Report, paint a clear picture of where human risk concentrates — and what organizations can do about it. Here are the key findings security leaders need to know.

Static DLP Is Leaving You in the Dark: Why It's Time for Intelligent, Self-Serve Outbound DLP and Misdirected Content Analysis

When we think about email security, our minds almost always jump to the inbound threats: the sophisticated phishing lures, the AI-generated business email compromise (BEC) attacks, and the malicious attachments knocking at the perimeter. But there is a silent, internal crisis happening on the way out of your organization. And chances are, you’re flying completely blind to it.

Cybercriminals Are Targeting the FIFA World Cup 2026

Lead Analysts: Jeewan Singh Jalal and Louis Tiley KnowBe4 ThreatLabs tracked phishing campaign activity from the first week of April through June 22, 2026 — covering the pre-tournament build-up, tournament kickoff and the first twelve days of live match play. Our latest intelligence adds crucial mid-tournament telemetry (June 15-22), a newly identified reply-back campaign track and additional infrastructure intelligence.

5 Essential Cybersecurity Defenses for Cloud Email Security

Cloud email has become the center of modern business. Regardless of your organization's industry or size, email connects employees, customers, vendors, executives, financial systems and critical business processes. Unfortunately, attackers know this too. For cybercriminals, compromising an email account is often like finding the master key to a building. Once inside, they may be able to steal information, impersonate employees, redirect payments, spread malware or gain access to other systems.

Shadow AI Is Not Shadow IT With a Better Marketing Budget

I saw a venn diagram on social media. One circle is Shadow IT, one circle is Shadow AI, a substantial overlap, and the implicit message is that they are effectively the same challenge. They aren’t and that the assumption can lead to many problems. Looking back, shadow IT was like watching a crash in slow-motion. Employees using technology IT hadn't sanctioned. Personal Dropbox accounts. Unofficial Slack workspaces.

Phishing Exposes Employee Data at 86% of Fortune 100 Companies

A new report from SpyCloud has found that phishing attacks have exposed employee data at 86% of Fortune 100 companies over the past 12 months, with the technology, airline and automotive sectors being hit the hardest. The researchers also found that 78% of organizations experienced an increase in phishing volume over the past year. Additionally, 84% of respondents named AI-assisted phishing as their top concern, followed by business email compromise (BEC) attacks.

Cybersecurity Starts At Home This World Social Media Day

Remember when "social media safety" meant advising employees not to post pictures of their security badges or laptop screens? Back then, corporate risk and personal scrolling felt like two entirely separate worlds. Today, that boundary has completely dissolved. Social media has become a primary staging ground for sophisticated social engineering attacks targeting your workforce, and their families.