Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Microsoft patches at least 73 documented security flaws in the Windows ecosystem and warned that unknown attackers are already launching zero-day man-in-the-middle attacks. [Read More]
Adobe ships patches for at least 18 serious security defects in multiple enterprise-facing products and warned that unpatched systems are at risk of remote code execution attacks [Read More]
By the end of 2023, GitHub will mandate that all code contributors secure their computers with at least one form of two-factor authentication (2FA) account protection. [Read More]
The U.S. government is barreling ahead with plans to mitigate future threats from quantum computing with a new White House memo directing federal agencies to jumpstart an all-hands-on-deck approach to migrating to quantum-resistant technologies. [Read More]
Threat hunters at Kaspersky find a malicious campaign that abuses Windows event logs to store fileless last stage Trojans and keep them hidden in the file system. [Read More]
Google's Threat Analysis Group (TAG) observed an increased number of threat actors using cyberattack themes related to the war in Ukraine. [Read More]
Hubble Technology banks $9 million in venture capital funding to build an “agentless technology asset visibility” aimed at disrupting the asset management space. [Read More]
Mandiant warns that a new threat actor is using backdoors to remain undetected for "an order of magnitude longer than the average dwell time of 21 days in 2021." [Read More]
Traceable AI, a startup building technology to reduce attack surfaces in APIs, has banked a new $60 million funding round that values the company at $450 million. [Read More]
Endpoint visibility technology vendor Fleet attracted $20 million in new funding at a valuation in the range of $100 million. [Read More]
- 1 of 79
- ››
FEATURES, INSIGHTS // Phishing
Most organizations rely too heavily on their cybersecurity pros to protect them from threats, ignoring the painful reality that human error is by far the most common cause of security breaches.
Leveraging humans for detection makes it hard for the attackers to predict whether or not their malicious emails will be identified and using technology to automate response provides scale and speed in resolution.
Vishing is a form of criminal phone fraud, combining one-on-one phone calls with custom phishing sites.
The barriers to entering the field of cybercrime have been significantly lowered, and for modest amounts of money, would-be scammers can buy high-quality phishing tools online.
Most of today’s cyber-attacks are front ended by phishing campaigns. So, what can organizations do to prevent their users from falling for the bait of these attacks?
Many of us are familiar with the two most common types of socially engineered attacks – phishing and spear-phishing – but there are many more to be aware of.
Domain name typo-squatting is an established tactic in the world of cybercrime.
Cybercriminals rely on tried and trusted methods for phishing; as long as there is even a four percent chance that phishing techniques will be successful, they will continue to use them.
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
- 1 of 4
- ››
Get the Daily Briefing
- Cornami Raises $68 Million for Quantum Secure Computing on Encrypted Data
- US Government Says North Korean IT Workers Enable DPRK Hacking Operations
- Now Live: SecurityWeek Threat Intelligence Summit Virtual Event
- The Vulnerable Maritime Supply Chain - a Threat to the Global Economy
- National Cybersecurity Agencies Describe Commonly Used Initial Access Techniques
- Over 380,000 Kubernetes API Servers Exposed to Internet: Shadowserver
- Carlyle to Acquire Defense Contractor ManTech in $4.2 Billion Deal
- NVIDIA Patches Code Execution Vulnerabilities in Graphics Driver
- Large-Scale Attack Targeting Tatsu Builder WordPress Plugin
- New Special Interest Group Aims to Enhance ICS/OT Cyber Defenses
Copyright © 2022 Wired Business Media. All Rights Reserved. Privacy Policy