Security Experts:

Email Security
long dotted


Cyber threat intelligence firm RiskIQ runs about 2 billion virtual user requests every day to search out malicious activity across the Internet. [Read More]
The use of DMARC to prevent exact-domain sender spoofing is growing -- but it is difficult to configure correctly and completely. [Read More]
A recently observed spam campaign powered by the infamous Necurs botnet has been specifically targeting banks with the FlawedAmmyy RAT, security researchers warn. [Read More]
Attackers managed to infect tens of thousands of MikroTik network routers in Brazil with code that would inject the CoinHive in-browser crypto-mining script in users’ traffic. [Read More]
A survey of 650 IT and IT security professionals found disconnect between concerns about email threats and fraud and the lack of action taken by companies represented in the study. [Read More]
Email and data security firm Mimecast has acquired threat detection firm Solebit for approximately $88 million net of cash acquired. [Read More]
More than half of U.S. government agencies have properly implemented the DMARC email security standard in response to a binding operational directive from the DHS [Read More]
Email security firm GreatHorn wanted to examine the state of email security today, nearly fifty years after email was first developed. [Read More]
Symantec announces availability of Email Threat Isolation, a new solution designed to protect enterprises against phishing, account hijacking, and other attacks [Read More]
The losses and potential losses reported as a result of business email compromise (BEC) and email account compromise (EAC) scams exceed over $12 billion globally, says the FBI [Read More]

FEATURES, INSIGHTS // Email Security

rss icon

Siggi Stefnisson's picture
Ninety percent of breaches may begin with an email, but today most of the action happens well after an inbound email has been scanned and delivered.
Josh Lefkowitz's picture
Even organizations with the most robust defense solutions and advanced automated technologies cannot effectively combat threats such as BEC without the adequate support and nuanced expertise of humans.
Jack Danahy's picture
To mitigate the risk of attacks, IT teams should disable unused tools and components, while deploying endpoint protection that doesn’t rely solely on file scanning or whitelisting.
Markus Jakobsson's picture
DMARC is an email authentication standard designed to eliminate phishing and other types of attack that use spoofing to misrepresent an email sender identity.
Markus Jakobsson's picture
Endpoint protection will never be able to catch up with “known wolves,” but machine learning and artificial perception can change the rules of engagement with models of “known good.”
Erin O’Malley's picture
Conventional email security solutions may defend against spam, viruses, and malware, but they don’t defend against ignorance or egregious stupidity.
Bill Sweeney's picture
As data moves online, social engineering techniques have become far more personalized, technologically advanced and ultimately successful.
Travis Greene's picture
Yahoo's “Account Key” uses push notifications to their Yahoo Mail app on mobile devices. Will this securely replace passwords and two-factor authentication?
Travis Greene's picture
In the case of Hilary Clinton's personal email server, we know that Top Secret information was transmitted over a network that likely wasn’t equipped to safeguard it. If her server was a target of foreign state actors, the implications are frightening.
Marc Solomon's picture
Today’s email-based attacks don’t occur at a single point in time and use multiple methods to evade detection. To bolster protection, organizations may turn to a set of disparate products that don’t – and can’t – work together.