Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
A majority of the 2020 US presidential campaigns are vulnerable to sophisticated email attacks, according to a study conducted by email security firm Agari. [Read More]
Armorblox emerges from stealth mode with a platform that uses natural language understanding to detect threats hidden in emails and documents. The company also announced a $16.5 million Series A funding round. [Read More]
Email provider VFEmail was hit by a destructive attack, where a hacker who accessed its network was able to erase its servers in the United States, including the backup systems. [Read More]
A group of scammers has been abusing a Gmail feature that gives users control over all dotted versions of their Gmail addresses. [Read More]
The check-in links sent via email or SMS by several major airlines from around the world can allow hackers to obtain passengers’ personal information and possibly make changes to their booking. [Read More]
A U.S. judge has rejected Yahoo’s data breach settlement, citing, among other things, inadequate disclosure of the settlement fund and high attorney fees. [Read More]
Email security firm, Mimecast, has acquired Simply Migrate (a cloud migration specialist) for an undisclosed sum on January 29, 2019. [Read More]
Microsoft Exchange 2013 and newer versions allow an attacker to escalate privileges when performing a NT LAN Manager (NTLM) relay attack. [Read More]
Spam campaigns that have active during the last several months have been distributing the Redaman banking malware, Palo Alto Networks security researchers say. [Read More]
Alphabet’s Jigsaw unit has published a quiz that tests users’ ability to identify phishing attacks and teaches them what signs to look for to determine if a message is legitimate or not. [Read More]
- 1 of 26
- ››
FEATURES, INSIGHTS // Email Security
Organizations may not be able to mitigate BEC scams entirely; however, tightening up processes will ensure data exposure is kept to a minimum.
By learning from the past there are many steps we can take to strength our approach to security as attackers continue to turn to email to help accomplish their mission.
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
Ninety percent of breaches may begin with an email, but today most of the action happens well after an inbound email has been scanned and delivered.
Even organizations with the most robust defense solutions and advanced automated technologies cannot effectively combat threats such as BEC without the adequate support and nuanced expertise of humans.
To mitigate the risk of attacks, IT teams should disable unused tools and components, while deploying endpoint protection that doesn’t rely solely on file scanning or whitelisting.
DMARC is an email authentication standard designed to eliminate phishing and other types of attack that use spoofing to misrepresent an email sender identity.
Endpoint protection will never be able to catch up with “known wolves,” but machine learning and artificial perception can change the rules of engagement with models of “known good.”
- 1 of 4
- ››
SecurityWeek Daily Briefing
- Researcher Drops Windows 10 Zero-Day Exploit
- Google Warns G Suite Customers of Passwords Stored Unhashed Since 2005
- Firefox Now Has Fingerprinting and Crypto-mining Protection
- Attack Combines Phishing, Steganography, PowerShell to Deliver Malware
- Guardicore Raises $60 Million in Series C Funding
- Satan Ransomware Expands Portfolio of Exploits
- Poor Security Hygiene Found Across Almost All Political Parties in US, Europe
- Microsoft Adds Live Response Capabilities to Defender ATP
- Identity Management Firm Auth0 Raises $103 Million
- US Warns Chinese Drones May Steal Data: Report
Copyright © 2019 Wired Business Media. All Rights Reserved. Privacy Policy