Acer has released a firmware update to address a security vulnerability that could be potentially weaponized to turn off UEFI Secure Boot on affected machines.

Tracked as **CVE-2022-4020**, the high-severity vulnerability affects five different models that consist of Aspire A315-22, A115-21, and A315-22G, and Extensa EX215-21 and EX215-21G.

The PC maker described the vulnerability as an issue that "may allow changes to Secure Boot settings by creating NVRAM variables." Credited with discovering the flaw is ESET researcher Martin Smolár, who previously disclosed similar bugs in Lenovo computers.

Disabling Secure Boot, an integrity mechanism that guarantees that only trusted software is loaded during system startup, enables a malicious actor to tamper with boot loaders, leading to severe consequences.

This includes granting the attacker complete control over the operating system loading process as well as "disable or bypass protections to silently deploy their own payloads with the system privileges."

Per the Slovak cybersecurity company, the flaw resides in a DXE driver called HQSwSmiDxe.

The BIOS update is expected to be released as part of a critical Windows update. Alternatively, users can download the fixes from Acer's Support portal.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

New Flaw in Acer Laptops Could Let Attackers Disable Secure Boot Protection

Acer has released a firmware update to address a security vulnerability that could be potentially weaponized to turn off UEFI Secure Boot on affected machines.
Tracked as CVE-2022-4020, the high-severity vulnerability affects five different models that consist of Aspire A315-22, A115-21, and A315-22G, and Extensa EX215-21 and EX215-21G.

The PC maker described the vulnerability as

Acer has released a firmware update to address a security vulnerability that could be potentially weaponized to turn off UEFI Secure Boot on affected machines.

Tracked as **CVE-2022-4020**, the high-severity vulnerability affects five different models that consist of Aspire A315-22, A115-21, and A315-22G, and Extensa EX215-21 and EX215-21G.

The PC maker described the vulnerability as an issue that "may allow changes to Secure Boot settings by creating NVRAM variables." Credited with discovering the flaw is ESET researcher Martin Smolár, who previously disclosed similar bugs in Lenovo computers.

Disabling Secure Boot, an integrity mechanism that guarantees that only trusted software is loaded during system startup, enables a malicious actor to tamper with boot loaders, leading to severe consequences.

This includes granting the attacker complete control over the operating system loading process as well as "disable or bypass protections to silently deploy their own payloads with the system privileges."

Per the Slovak cybersecurity company, the flaw resides in a DXE driver called HQSwSmiDxe.

The BIOS update is expected to be released as part of a critical Windows update. Alternatively, users can download the fixes from Acer's Support portal.

Found this article interesting? Follow THN on Facebook, Twitter __ and LinkedIn to read more exclusive content we post.

The manufacturer is working to fix a vulnerability — similar to a previous problem in Lenovo laptops — that allows threat actors to modify or disable Secure Boot settings to load malware.

Acer is working to fix a firmware flaw affecting five of its laptop models. An exploit could allow attackers to disable a machine's Secure Boot settings to bypass key security measures and load malware, researchers have found.

ESET Research researcher Martin Smolar discovered the flaw, tracked as CVE-2022-4020, in the HQSwSmiDxe DXE driver on some versions of consumer Acer Aspire and Extensa notebooks. An attacker with elevated privileges can use the flaw to modify UEFI Secure Boot settings via an NVRAM variable, ESET disclosed in a series of tweets posted Nov. 28.

"#CVE-2022-4020 is found in the DXE driver HQSwSmiDxe, which checks for the 'BootOrderSecureBootDisable' NVRAM variable," according to ESET. "If the variable exists, the driver disables Secure Boot."

Secure Boot is a security feature of the Unified Extensible Firmware Interface (UEFI) 2.3.1 designed to detect tampering with boot loaders, OS files, and unauthorized option ROMs by validating their digital signatures. The feature blocks any malicious activity before it can infect the system.

By exploiting the flaw, threat actors can bypass this feature and run whatever code they want on the machine, malware or otherwise, even achieving persistence in a case in which an OS is reinstalled, the researchers said.

**Different Manufacturer, Similar Security Vulnerability**

Specifically, CVE-2020-4020 affects Acer Aspire A315-22, A115-21, and A315-22G, and Extensa EX215-21 and EX215-21G notebooks. The flaw creates a similar opportunity for attackers to the one caused by vulnerabilities tracked as CVE-2022-3430, CVE-2022-3431, and CVE-2022-3432 that ESET researchers found in early November in various Lenovo Yoga IdeaPad and ThinkBook devices, and subsequently detailed extensively in a series of tweets.

As in that case, ESET also reported the vulnerability to the computer manufacturer for remediation. Acer quickly responded on Nov. 29 with a security update corroborating Smolar's findings and stressing the serious nature of the flaw.

"By disabling the Secure Boot feature, an attacker can load their own unsigned malicious bootloader to allow absolute control over the OS loading process," the company said. "This can allow them to disable or bypass protections to silently deploy their own payloads with the system privileges."

Acer is working on a BIOS update to resolve the issue that it will post on the Acer Support site, and recommends that affected users update their BIOS, once available, to the latest version to resolve the problem. The patch also will be included as a critical Windows update, the company said.

**Common NVRAM Variable Problem**

In both the Lenovo and Acer scenarios, attackers can exploit the Acer bug by creating special NVRAM variables, the actual value of which is not important—the existence of the variable itself is the only thing an affected firmware driver checks, the researchers noted.

NVRAM variables define a name for the boot option that can be displayed to a user. The variable also contains a pointer to the hardware device and to a file on that hardware device that contains the UEFI image to be loaded.

This problem appears to be quite well known, with researchers already advising against firmware developers storing security-sensitive components in these variables. Firmware security engineer Nikolaj Schlej even tweeted a plea to firmware developers in October to "stop using common NVRAM as trusted storage" because of the security problem it poses.

"It is indeed really tempting to use NVRAM or CMOS SRAM for storing triggers for various things, but both need to be assumed being under full attacker control," he said in a response to his own tweet. "Even volatile NVRAM variables aren't completely safe because there is still a chance of incorrect attribute check."

In the case of the Lenovo flaws, it does appear that developers already were aware of the issue before it made its way into the company's laptops, as some of the affected components were only meant to be used during manufacturing and were mistakenly included in production, according to ESET.

Acer Firmware Flaw Lets Attackers Bypass Key Security Feature

Prometheus Exporter Toolkit is a utility package to build exporters. Prior to versions 0.7.2 and 0.8.2, i someone has access to a Prometheus web.yml file and users' bcrypted passwords, they can bypass security by poisoning the built-in authentication cache. Versions 0.7.2 and 0.8.2 contain a fix for the issue. There is no workaround, but attacker must have access to the hashed password to use this functionality.

**Impact**

Prometheus and its exporters can be secured by a web.yml file that specifies usernames and hashed passwords for basic authentication.

Passwords are hashed with bcrypt, which means that even if you have access to the hash, it is very hard to find the original password back.

However, a flaw in the way this mechanism was implemented in the exporter toolkit makes it possible with people who know the hashed password to authenticate against Prometheus.

A request can be forged by an attacker to poison the internal cache used to cache the computation of hashes and make subsequent requests successful. This cache is used in both happy and unhappy scenarios in order to limit side channel attacks that could tell an attacker if a user is present in the file or not.

**Patches**

The exporter-toolkit v0.7.2 and v0.8.2 have been released to address this issue.

**Workarounds**

There is no workaround but attacker must have access to the hashed password, stored in disk, to bypass the authentication.

**Credit**

We want to thank Lei Wan reporting this security issue.

CVE-2022-46146: Basic authentication bypass

Beverage of Choice: Krating Daeng (Thai Red Bull)
Industry Influencer he Admires: Casey John Ellis
What did you want to be when you grew up? A physician and nearly did
Hobbies (Present & Past): Motorcycling & Australian Football
Bucket List: Continuing to discover new software
Fun Fact: He currently has 2,000 tabs open

**Beverage of Choice:** _Krating Daeng_ (_Thai Red Bull_)

**Industry Influencer he Admires:** Casey John Ellis

**What did you want to be when you grew up?** A physician and nearly did

**Hobbies (Present & Past):** Motorcycling & Australian Football

**Bucket List:** Continuing to discover new software

**Fun Fact:** He currently has 2,000 tabs open

> “People keep saying to me, ‘nah this is impossible…’. Then I’ll go do it anyway and be like alright, it’s actually possible.”

Roaring through the streets of Thailand helmetless on his motorcycle wearing nothing but shorts and sandals is the perfect depiction of the controlled chaos that is Sick Codes. Sick is an electric factory; his energy is unmatched and won’t go unnoticed. A man who is defined by living life on the edge, thinking outside of the box and some mighty impressive hacking!

It all began in Australia where he grew up. In the 3rd grade he got his hands on the classroom computer and proceeded to install the original Soldier of Fortune and other adult rated games, hiding them within thousands of folders to evade deletion. His inability to follow the rules got him banned from using the class computer, and such bans became a trend for Sick.

Fast forward to high school where he was up against a lifetime ban from eBay. Unphased and agitated, he stood up his own online stores and carried about his business, on his own. A rude awakening came his way in the form of “some nation state cyber army” carding at checkout on his stores, having one of his hundreds of sites defaced as a result. This would be the beginning of Sick’s security trajectory. For him, the silver lining of getting hacked was a fire that ignited in him, a burning desire to uncover how things happen the way they do. This curiosity was now permanently engrained in his being, always reading between the lines, inspecting all software he uses, and rejecting the notion that something is impossible. The curiosity was so strong, Sick now devotes significant time discovering zero-day vulnerabilities in many software projects, including several Microsoft Azure Open-Source projects.

If you’ve met the man, you would never expect he wanted to pursue a relatively tame career path as an aspiring medical professional. However, unpredictable by nature, Sick seeks out excitement and prefers to live on the edge, or slightly over it. Roughly 10 years ago Sick left his home country for the rest of the World. He says he’s been to around 40 countries now, and his time in Sur America was his favorite, but also the furthest thing from tame, more like a blur of hedonism mixed with getting really, really good at code, computers, and attacking both of those. While wild, it was also formidable for his hacking career having committed 10-18 hours a day, sometimes up to 30 hours straight, racking up vulnerabilities and beginning to master the art of “cyber-warfare”. Apart from offensive cyber security, he was also able to learn Spanish.

Wishing to remain anonymous and seemingly never in one place, it was about time his work put him on the map. Sick said the turning point in his career was when the acting secretary for Homeland Security gave him a ‘shout out’ for discovering large security holes in the Android TV manufacturer, TCL. The vulnerabilities he discovered in 2020 on the Android Smart TVs made him a mainstay, wreaking havoc in the field of security research.

Sick admittedly was not exactly an angel growing up, however he has now, “changed his ways” for the better. He now only performs good faith security research and is an approachable ethical hacker that provides resources for those who, like him, are also acting “in good faith”. Moreover, Sick helps co-maintain a Repositor_y of Legal Threats Against Security Researchers on GitHub_ with the goal of educating organizations on the benefits (and harsh realities) of ethical hacking, while helping researchers stay on the right side of the law. While a bit of a rebel, people respect his work and he’s built a vast community to show for it.

Sick has what he describes as an innate obligation to show others the ropes, having once been reliant on free software. Now he is a stern advocate for free software and a well-rounded coder, with very large GitHub following, and throughout the security research community. His Docker-OSX open-source project on GitHub has nearly 25,000 stars, over 400,000 downloads, and he personally maintains another 20+ packages, with thousands of contributions, and counting. His influence continues on Twitter and Discord where he keeps other researchers on the edge of their seats awaiting his next major breakthrough and thousands of followers in the loop about his package updates, project developments, feedback, and support.

Not listening to others when told how to be or what to do, Sick embodies the mindset of a hacker. With some style points and a devilish grin on his face he is motivated to expose anything that isn’t right in the research space, targeting the most highly used products and industries. If your local McDonalds soft-serve machine is out of service, you may have a bone to pick with Sick. Microsoft made his hit list as well, and he is quickly moving up the MSRC 2022 Most Valuable Researcher (MVR) Azure Leaderboard with at least five valid vulnerability reports submitted in the past year, and achieving Top 10 positions for Azure Cloud security, which he says he is very proud of. The contributions don’t actually stop there, with dozens of newsworthy findings showcased on his website, and plenty more to come knowing Sick.

Speaking of… Sick stole the show at this year’s DefCon with his viral tractor hack. In his most notable exploit and demo yet, he broke into a widely used agricultural touch screen terminal, gaining root access, and eventually crafting a crude jailbreak that went absolutely viral. To top that off, he reconfigured the console to run a modified tractor-themed version of the 90’s shooter game Doom. His passion is pushing computers to their limits, and there’s no denying that going against the grain was the right path for Sick. While the tables have turned, some things just never change.

A Ride on the Wild Side with Hacking Heavyweight Sick Codes

LINE client for iOS before 12.17.0 might be crashed by sharing an invalid shared key of e2ee in group chat.

CVE-2022-41568

The /device/acceptBind end-point for Ourphoto App version 1.4.1 does not require authentication or authorization. The user_token header is not implemented or present on this end-point. An attacker can send a request to bind their account to any users picture frame, then send a POST request to accept their own bind request, without the end-users approval or interaction.

CVE-2022-24190: Automating Unsolicited Richard Pics; Pwning 60,000 Digital Picture Frames

By Waqas
The flaw is tracked as CVE-2022-40684 in FortiOS, while its exploit is being sold on a popular Russian hacker forum.
This is a post from HackRead.com Read the original post: Critical Flaw Exploited to Bypass Fortinet Products and Compromise Orgs

While performing routine monitoring, Cyble’s Global Sensor Intelligence (GIS) discovered a threat actor is distributing unauthorized access to several Fortinet VPNs on a Russian cybercrime forum.

When they evaluated the access, researchers realized that the attacker was trying to add a new public key to the admin user’s account. Further probe revealed that the targeted organizations used outdated FortiOS software.

This indicated the attacker was managing authentication bypass by exploiting a channel or alternate path flaw tracked as **CVE-2022-40684** in FortiOS. This authentication bypass flaw lets an unauthorized/unauthenticated attacker exploits the administrative interface.

**Impacted Products and Firmware Versions**

According to Cyble’s research published on November 24, 2022, multiple **Fortinet** versions are affected by this flaw, including FortiOS, FortiProxy, and FortiSwitchManager. The vulnerability allows an attacker to perform operations on the “administrative interface” through specially created HTTPS or HTTP requests, Cyble’s **advisory** read.

As seen by Hackread.com, another threat actor on the same Russian hacker forum is currently offering the same Fortinet VPN exploit. In a listing published earlier today, the threat actor cited Censys’s search that showed there are over 400,000 exposed devices.

According to Cyble’s researchers, the following are the impacted versions of FortinetOS.

1.  FortiProxy version 7.2.0
2.  FortiSwitchManager version 7.2.0
3.  FortiSwitchManager version 7.0.0
4.  FortiOS version 7.0.0 through 7.0.6
5.  FortiOS version 7.2.0 through 7.2.1
6.  FortiProxy version 7.0.0 through 7.0.6

**Vulnerability Details**

Research revealed that Fortinet software had been targeted since 17 October 2022. The attacker exploits the controlling mechanism of a function to target impacted versions of Fortinet products.

The function evaluates the affected devices’ access to another functionality called REST API. The attacker adds an SSH key to the admin account when exploiting the flaw to access SSH and invade the impacted system as admin.

To further compromise the system, the threat actor will modify the admin user’s SSH key and log in to the infected system. Then they would add new local users and update networking configurations for rerouting traffic. Next, the attacker downloads the system configuration and initiates packet captures for capturing sensitive system information.

**The Dark Web Connection**

According to researchers, there are over a hundred thousand internet-exposed FortiGate firewalls that are under the radar of attackers and vulnerable to the flaw. Given the sheer number of exposed products, the vulnerability was categorized as critical.

Researchers suspect that sensitive system data, configuration information, and network details might be shared over **the Dark Web**. That’s because the attacker can add or update a valid public SSH key to the targeted account on a system and gain full access to that system.

Moreover, the attacker may launch additional attacks against the remaining IT ecosystem of the organization after obtaining information via exploitation of this flaw. They are distributing initial access over the **Dark Web**, which has been used in several high-profile attacks lately.

1.  **Russia Hackers Abusing BRc4 Red Team Penetration Tool**
2.  **34 Russian Hacking Groups Stole 50 Million User Passwords**
3.  **Hackers leak login credentials of vulnerable Fortinet SSL VPNs**
4.  **Hackers Selling US Colleges VPN Credentials on Russian Forums**
5.  **Data of 21M SuperVPN, and GeckoVPN users leaked on Telegram**

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Critical Flaw Exploited to Bypass Fortinet Products and Compromise Orgs


Velneo vClient on its 28.1.3 version, could allow an attacker with knowledge of the victims's username and hashed password to spoof the victim's id against the server.



Es conveniente leer la información siguiente antes de actualizar a esta versión

**

**Información importante sobre los ejecutables de 32 bits para Windows**



**

Esta es la última versión en la que se distribuirán los ejecutables de 32 bits para Windows.

**

**Los comandos y opciones de compactar y vaciar tabla estaban disponibles solamente en servidores cloud y con suscripción (Resuelta en 32.1)**



**

**

Nuevo sistema de activación de licencias de Velneo vServer



**

A partir de la versión 32 cambia el sistema de licenciamiento y las licencias se activarán desde

Velneo vAdmin

. Haz clic

aquí

para ampliar información al respecto.

En mi Velneo, ahora verás que una licencia tiene dos códigos distintos, uno con el formato **VLS-XXXX-XXX**, que será el que se deberá usar para activarla con la versión 32 y superiores y el otro, que usaremos cuando queramos activarla en servidores de la versión 31 o anteriores, que se seguirá activando con

Velneo vActivator

.

**

A partir de esta versión todos los servidores arrancarán con protocolo VATPS



**

El

protocolo VATPS

permite establecer conexiones seguras estándar TLS/SSL lo que provee de privacidad e integridad a las comunicaciones en red entre todos los componentes de Velneo. Es decir, no solo la comunicación se envía cifrada entre los componentes, si no que es inviolable, ya que garantiza que nadie puede modificar la información que se transmite, además de garantizarnos con qué servidor nos hemos conectado.

**

Incidencia con controles dibujo en dispositivos con procesadores Apple Silicon con sistema operativo Ventura



**

Hemos detectado una incidencia que produce un efecto de ralentización del interfaz la primera vez durante unos segundos cuando visualizamos o editamos un formulario con un control dibujo/objeto dibujo. Parece una incidencia de sistema operativo, ya que este efecto se produce también en versiones anteriores ya publicadas en las que no se observaba ese comportamiento y ha comenzado a producirse tras la última actualización de macOS Ventura en equipos con procesadores Apple Silicon.

**

Mejoras de seguridad en validación de usuario y contraseña



**

Con el fin de mejorar la seguridad del

inicio de sesión

en Velneo, se evita enviar el hash de la contraseña, sustituyendo el sistema de login con uno más moderno y seguro.

En breve, aparecerá publicado en

CVE

con el fin de advertir y propiciar la actualización a esta versión.

**

Funciones remotas y compatibilidad con versiones anteriores de Velneo



**

Por defecto, un servidor de la 32 no permite recibir peticiones de ejecución de funciones remotas desde versiones anteriores. En el caso de que queramos hacer esto posible, debemos una clave beta en la máquina donde tengamos instalado el servidor de la versión 32.

Las claves beta son entradas en la rama **beta** de Velneo del registro del sistema operativo. Se recomienda generarlas desde un proceso con el comando de instrucción de proceso

Configuración de sistema: Escribir cadena de texto

para establecerlos, ejecutándolo en 3er plano. Los parámetros se resolverán como indicamos a continuación:

Configuración de sistema: Escribir cadena de texto ( "Velneo", "beta", "clave", "valor" ):

*   **Clave**: enableRetrocompatibildadFuncionesRemotas
    

*   **Valor**: 3BFD2F9B103174596FF78C23CE8DDE77EC917BEA
    

**

Rejillas: la CSS que se aplica a los ítems de rejillas, se aplican también a las columnas de campos de tipo objeto texto y objeto dibujo



**

En versiones anteriores no se aplicaban correctamente las CSS de ítem de

rejilla

en columnas de campos de tipo objeto texto enriquecido y objeto dibujo; ahora hemos mejorado la plataforma para que también las aplique.

Al aplicar el ajuste del texto (wordwrap) en una CSS, el ajuste en textos largos puede resultar distinto.

**

Cómo activar la nueva interfaz Velneo vAdmin



**

Velneo vAdmin estrena nueva interfaz. Para probarla no tienes más que

activarla

.

**

Funcionalidades no disponibles en la nueva interfaz de Velneo vAdmin y en Velneo vAdmin Web



**

*   Alta y modificación de
    
    disco
    
    .
    

**

Mejoras de rendimiento en beta



**

Si quieres disfrutar de la versión beta de estas opciones, debes activar ciertas claves beta correspondiente en el cliente (en el caso de los objetos de interfaz) y también en el servidor (en el caso de procesos).

Las claves beta son entradas en la rama **beta** de Velneo del registro del sistema operativo. Se recomienda generarlas desde un proceso con el comando de instrucción de proceso

Configuración del sistema: escribir cadena texto

para establecerlos, ejecutándolo en 1º y 3º plano según corresponda. Los parámetros se resolverán como indicamos a continuación

Configuración de sistema: Escribir cadena de texto ( "Velneo", "beta", "clave", "valor" )

Ejecutar la aplicación, lanzar el proceso en primero y/o tercer plano, según corresponda.

En el ámbito del cliente, las claves serán operativas en siguientes sesiones que se lancen del mismo.

En el ámbito del servidor, las claves serán operativas en cuanto se reinicie.

Estas son las distintas claves beta que podemos configurar:

*   ​
    
    Rejillas
    
    estándar, carga y movimiento optimizado (requiere el
    
    estilo
    
    _Optimizado_):
    
    *   **Clave**: optimizarRejillasClient
        
    
    *   **Valor**: 8DF627183E075E86BADCF82C11D4F931E8BF62D8
        
    

*   *   **Clave**: optimizarFormulariosClientFormulas
        
    
    *   **Valor**: ED979A19EEFC93EE0E4F58FB93F432BF258E1E33
        
    

*   Procesos, optimización de parámetros:
    
    *   **Clave**: optimizarInstruccion
        
    
    *   **Valor**: F15868161C0B05825E38ADE94001D5D9926CDFB7
        
    
    *   **Ámbito**: cliente y servidor.
        
    

*   *   **Valor**: 11B804B93A06DFED1838D5B21F309414B881EEDF
        
    
    *   **Ámbito**: cliente y servidor.
        
    

*   Nuevo motor
    
    Javascript
    
    con optimización de memoria y concurrencia:
    
    *   **Clave**: enableSombrasJSClass
        
    
    *   **Valor**: F0835AF8367C2AE76BC7804F8183EEB5529C5ADF
        
    
    *   **Ámbito**: cliente y servidor.
        
    

Última actualización 6mo ago

CVE-2021-45036: Notas de la versión

KnowBe4 empowers end users by introducing security awareness and compliance training on the go at no additional cost.

**TAMPA, Fla., Nov. 28, 2022 /PRNewswire/** — KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today announced it is launching the new KnowBe4 Mobile Learner App to empower end users by introducing security awareness and compliance training on the go at no additional cost to customers, improving user engagement and strengthening security culture.

With a large majority of the world's population using smartphones today, mobile training revolutionizes the way people learn. This new app will enable end users to complete their security awareness and compliance training conveniently from their tablets or smartphones, giving them 24/7/365 access.

"The KnowBe4 Mobile Learner App is the first of its kind to launch in the security awareness and compliance training space, making it easier than ever to train users while subsequently strengthening an organization's security culture," said Stu Sjouwerman, CEO, KnowBe4. "This new app will enable IT and security teams to improve engagement and completion rates for required training thanks to a seamless user experience. This will also help users to associate security with their personal devices, keeping it top of mind all the time rather than only when they are at work on their computers. We are making this substantial new capability available at no additional cost to all subscription levels as a show of our commitment to supporting our customers' security and human risk management objectives."

Based on subscription levels, KnowBe4 offers 100+ Mobile-First training modules that were designed specifically for mobile. The KnowBe4 Learner App supports push notifications for custom announcements, and updates on assigned training as well as KnowBe4 newsletters.

The app is available for iOS and Android, and free to all KnowBe4 customers with a KnowBe4 training platform subscription. For more information, visit https://www.knowbe4.com/mobile-learner-app.

**About KnowBe4**

KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, is used by more than 54,000 organizations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. Kevin Mitnick, an internationally recognized cybersecurity specialist and KnowBe4's Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to mobilize their end users as their last line of defense.

SOURCE: KnowBe4

Tag

#ios