Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Google will soon block login attempts from embedded browser frameworks such as the Chromium Embedded Framework (CEF) to prevent MitM phishing attacks. [Read More]
Djevair Ametovski, the Macedonian operator of a cybercrime marketplace named Codeshop, has been sentenced to 90 months in prison by US authorities. [Read More]
A financially motivated threat actor believed to speak Russian has used remote access Trojans (RATs) in attacks on financial entities in the United States and worldwide. [Read More]
Most of the malicious activity by Brazilian hackers is within Brazil against Brazilians, but this does not mean that Brazil lacks hacking capabilities, nor that the rest of the world can ignore Brazilian hackers. [Read More]
Microsoft has taken control of 99 domains used by an Iran-linked cyberespionage group tracked as Phosphorus, APT35, Charming Kitten, NewsBeef, Newscaster and Ajax Security Team. [Read More]
A 50-year-old from Lithuania has pleaded guilty over his role in a $100 million business email compromise (BEC) scheme targeting Facebook and Google. [Read More]
Threat actors have been increasingly targeting Office 365 and G Suite cloud accounts that are using the legacy IMAP protocol in an attempt to bypass multi-factor authentication (MFA). [Read More]
Former Air Force intelligence officer, Monica Elfriede Witt, has been charged with providing secret U.S. information to the Iranian government. [Read More]
A recent phishing attack targeting mobile users leveraged Google Translate to serve fake login pages to Google and Facebook users. [Read More]
Netcraft launches mobile app designed to protect users against phishing and other attacks. Android version available and iOS version coming soon. [Read More]
- 1 of 23
- ››
FEATURES, INSIGHTS // Phishing
Cybercriminals rely on tried and trusted methods for phishing; as long as there is even a four percent chance that phishing techniques will be successful, they will continue to use them.
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
If phishing attacks slip past the first line of defense, security teams need to be able to identify suspicious activity and stop it before hackers can learn enough about their enterprise to execute a full attack.
Even organizations with the most robust defense solutions and advanced automated technologies cannot effectively combat threats such as BEC without the adequate support and nuanced expertise of humans.
Even though I've been analyzing malware for the past 20 years, I do understand that internet security is not merely a technical problem, but also a business problem.
DMARC is an email authentication standard designed to eliminate phishing and other types of attack that use spoofing to misrepresent an email sender identity.
Is the appropriate response to blame the victim when increasingly sophisticated attacks and the rise in credential thefts are making any user’s goal of protecting themselves much more difficult?
It’s hard keeping criminals from infiltrating networks, much less worrying that users will simply open the door to bad guys by letting their guard down.
- 1 of 4
- ››
SecurityWeek Daily Briefing
- Researcher Drops Windows 10 Zero-Day Exploit
- Google Warns G Suite Customers of Passwords Stored Unhashed Since 2005
- Firefox Now Has Fingerprinting and Crypto-mining Protection
- Attack Combines Phishing, Steganography, PowerShell to Deliver Malware
- Guardicore Raises $60 Million in Series C Funding
- Satan Ransomware Expands Portfolio of Exploits
- Poor Security Hygiene Found Across Almost All Political Parties in US, Europe
- Microsoft Adds Live Response Capabilities to Defender ATP
- Identity Management Firm Auth0 Raises $103 Million
- US Warns Chinese Drones May Steal Data: Report
Copyright © 2019 Wired Business Media. All Rights Reserved. Privacy Policy