Security Experts:

long dotted


German federal CERT (CERT-BUND) warned that malicious emails containing fake invoices as Word documents contain a personal salutation and business role of the receiver. [Read More]
Simulated phish training trains staff, it highlights staff who may need additional training, and it provides automatic 'training points' for staff who fail the test. [Read More]
Snapchat on Friday was targeted by a phishing attack that resulted in some payroll information of its employees being inadvertently revealed. [Read More]
Cybercriminals behind the Dridex botnet have ramped up their email campaign activity following a short holiday season break, researchers at FireEye Labs say. [Read More]
The Dridex banking Trojan has been updated with a new attack methodology that leverages a similar redirection attack scheme used by the Dyre Trojan, IBM X-Force researchers warn. [Read More]
A security flaw in the popular single-sign-on (SSO) and password management service LastPass could allow a bad actor conducting a phishing attack to fully compromise user’s accounts, researcher Sean Cassidy has discovered. [Read More]
The black market for IP addresses is thriving given that a cybercriminal stealing a large IP address block can generate thousands of dollars per month. [Read More]
Hackers breached the systems of anti-adblocking service PageFair and used the access to deliver malware [Read More]
A new piece of malware dubbed Brolux has been used to target online banking users in Japan. Chinese cybercriminals could be behind the attacks. [Read More]
The news that Raytheon is acquiring Websense has been leveraged by malicious actors to target Websense employees with malware-carrying emails. [Read More]


rss icon

Simon Crosby's picture
It’s hard keeping criminals from infiltrating networks, much less worrying that users will simply open the door to bad guys by letting their guard down.
Johnnie Konstantas's picture
While most of us aren’t asking for it, chances are high that we, too, have been—or will become—victims of a cyber attack.
Alastair Paterson's picture
While you may understand the risks that come from the use of social media, what options do you have to protect your organization against them?
Bill Sweeney's picture
As data moves online, social engineering techniques have become far more personalized, technologically advanced and ultimately successful.
James Foster's picture
Monitoring social media is a daunting task. Enterprises must have risk management plans in place to monitor, identify, combat and remediate social media-based threats.
Torsten George's picture
For all the benefits that social media networks provide, organizations must recognize that they present a double-edged sword when it comes to security.
Marc Solomon's picture
Many continue to click on links or attachments sent via email without taking any steps to verify the origin of the email or the validity of the link or attachment. It only takes one click to for an attacker to establish a foothold in the target’s systems.
Jon-Louis Heimerl's picture
For a month, I kept all of my spam, then looked at the subject matter, where it was from and tried to analyze some additional characteristics of the spam.
Jon-Louis Heimerl's picture
Social engineering attacks can happen at any time. Here are some strategies you can use to help reduce the chances of a successful social engineering/phishing attack you or your organization.
Jon-Louis Heimerl's picture
What do you do when your organization has been victimized by a phishing attack? If you wait until you are actually under an attack it is too late.