Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Abnormal Security emerges from stealth mode with $24 million in funding and the launch of its cloud email security platform. [Read More]
Vendor email compromise is a troubling new trend in which fraudsters use hijacked employee email accounts to target not just one company, but entire supply chain ecosystems. [Read More]
Proton Technologies, the company behind the privacy-focused email service ProtonMail, has made available the source code of its iOS client application. [Read More]
A currently ongoing mobile-aware phishing campaign is targeting various non-governmental entities worldwide, including United Nations humanitarian organizations such as UNICEF. [Read More]
The presidential campaign website of Donald Trump exposed information that may have allowed hackers to send out emails on behalf of the organization. [Read More]
The Iranian state-sponsored threat actor known as Charming Kitten employed new spear-phishing methods in a recent campaign. [Read More]
An analysis of more than 2.2 billion emails between April and June (Q2) 2019 exposes the current tactics, techniques and targets of contemporary attackers. [Read More]
Google is adding its Password Checkup tool to the Account password manager and Chrome, and it has unveiled some new privacy features for YouTube, Maps and Assistant. [Read More]
A Critical vulnerability (CVE-2019-16928) in the popular open-source email server Exim could allow an attacker to execute code remotely and take over a vulnerable server. [Read More]
Microsoft this week announced plans to add some new file extensions to the list of file types that are blocked in Outlook on the web. [Read More]
- 1 of 29
- ››
FEATURES, INSIGHTS // Email Security
Organizations may not be able to mitigate BEC scams entirely; however, tightening up processes will ensure data exposure is kept to a minimum.
By learning from the past there are many steps we can take to strength our approach to security as attackers continue to turn to email to help accomplish their mission.
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
Ninety percent of breaches may begin with an email, but today most of the action happens well after an inbound email has been scanned and delivered.
Even organizations with the most robust defense solutions and advanced automated technologies cannot effectively combat threats such as BEC without the adequate support and nuanced expertise of humans.
To mitigate the risk of attacks, IT teams should disable unused tools and components, while deploying endpoint protection that doesn’t rely solely on file scanning or whitelisting.
DMARC is an email authentication standard designed to eliminate phishing and other types of attack that use spoofing to misrepresent an email sender identity.
Endpoint protection will never be able to catch up with “known wolves,” but machine learning and artificial perception can change the rules of engagement with models of “known good.”
- 1 of 4
- ››
SecurityWeek Daily Briefing
- Trump, Johnson Talk Security Ahead of Huawei Decision
- Cisco Webex Vulnerability Exploited to Join Meetings Without a Password
- Questions Linger Over Investigation Into Jeff Bezos' Hacking
- Greece: Government Websites Hit by Cyberattack
- 2020 Rings in a New Era of Cyber Attacks - and it's Getting Personal
- Microsoft Releases Azure Security Benchmark
- Bipartisan Bill Aims to Reform NSA Surveillance of Americans
- Privacy Firm Finds Unsecured Cannabis Patient Information
- The More Authentication Methods, the Merrier
- UK 'to Decide on Huawei 5G Next Week'
Copyright © 2020 Wired Business Media. All Rights Reserved. Privacy Policy