Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
The U.S. Department of Justice secures a seven-year prison sentence for a Ukrainian man running a lucrative money-mule laundering scheme. [Read More]
Forescout researchers warn that improperly generated ISNs (Initial Sequence Numbers) leave TCP connections exposed to malicious hacker attacks. [Read More]
Endpoint security firm SentinelOne expects the $155 million deal to buy Scalyr will speed up its push into the lucrative XDR (Extended Detection and Response) market. [Read More]
In an SEC filing, North American trucking and freight transportation logistics giant Forward Air Corporation said a December 2020 ransomware attack led to loss of revenues in the range of $7.5 million. [Read More]
Microsoft says BEC scammers are trying to trick K-12 school teachers into buying them gift cards. [Read More]
Law enforcement authorities in the U.S. and Europe have seized the dark web sites associated with the NetWalker ransomware operations and also charged a Canadian national in relation to the malware. [Read More]
The open-source browser cracks down on cross-site tracking by isolating network connections and caches to the website currently visited. [Read More]
Apple confirmed that malicious hackers are exploiting serious security flaws in its flagship iOS and iPad OS platforms. Details are scant. [Read More]
Google warned about a “government-backed entity based in North Korea” targeting security researchers with social engineering attacks and drive-by browser exploits from booby-trapped websites. [Read More]
A new phishing campaign delivering fake Office 365 password expiration reports has managed to compromise tens of C-Suite email accounts, Trend Micro warns. [Read More]
- 1 of 35
- ››
FEATURES, INSIGHTS // Phishing
Vishing is a form of criminal phone fraud, combining one-on-one phone calls with custom phishing sites.
The barriers to entering the field of cybercrime have been significantly lowered, and for modest amounts of money, would-be scammers can buy high-quality phishing tools online.
Most of today’s cyber-attacks are front ended by phishing campaigns. So, what can organizations do to prevent their users from falling for the bait of these attacks?
Many of us are familiar with the two most common types of socially engineered attacks – phishing and spear-phishing – but there are many more to be aware of.
Domain name typo-squatting is an established tactic in the world of cybercrime.
Cybercriminals rely on tried and trusted methods for phishing; as long as there is even a four percent chance that phishing techniques will be successful, they will continue to use them.
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
If phishing attacks slip past the first line of defense, security teams need to be able to identify suspicious activity and stop it before hackers can learn enough about their enterprise to execute a full attack.
- 1 of 4
- ››
Get the Daily Briefing
- Google Discloses Details of Remote Code Execution Vulnerability in Windows
- Washington Senate OKs Measure Creating State Office of Cybersecurity
- PerimeterX Banks $57 Million for Bot Protection Expansion
- GitHub Hires Mike Hanley as Chief Security Officer
- Webinar Today: Evaluating Vendor Risk With Security Ratings
- New 'LazyScripter' Hacking Group Targets Airlines
- Four Additional Threat Groups Seen Targeting Industrial Organizations in 2020
- Hackers Leak Data Stolen From Jet Maker Bombardier
- Vietnamese Hackers Target Human Rights Defenders: Amnesty
- Twitter Shuts Down Four Networks of State-Sponsored Disinformation Accounts
Copyright © 2021 Wired Business Media. All Rights Reserved. Privacy Policy