Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Washington state is among those being targeted by a “large-scale, highly sophisticated” nationwide phishing campaign, the office of Gov. Jay Inslee said Thursday. [Read More]
Mozilla is discontinuing the Send feature in Firefox due to the fact that it has been abused to deliver malware and phishing attacks. [Read More]
Thousands of Magento-powered online stores have been hacked over the past few days as part of a skimming campaign that has been described as the “largest ever.” [Read More]
Warner Music Group has disclosed a data breach that impacts some of its e-commerce websites. [Read More]
A JavaScript skimmer identified earlier this year uses dynamic loading to avoid detection by static malware scanners, Visa warns. [Read More]
The Iran-linked hacking group known as Charming Kitten recently switched to WhatsApp and LinkedIn to conduct phishing attacks. [Read More]
A sophisticated cybercrime group has stolen payment card data from hundreds of websites over the past years using JavaScript sniffer malware. [Read More]
CISA and the FBI have issued an alert to warn of a voice phishing (vishing) campaign targeting employees of multiple organizations. [Read More]
Authorities in Maryland have issued an advisory about an apparent email phishing scam targeting firearms dealers in the state. [Read More]
Google is preparing to run an experiment in Chrome 86 as part of its fight against URL spoofing. [Read More]
- 1 of 31
- ››
FEATURES, INSIGHTS // Phishing
Vishing is a form of criminal phone fraud, combining one-on-one phone calls with custom phishing sites.
The barriers to entering the field of cybercrime have been significantly lowered, and for modest amounts of money, would-be scammers can buy high-quality phishing tools online.
Most of today’s cyber-attacks are front ended by phishing campaigns. So, what can organizations do to prevent their users from falling for the bait of these attacks?
Many of us are familiar with the two most common types of socially engineered attacks – phishing and spear-phishing – but there are many more to be aware of.
Domain name typo-squatting is an established tactic in the world of cybercrime.
Cybercriminals rely on tried and trusted methods for phishing; as long as there is even a four percent chance that phishing techniques will be successful, they will continue to use them.
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
If phishing attacks slip past the first line of defense, security teams need to be able to identify suspicious activity and stop it before hackers can learn enough about their enterprise to execute a full attack.
- 1 of 4
- ››
Get the Daily Briefing
- Android, macOS Versions of GravityRAT Spyware Spotted in Ongoing Campaign
- Scammers Seize on US Election, But It's Not Votes They Want
- U.S. Charges Russian Intelligence Officers for NotPetya, Industroyer Attacks
- CISA Warns of Remote Code Execution Bugs in Visual Studio, Windows Codecs Library
- Google Says No Significant Election Influence Campaigns Targeting Its Users
- French Court Tries Russian for Multi-Million-Euro Cyberfraud
- Google Targeted in Record-Breaking 2.5 Tbps DDoS Attack in 2017
- UK Data Privacy Watchdog Slashes BA Fine as Virus Bites
- Dickey's Barbecue Pit Investigating Possible Breach Affecting 3M Payment Cards
- TikTok Launches Public Bug Bounty Program
Copyright © 2020 Wired Business Media. All Rights Reserved. Privacy Policy