Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
A recently observed phishing campaign targeting victims’ private email addresses has adopted a multi-stage approach in an attempt to avoid raising suspicion. [Read More]
Attackers are targeting the United States Utilities Sector with LookBack Malware and using phishing attacks impersonating engineering licensing boards to compromise targets. [Read More]
Cybercriminals managed to divert $2.5 million in a business email compromise (BEC) scam targeting Cabarrus County, North Carolina. $1.7 million remains missing. [Read More]
Google announced the beta availability of Advanced Protection Program for G Suite customers and anomaly detection in the G Suite alert center. [Read More]
Waltham, MA-based email security firm GreatHorn has raised an additional $13 million in a new funding round technically filed as a Series A-1. [Read More]
Cybercriminals are already targeting a recently disclosed vulnerability in the open-source Exim mail server, Cybereason reports. [Read More]
Email-focused cybersecurity firm Vade Secure has agreed to a €70 million (approximately US$79.3 million) investment by venture capital firm General Catalyst. [Read More]
Security researchers documented the of evolution a Nigerian cybercriminal group from its emergence as a one-man shop into a large business email compromise (BEC) operation employing dozens of threat actors. [Read More]
Privacy-focused ProtonMail has been accused of voluntarily helping law enforcement spy on users, but the company has denied the accusations. [Read More]
Google on Tuesday said that some customer passwords for its G Suite customers were stored in an unhashed format since 2005. [Read More]
- 1 of 27
- ››
FEATURES, INSIGHTS // Email Security
Organizations may not be able to mitigate BEC scams entirely; however, tightening up processes will ensure data exposure is kept to a minimum.
By learning from the past there are many steps we can take to strength our approach to security as attackers continue to turn to email to help accomplish their mission.
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
Ninety percent of breaches may begin with an email, but today most of the action happens well after an inbound email has been scanned and delivered.
Even organizations with the most robust defense solutions and advanced automated technologies cannot effectively combat threats such as BEC without the adequate support and nuanced expertise of humans.
To mitigate the risk of attacks, IT teams should disable unused tools and components, while deploying endpoint protection that doesn’t rely solely on file scanning or whitelisting.
DMARC is an email authentication standard designed to eliminate phishing and other types of attack that use spoofing to misrepresent an email sender identity.
Endpoint protection will never be able to catch up with “known wolves,” but machine learning and artificial perception can change the rules of engagement with models of “known good.”
- 1 of 4
- ››
SecurityWeek Daily Briefing
- GitHub Becomes CVE Numbering Authority, Acquires Semmle
- 300 More Chinese Arrested in Philippines Crackdown
- Emotet Returns, Spreads via Hijacked Email Conversations
- U.S. Could Launch Cyberattack on Iran in Response to Saudi Oil Attack
- Top 10 Tactical Recommendations for SMB Cybersecurity
- Facebook Takes Down Misleading Campaigns From Iraq, Ukraine
- Code Execution Vulnerabilities Found in Aspose PDF Processing Product
- Supply Chain Likely Target in Attacks by Tortoiseshell Group on Saudi IT Firms
- 'Panda' Group Makes Thousands of Dollars Using RATs, Crypto-Miners
- US Justice Department Sues Snowden Over New Book
Copyright © 2019 Wired Business Media. All Rights Reserved. Privacy Policy