Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Over the past week, Google has observed over 18 million malware and phishing emails related to COVID-19 being sent out every day. [Read More]
GitHub has warned users that they may be targeted in a sophisticated phishing campaign that the company has dubbed Sawfish. [Read More]
Financial phishing has increased in frequency and accounted for more than half of all phishing detections last year, Kaspersky says. [Read More]
The number of COVID-19-themed attacks has increased significantly over the past couple of months, but they represent only a fraction of daily threats, security firms say. [Read More]
NASA is seeing a significant increase in cyberattacks, including phishing and malware attacks, while its employees work remotely due to the coronavirus outbreak. [Read More]
A Magecart Group 7 skimmer identified earlier this year has the ability to create iframes to steal payment data. [Read More]
IBM and FireEye have spotted a campaign that relies on fake “COVID-19 Payment” emails to deliver the Zeus Sphinx banking trojan to people in the US, Canada and Australia. [Read More]
Google says it has seen a drop in the number of warnings sent for potential government-backed phishing or malware attempts last year, mainly due to improved protection systems. [Read More]
The official website of kitchen products maker Tupperware was hacked and the attackers planted malicious code designed to steal visitors’ payment card information. [Read More]
University of Utah Health revealed last week that it discovered unauthorized access to some employee email accounts, along with a malware infection on one of its workstations. [Read More]
- 1 of 28
- ››
FEATURES, INSIGHTS // Phishing
The barriers to entering the field of cybercrime have been significantly lowered, and for modest amounts of money, would-be scammers can buy high-quality phishing tools online.
Most of today’s cyber-attacks are front ended by phishing campaigns. So, what can organizations do to prevent their users from falling for the bait of these attacks?
Many of us are familiar with the two most common types of socially engineered attacks – phishing and spear-phishing – but there are many more to be aware of.
Domain name typo-squatting is an established tactic in the world of cybercrime.
Cybercriminals rely on tried and trusted methods for phishing; as long as there is even a four percent chance that phishing techniques will be successful, they will continue to use them.
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
If phishing attacks slip past the first line of defense, security teams need to be able to identify suspicious activity and stop it before hackers can learn enough about their enterprise to execute a full attack.
Even organizations with the most robust defense solutions and advanced automated technologies cannot effectively combat threats such as BEC without the adequate support and nuanced expertise of humans.
- 1 of 4
- ››
Subscribe to the Daily Briefing
- Coronavirus Pandemic Claims Another Victim: Robocalls
- Free ImmuniWeb Tool Allows Organizations to Check Dark Web Exposure
- Ragnar Locker Ransomware Uses Virtual Machines for Evasion
- Industry Reactions to Verizon 2020 DBIR: Feedback Friday
- Data Breach Hits Florida Unemployment System
- Hackers Attempted to Deploy Ransomware in Attacks Targeting Sophos Firewalls
- Hackers Can Target Rockwell Industrial Software With Malicious EDS Files
- Bitter Israel-Iran Rivalry Takes New Forms Online
- Signal PINs Allow Users to Recover Data When Switching Phones
- Cisco Patches Critical Vulnerability in Contact Center Software
Copyright © 2020 Wired Business Media. All Rights Reserved. Privacy Policy