Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
German software maker SAP has published 10 bulletins with fixes for a range of serious security vulnerabilities. [Read More]
Multiple serious security vulnerabilities were addressed in GPU drivers and vGPU software. [Read More]
U.S. Treasury FinCEN alert warns financial institutions of COVID-19 vaccine-related fraud, ransomware, and other cyberattacks. [Read More]
The bot-mitigation and fraud detection company finds an exit after raising $31 million in venture capital funding. [Read More]
Cybercriminals employ COVID-19 vaccine-related schemes to obtain personal information and money from unsuspecting victims. [Read More]
Russia-linked Zebrocy targets government and commercial organizations with COVID-19 vaccine-themed phishing emails. [Read More]
Microsoft has quietly patched a wormable, zero-click vulnerability in the widely deployed Microsoft Teams application. [Read More]
The deal gives NortonLifeLock an immediate foothold in the Europe, where Avira is known for providing a freemium anti-malware product to about $30 million devices. [Read More]
An unknown threat actor that is likely sponsored by a nation state is believed to be behind a phishing campaign targeting the COVID-19 vaccine cold chain. [Read More]
Cybercriminals are using a fake FINRA domain in a phishing campaign targeting United States organizations, FINRA warns. [Read More]
- 1 of 34
- ››
FEATURES, INSIGHTS // Phishing
Vishing is a form of criminal phone fraud, combining one-on-one phone calls with custom phishing sites.
The barriers to entering the field of cybercrime have been significantly lowered, and for modest amounts of money, would-be scammers can buy high-quality phishing tools online.
Most of today’s cyber-attacks are front ended by phishing campaigns. So, what can organizations do to prevent their users from falling for the bait of these attacks?
Many of us are familiar with the two most common types of socially engineered attacks – phishing and spear-phishing – but there are many more to be aware of.
Domain name typo-squatting is an established tactic in the world of cybercrime.
Cybercriminals rely on tried and trusted methods for phishing; as long as there is even a four percent chance that phishing techniques will be successful, they will continue to use them.
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
If phishing attacks slip past the first line of defense, security teams need to be able to identify suspicious activity and stop it before hackers can learn enough about their enterprise to execute a full attack.
- 1 of 4
- ››
Get the Daily Briefing
- Enterprise Credentials Publicly Exposed by Cybercriminals
- Drupal Updates Patch Another Vulnerability Related to Archive Files
- Multi-Cloud Network Security Provider Valtix Raises $12.5 Million
- Microsoft Details OPSEC, Anti-Forensic Techniques Used by SolarWinds Hackers
- Cisco Patches Critical Vulnerabilities in SD-WAN, DNA Center, SSMS Products
- Amazon Awards $18,000 for Exploit Allowing Kindle E-Reader Takeover
- Scanning Activity Detected After Release of Exploit for Critical SAP SolMan Flaw
- 'LuckyBoy' Malvertising Campaign Hits iOS, Android, XBox Users
- In a Remote Work Era, a People-First Approach Keeps Threat Intelligence Teams on Track
- Snort 3 Becomes Generally Available
Copyright © 2020 Wired Business Media. All Rights Reserved. Privacy Policy