Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Veteran cybersecurity practitioner and executive Caleb Sima has been tapped to lead security at mobile stock trading startup Robinhood. [Read More]
NEWS ANALYSIS: CrowdStrike said it will shell out a whopping $400 million to snap up a Splunk competitor and present itself as the security data lake for enterprise customers. We look at how the move affects the EDR, xDR and SIEM categories. [Read More]
The U.S. Justice Department indicted three North Korean military intelligence officials linked to cyber-attacks, including the theft of $1.3 billion in money and crypto-currency from organizations around the world. [Read More]
Researchers have analyzed the patterns of more than 1.2 billion email-based phishing and malware attacks targeting Gmail users, and found that most attacks campaigns are short-lived and sent to fewer than 1,000 targets. [Read More]
The U.S. Department of Justice secures a seven-year prison sentence for a Ukrainian man running a lucrative money-mule laundering scheme. [Read More]
Forescout researchers warn that improperly generated ISNs (Initial Sequence Numbers) leave TCP connections exposed to malicious hacker attacks. [Read More]
Endpoint security firm SentinelOne expects the $155 million deal to buy Scalyr will speed up its push into the lucrative XDR (Extended Detection and Response) market. [Read More]
Following speculation that Microsoft services served as an initial entry point for the SolarWinds hackers, the tech giant has provided some clarifications. [Read More]
Microsoft says BEC scammers are trying to trick K-12 school teachers into buying them gift cards. [Read More]
The open-source browser cracks down on cross-site tracking by isolating network connections and caches to the website currently visited. [Read More]
- 1 of 36
- ››
FEATURES, INSIGHTS // Email Security
Organizations may not be able to mitigate BEC scams entirely; however, tightening up processes will ensure data exposure is kept to a minimum.
By learning from the past there are many steps we can take to strength our approach to security as attackers continue to turn to email to help accomplish their mission.
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
Ninety percent of breaches may begin with an email, but today most of the action happens well after an inbound email has been scanned and delivered.
Even organizations with the most robust defense solutions and advanced automated technologies cannot effectively combat threats such as BEC without the adequate support and nuanced expertise of humans.
To mitigate the risk of attacks, IT teams should disable unused tools and components, while deploying endpoint protection that doesn’t rely solely on file scanning or whitelisting.
DMARC is an email authentication standard designed to eliminate phishing and other types of attack that use spoofing to misrepresent an email sender identity.
Endpoint protection will never be able to catch up with “known wolves,” but machine learning and artificial perception can change the rules of engagement with models of “known good.”
- 1 of 4
- ››
Get the Daily Briefing
- Software Icon McAfee Charged in Cryptocurrency Scam
- Thousands of Mobile Apps Expose Data via Misconfigured Cloud Containers
- Ransomware Takedowns Underscore Need for Private-Public Cybersecurity Collaboration
- Multiple Airlines Impacted by Data Breach at Aviation IT Firm SITA
- NSA, DHS Issue Guidance on Protective DNS
- Report: Russian Hackers Exploit Lithuanian Infrastructure
- Supermicro, Pulse Secure Respond to Trickbot's Ability to Target Firmware
- Three New Malware Strains Linked to SolarWinds Hackers
- South Africa Opposes WhatsApp-Facebook Data Sharing
- Someone Is Hacking Cybercrime Forums and Leaking User Data
Copyright © 2021 Wired Business Media. All Rights Reserved. Privacy Policy