Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Phishers continue to turn to shared virtual server hacking, APWG reports.
The recent expansion of generic Top-Level Domains (gTLDs) has attracted the attention of cybercriminals who have started abusing them for their malicious operations, researchers warned this week.
Attackers are playing on the hype around the crypto-currency Bitcoin to cast a wider phishing net looking for victims. It's not just bank credentials cyber-criminals are looking for.
The crash of the Malaysia Airlines flight MH17 in eastern Ukraine on June 17 continues to make headlines, making it a perfect event for cybercriminals to leverage in their malicious campaigns.
According to research, financial institutions, payment services and social networks are among the categories of sites most likely to be used in phishing attacks.
According to a report from Imperva, 80% of the traffic associated with comment spam is generated by just 28% of attack sources.
The new anti-phishing feature currently being tested in the experimental version of Google Chrome does not work as well as intended and poses security risks.
Cisco issued an alert for five separate buffer overflow security flaws that exist in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players.
Mining companies, government agencies and manufacturing firms were hit hard by phishers in 2013, with one in three such organizations suffering at least one attack.
Cybercriminals are settling into a comfortable place in the "Dark Web" where they test, refine and distribute malware for online thievery.

FEATURES, INSIGHTS // Phishing

rss icon

James Foster's picture
Monitoring social media is a daunting task. Enterprises must have risk management plans in place to monitor, identify, combat and remediate social media-based threats.
Torsten George's picture
For all the benefits that social media networks provide, organizations must recognize that they present a double-edged sword when it comes to security.
Marc Solomon's picture
Many continue to click on links or attachments sent via email without taking any steps to verify the origin of the email or the validity of the link or attachment. It only takes one click to for an attacker to establish a foothold in the target’s systems.
Jon-Louis Heimerl's picture
For a month, I kept all of my spam, then looked at the subject matter, where it was from and tried to analyze some additional characteristics of the spam.
Jon-Louis Heimerl's picture
Social engineering attacks can happen at any time. Here are some strategies you can use to help reduce the chances of a successful social engineering/phishing attack you or your organization.
Jon-Louis Heimerl's picture
What do you do when your organization has been victimized by a phishing attack? If you wait until you are actually under an attack it is too late.
Jon-Louis Heimerl's picture
Organizationally, there are things you can do to help avoid becoming a victim, and to minimize damage if you are victimized.
Ram Mohan's picture
The semiannual “Global Phishing Survey” from the Anti-Phishing Working Group (APWG) provides powerful insight into what is happening in phishing worldwide.
Idan Aharoni's picture
Cooperation in the underground economy could enable a fraudster in Russia who masters the art of phishing to team up with another fraudster who already has the infrastructure of cashing out compromised online banking accounts of US banks.
Chris Hinkley's picture
Businesses usually don’t think about social engineering when securing company data. It used to be believed that social engineering was reserved for governments and organizations with enemies. That's not the case anymore.