Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Akamai discovered 1,221 active phishing domains by using its CDN logs to identify users that were redirected from phishing landing pages. [Read More]
Facebook has sued domain registrar Namecheap over its refusal to provide information on tens of domains that impersonated the social media company. [Read More]
Researchers say there are over 600 legitimate Microsoft subdomains that can be hijacked and abused for phishing, malware delivery and scams. [Read More]
What started as almost casual research in November 2019 and disclosed to various vendors as a vulnerability, was abruptly reclassified and treated as a zero-day vulnerability on February 13, 2020. [Read More]
Puerto Rico’s government has suspended three employees as federal agents investigate an online scam that attempted to steal more than $4 million from the U.S. territory. [Read More]
Puerto Rico’s government has lost more than $2.6 million after falling for an email phishing scam, according to a senior official. [Read More]
Several cybersecurity companies have spotted various campaigns that leverage coronavirus-themed emails to deliver malware, phishing and scams. [Read More]
The Iran-linked threat group know as "Charming Kitten" has been targeting journalists, political and human rights activists in a new campaign aimed at stealing email account credentials. [Read More]
A newly launched project wants to help inform IT security representatives and domain owners when their users fall victim to phishing. [Read More]
A threat group linked to Iran has targeted a U.S.-based research company whose services are used by businesses and government organizations. [Read More]
- 1 of 27
- ››
FEATURES, INSIGHTS // Phishing
The barriers to entering the field of cybercrime have been significantly lowered, and for modest amounts of money, would-be scammers can buy high-quality phishing tools online.
Most of today’s cyber-attacks are front ended by phishing campaigns. So, what can organizations do to prevent their users from falling for the bait of these attacks?
Many of us are familiar with the two most common types of socially engineered attacks – phishing and spear-phishing – but there are many more to be aware of.
Domain name typo-squatting is an established tactic in the world of cybercrime.
Cybercriminals rely on tried and trusted methods for phishing; as long as there is even a four percent chance that phishing techniques will be successful, they will continue to use them.
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
If phishing attacks slip past the first line of defense, security teams need to be able to identify suspicious activity and stop it before hackers can learn enough about their enterprise to execute a full attack.
Even organizations with the most robust defense solutions and advanced automated technologies cannot effectively combat threats such as BEC without the adequate support and nuanced expertise of humans.
- 1 of 4
- ››
Subscribe to the Daily Briefing
- Privacy Rights May Become Next Victim of Killer Pandemic
- Europol: Criminals Exploit Virus Crisis as Fresh Opportunity
- Google Sees Drop in Government-Backed Phishing Attempts
- Russian Hackers Exploited Windows Flaws in Attacks on European Firms
- Senator Urges Vendors to Secure Networking Devices Amid COVID-19 Outbreak
- GitHub Paid Out Over $1 Million in Bug Bounties
- Websites of U.S. Presidential Candidates Pose Security, Privacy Risks
- Unofficial Patches Released for Exploited Windows Font Processing Flaws
- No Patch for VPN Bypass Flaw Discovered in iOS
- Spyware Delivered to iPhone Users in Hong Kong Via iOS Exploits
Copyright © 2020 Wired Business Media. All Rights Reserved. Privacy Policy