Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
An analysis of more than 2.2 billion emails between April and June (Q2) 2019 exposes the current tactics, techniques and targets of contemporary attackers. [Read More]
A large number of spam messages recently sent by the same botnet were observed featuring randomized headers and even different templates, with some emails resembling phishing. [Read More]
A threat actor referred to as POISON CARP has targeted senior members of Tibetan groups via WhatsApp for around six months. [Read More]
Smarter phishing campaigns are popping up as cybercriminals leverage emerging technologies and tools like spoofing, automation, machine learning and social engineering. [Read More]
A Magecart threat actor has compromised the websites of two hotel chains to inject scripts targeting Android and iOS users. [Read More]
An SMS phishing attack against many modern Android phones could route all internet traffic through a proxy controlled by the attacker. [Read More]
A recently observed phishing campaign targeting victims’ private email addresses has adopted a multi-stage approach in an attempt to avoid raising suspicion. [Read More]
A series of targeted attacks is attempting to exploit Remote File Inclusion (RFI) vulnerabilities to deploy phishing kits, Akamai warns. [Read More]
Following four years of self-funded fine-tuning in Europe, start-up security awareness firm CybeReady has expanded into the U.S. market with an initial funding round of $5 million led by Baseline Ventures. [Read More]
Security awareness training firm KnowBe4 has taken a $300 million investment led by private equity giant KKR. [Read More]
- 1 of 25
- ››
FEATURES, INSIGHTS // Phishing
Domain name typo-squatting is an established tactic in the world of cybercrime.
Cybercriminals rely on tried and trusted methods for phishing; as long as there is even a four percent chance that phishing techniques will be successful, they will continue to use them.
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
If phishing attacks slip past the first line of defense, security teams need to be able to identify suspicious activity and stop it before hackers can learn enough about their enterprise to execute a full attack.
Even organizations with the most robust defense solutions and advanced automated technologies cannot effectively combat threats such as BEC without the adequate support and nuanced expertise of humans.
Even though I've been analyzing malware for the past 20 years, I do understand that internet security is not merely a technical problem, but also a business problem.
DMARC is an email authentication standard designed to eliminate phishing and other types of attack that use spoofing to misrepresent an email sender identity.
Is the appropriate response to blame the victim when increasingly sophisticated attacks and the rise in credential thefts are making any user’s goal of protecting themselves much more difficult?
- 1 of 4
- ››
SecurityWeek Daily Briefing
- Fears Grow on Digital Surveillance: US Survey
- New GitHub Security Lab Aims to Secure Open Source Software
- Two Massachusetts Men Arrested and Charged in SIM Swapping Scheme
- Undocumented Access Feature Exposes Siemens PLCs to Attacks
- InfoTrax Settles With FTC Over Data Breach
- Over 100,000 Fake Domains With Valid TLS Certificates Target Major Retailers
- LINE Launches Public Bug Bounty Program on HackerOne
- Corellium: Apple Sued Us After Failed Acquisition Attempt
- Securing Autonomous Vehicles Paves the Way for Smart Cities
- DLL Hijacking Flaw Impacts Symantec Endpoint Protection
Copyright © 2019 Wired Business Media. All Rights Reserved. Privacy Policy