Strengthen E mail Safety By way of Strategic Integration

Microsoft & KnowBe4 Collab: Strengthen E mail Safety By way of Strategic Integration

Dangerous actors by no means relaxation. However you’ll be able to depend on the highly effective partnership between KnowBe4 and Microsoft to bolster your cybersecurity. Mix Microsoft Defender for Workplace 365’s sturdy e-mail and collaboration safety with KnowBe4’s experience in human threat administration and superior menace detection.

Now you’ve got a layered protection that maximizes the strengths of each platforms. This “higher collectively” strategy delivers a seamless, efficient resolution to guard you from subtle e-mail threats.

Microsoft Defender for Workplace 365 equips you with a complete safety framework, leveraging AI, world menace intelligence and insights into assault infrastructure. But, trendy threats like enterprise e-mail compromise, zero-day exploits, and spear-phishing require specialised defenses.

KnowBe4 Defend enhances Microsoft’s protections with Agentic AI-driven menace detection, strengthening your safety with out disrupting your current M365 setup.

This integration permits Defend to routinely quarantine suspicious messages inside Microsoft’s workflows, streamlining your operations and providing you with full visibility in a single acquainted interface.

This unified expertise simplifies your safety administration, releasing you to give attention to safety relatively than juggling a number of instruments. The defense-in-depth technique merges Microsoft’s machine studying with KnowBe4’s focused algorithms, creating overlapping layers of safety that shrink your assault floor.

This ensures threats that slip previous one system are caught by one other, dashing up your detection and response.

Past technical benefits, this partnership provides you flexibility and maximizes your ROI by enhancing your present infrastructure. As a part of Microsoft’s ICES (Built-in Cloud E mail Safety) ecosystem, this collaboration units a mannequin for future partnerships, specializing in complementary strengths to deal with complicated cybersecurity challenges.

The KnowBe4-Microsoft integration gives you with a streamlined, highly effective resolution, mixing confirmed infrastructure with specialised capabilities. Should you want sturdy e-mail safety, this partnership delivers unmatched safety and effectivity.

Weblog submit with hyperlinks:
https://weblog.knowbe4.com/knowbe4-collaborates-with-microsoft-strengthening-email-security-through-strategic-integration

New: KnowBe4 Defend Integrates with Microsoft Defender for Workplace 365

This collaboration marks the launch of Microsoft’s new ICES (Built-in Cloud E mail Safety) vendor ecosystem, with KnowBe4 as one among solely two launch companions, and revolutionizes how your group defends towards subtle e-mail threats.

Why This Issues
Because the menace panorama continues to evolve, a single safety resolution, no matter how superior, might not catch each menace variation or assault vector. KnowBe4 Defend enhances Microsoft 365’s current e-mail safety with agentic AI approaches and superior inbound menace detection capabilities. This integration lets you preserve your Microsoft safety investments whereas including specialised menace detection and response.

What This Means For You

• Seamless Integration – When Defend identifies doubtlessly malicious messages, they will routinely transfer to Microsoft’s quarantine utilizing your current insurance policies
• Unified Administration – Handle all threats from a single, acquainted Microsoft interface with full visibility into KnowBe4 Defend’s selections
• Enhanced Safety – Get a number of layers of specialised detection that catch subtle assaults together with BEC, APTs and focused spear-phishing
• Maximized Funding – Leverage your current Microsoft safety infrastructure whereas including KnowBe4’s specialised capabilities
• Diminished Complexity – Remove friction between safety instruments and streamline your safety operations

This “higher collectively” strategy combines Microsoft’s sturdy e-mail safety infrastructure with KnowBe4’s management in human threat administration and menace detection, creating overlapping fields of safety that dramatically cut back your assault floor.

Prepared to remodel your e-mail safety? Try KnowBe4 Defend at the moment.

See Defend in Motion
https://www.knowbe4.com/merchandise/defend-demo

*Should have Microsoft Defender for Workplace 365 Plan 2 or Microsoft 365 E5

Warning: Voice Deepfakes Proceed to Enhance

AI-generated voice deepfakes current an pressing menace to organizations, in response to researchers at Pindrop.

The researchers warn that speech era instruments can create realistic-sounding cloned voices in close to real-time, permitting attackers to carry reside conversations with victims whereas imitating somebody the sufferer is aware of.

Moreover, these instruments can now convincingly imitate human feelings, making social engineering assaults much more persuasive. “Advances in artificial speech have enabled [text-to-speech] voices to convey feelings like pleasure, anger, empathy, and unhappiness,” the researchers write.

“AI fashions can now be taught and imitate emotional tones from human speech, making these artificial voices much more convincing.” These instruments are available for anybody to make use of, permitting even unskilled attackers to launch subtle social engineering assaults.

“Fraudsters are turning to voice modulation, manipulating their pitch, cadence, tone, and quantity to mimic others or confuse brokers,” the researchers write. “With quick access to voice-changing apps on cellular platforms, it is now less complicated to masks their id.

As an illustration, a significant U.S. retailer reported a surge in attackers posing as digital authorized assistants requesting account closures on behalf of consumers. The rise of open-source AI platforms has dramatically lowered the barrier to creating sensible deepfakes.

In 2024 alone, Hugging Face hosted greater than 2,400 TTS fashions and over 1,800 text-to-audio fashions. Whereas these instruments serve legit developer use instances, they’re additionally readily accessible to fraudsters.”

The researchers notice, “Strengthening authentication protocols, implementing real-time threat evaluation, and constantly coaching contact middle representatives to acknowledge evolving fraud techniques stay crucial defenses towards these more and more expert adversaries.”

KnowBe4’s human threat administration platform provides your group a vital layer of protection towards social engineering assaults.

Weblog submit with hyperlinks:
https://weblog.knowbe4.com/warning-voice-deepfakes-continue-to-improve

[Live Demo] Ridiculously Simple AI-Powered Safety Consciousness Coaching and Phishing

Phishing and social engineering stay the #1 cyber menace to your group, with 68% of knowledge breaches attributable to human error. Your safety workforce wants a straightforward solution to ship personalised coaching—that is exactly what our AI Protection Brokers present.

Be part of us for a demo showcasing KnowBe4’s modern strategy to human threat administration with agentic AI that delivers personalised, related, and adaptive safety consciousness coaching with minimal admin effort.

See how straightforward it’s to coach and phish your customers with KnowBe4′ HRM+ platform:

• SmartRisk Agent™ – Generate actionable information and metrics that will help you decrease your group’s human threat rating
• Template Generator Agent – Create convincing phishing simulations, together with Callback Phishing, that mimic actual threats. The Advisable Touchdown Pages Agent then suggests applicable touchdown pages primarily based on AI-generated templates
• Automated Coaching Agent – Robotically establish high-risk customers and assign personalised coaching
• Information Refresher Agent and Coverage Quizzes Agent – Reinforce your safety program and organizational insurance policies.
• Enhanced Government Studies – Observe person actions, visualize traits, obtain widgets, and enhance looking out/sorting to supply deeper insights and streamline collaboration

See how these highly effective AI-driven options work collectively to dramatically cut back your group’s threat whereas saving your workforce invaluable time.

Date/Time: Wednesday, July 9, @ 2:00 PM (ET)

Save My Spot:
https://information.knowbe4.com/kmsat-demo-1?partnerref=CHN

Google Report Outlines the Newest Rip-off Developments

Researchers at Google have printed a report on the newest rip-off traits, noting a rise in travel-themed scams concentrating on individuals making ready for his or her summer time holidays.

“Forward of the summer time trip season, our groups have noticed a spike in journey scams,” the researchers write. “Faux journey web sites lure customers into reserving journey with a promise of ‘too good to be true’ costs, experiences, or reductions.

“These misleading websites typically imitate well-known lodges or pose as legit journey companies, a tactic notably prevalent throughout holidays and main occasions when individuals e book journey through messaging apps or telephone.”

Risk actors are additionally utilizing commodity phishing kits to launch waves of package deal supply scams that trick individuals into sending cash or visiting malicious web sites.

“Bundle monitoring scams exploit the widespread use of on-line procuring and package deal supply providers by sending fraudulent messages that seem like from legit supply firms,” the researchers write. “These scams typically trick customers into paying further ‘charges’ that actual supply providers would by no means request.

“Our groups have noticed these scams impersonating a big selection of world manufacturers. A key tactic is how shortly scammers adapt their web sites and messages, typically altering content material primarily based on when the hyperlink is distributed to a person. They obtain this fast deployment utilizing phishing kits like Darcula and Xiu Gou, which mimic legit web sites and types nearly immediately.”

Weblog submit with hyperlinks:
https://weblog.knowbe4.com/google-report-outlines-the-latest-scam-trends

[Free Phish Alert Button] Give Your Workers a Secure Strategy to Report Phishing Assaults with One Click on!

Phishing assaults are rising in sophistication, posing a extreme menace to organizations.

Customers want a constant course of for reporting these emails, and InfoSec groups want one platform to handle the inflow of reported emails.

KnowBe4’s Phish Alert Button (PAB) gives your customers a protected solution to report e-mail threats to the safety workforce for evaluation, and routinely deletes the e-mail from the person’s inbox to forestall additional publicity.

Phish Alert Button Advantages:

• Reinforces your group’s safety tradition
• Customers can report suspicious emails with only one click on
• Your Incident Response workforce will get early phishing alerts from customers, making a community of “sensors”
• E mail is deleted from the person’s inbox to forestall future publicity
• Simple deployment through MSI file for Outlook and G Suite deployment for Gmail (Chrome)

KnowBe4’s PAB works throughout most Outlook and Google workspaces. Outlook customers ought to leverage our Microsoft Ribbon PAB for a frictionless expertise!

Get your Phish Alert Button Now:
https://information.knowbe4.com/free-phish-alert-chn

[MUST WATCH] Andrej Karpathy: “Software program Is Altering (Once more)”

This week Karpathy launched a improbable video together with his big-picture imaginative and prescient of AI. (He was the AI chief for Tesla for a very long time.) It’s lower than 40 minutes, so nice for a lunch and be taught. He goes from Software program 1.0 to 2.0 and now 3.0, however essentially the most attention-grabbing factor is that he positions AI as the brand new working system: https://youtu.be/LCEmiRjPEtQ?si=D6cyWkhKJvT7RLoQ

After which I discovered this brand-new Google video and guess what they’re displaying? Here is how Gemini 2.5 Flash-Lite writes the code for an OS-like UI and its contents primarily based solely on the context of what seems within the earlier display screen — all within the time it takes to click on a button. Fascinating and scary: https://x.com/i/standing/1935719933075177764

Let’s keep protected on the market.

Heat regards,

Stu Sjouwerman, SACP
Founder and Exec Chair
KnowBe4, Inc.

PS: [BUDGET AMMO]: Mitigating AI Threats: Bridging the Hole Between AI and Legacy Safety:
https://www.securityweek.com/mitigating-ai-threats-bridging-the-gap-between-ai-and-legacy-security/

You possibly can learn CyberheistNews on-line at our Weblog
https://weblog.knowbe4.com/cyberheistnews-vol-15-25-microsoft-and-knowbe4-collab-strengthen-email-security-through-strategic-integration

Russian Risk Actor Makes use of Social Engineering to Compromise Google Accounts

Researchers at Google noticed a Russian state-sponsored phishing marketing campaign that tried to compromise customers’ Google accounts by tricking them into handing over application-specific passwords. The attackers constructed belief by conversing with the victims earlier than initiating the assault.

“In cooperation with exterior companions, Google Risk Intelligence Group (GTIG) noticed a Russian state-sponsored cyber menace actor impersonating the U.S. Division of State,” the researchers write.

“From at the very least April by way of early June 2025, this actor focused outstanding teachers and critics of Russia, typically utilizing in depth rapport constructing and tailor-made lures to persuade the goal to arrange application-specific passwords (ASPs). As soon as the goal shares the ASP passcode, the attackers set up persistent entry to the sufferer’s mailbox.”

ASPs are legit options included with Google accounts, however many customers are unfamiliar with them and will inadvertently fall for this assault.

“Targets who responded acquired an e-mail with a benign PDF lure hooked up. The State Division themed lure is custom-made to the goal and incorporates directions to securely entry a faux Division of State cloud atmosphere.

“This included directing victims to go to https://account[.]google[.]com and create an Software Particular Password (ASP) or ‘app passwords.’ ASPs are randomly generated 16-character passcodes that enable third-party purposes to entry your Google Account, meant for purposes and units that don’t assist options like 2-step verification (2SV). To make use of an ASP you need to set it up and supply a reputation for the applying.”

Google notes that establishing an ASP is not really helpful and often is not crucial. Customers ought to keep away from this function until they know what they’re doing, and try to be very suspicious if a 3rd occasion asks you to arrange one among these passwords.

“Customers have full management over their ASPs and will create or revoke them on demand,” Google explains. “Upon creation, Google sends a notification to the corresponding account Gmail, restoration e-mail handle, and any gadget signed in with that Google account to make sure the person meant to allow this type of authentication.”

KnowBe4 permits your workforce to make smarter safety selections each day. Over 70,000 organizations worldwide belief the KnowBe4 Human Danger Administration platform to strengthen their safety tradition and cut back human threat.

Google has the story:
https://cloud.google.com/weblog/matters/threat-intelligence/creative-phishing-academics-critics-of-russia

Europol Warns of Social Engineering Assaults

Social engineering stays a major preliminary entry vector for cybercriminals, in response to a brand new report from Europol.

“Social engineering, which exploits human error to realize entry to techniques or private data, stands out as a outstanding method utilized by prison actors on this context,” Europol says. “Preliminary Entry Brokers (IABs) have been more and more centered on utilizing such strategies for the acquisition of legitimate account credentials as an entry level to the victims’ techniques.

“This preliminary entry can then be leveraged in a large number of the way by prison actors. For instance, entry credentials for distant providers are broadly utilized by ransomware teams and their associates to compromise company networks, which may result in information theft (exfiltration) and the deployment of ransomware.”

The report additionally warns of a surge in infostealer malware, permitting criminals to collect data that can be utilized in future assaults.

“Phishing strategies are the primary vector for the distribution of infostealers,” Europol says. “Criminals use a wide range of strategies to attain this, together with sending emails, textual content messages, or messages on social media that comprise malicious attachments or URLs which introduce malware into the sufferer’s system.

“Malicious web sites are additionally propagated by way of search engine promoting instruments and search engine marketing (web optimization) poisoning. Within the latter case, criminals manipulate internet search outcomes to steer customers to web sites containing malware.”

Europol additionally notes that AI instruments have elevated the effectiveness of social engineering assaults, enabling menace actors to simply generate convincing lures. “The efficacy of most of the aforementioned social engineering strategies has been improved by the broader adoption of LLMs and different types of generative synthetic intelligence (genAI),” the researchers write.

“Phishing texts and scripts, generated to include the language and cultural nuances of the victims’ location, can enhance the efficacy of campaigns. Current analysis on the subject signifies that phishing messages generated by LLMs have a considerably greater click-through price than these doubtless written by people.”

Europol has the story:
https://www.europol.europa.eu/media-press/newsroom/information/steal-deal-repeat-cybercriminals-cash-in-your-data

What KnowBe4 Prospects Say

“I wished to let you realize what a constructive expertise it has been having Eniz as my gross sales rep and particularly, Travis as my KnowBe4 buyer success / implementation companion.

Travis could be very educated, versatile, and explains the whole lot very clearly. At all times eager and able to assist, he is been instrumental in getting my org launched together with your SAT. I respect that he understands that given the various calls for in a start-upish firm.

I’d additionally prefer to say that whereas I have never but had the prospect to be taught all about intricacies of the platform, it does appear spectacular and the entire technique of responding to my request for a gross sales name and getting the signing accomplished with Eniz was nice.

I stay up for working additional with Travis and implementing extra of your platform and content material.”

J.L. – Director of Finance