Security Experts:

Email Security
long dotted

NEWS & INDUSTRY UPDATES

Russia-linked cyberspy group APT28 using NATO’s CyCon cybersecurity conference to trick users into installing malware [Read More]
DHS orders all federal agencies to implement DMARC, but Agari says currently only 9% have fully implemented the system [Read More]
DHS issues binding operational directive requiring all federal agencies to use HTTPS, DMARC and STARTTLS [Read More]
I recent attack reminds us that DMARC can prevent phishing from genuine domains, but cannot prevent phishing from lookalike domains. [Read More]
A vulnerability that that was recently addressed by Microsoft as part of the October 2017 Patch Tuesday could result in Outlook sending emails in cleartext when S/MIME encryption was supposed to be used. [Read More]
A widescale stealthy attack against Office 365 (O365) accounts started in May and is still continuing, with 50 percent of all large Office 365 customers possibly being attacked. [Read More]
The spam rate of overall email dropped slightly over the past couple of months to 55% in September, but remains above the year average, a new Symantec report reveals. [Read More]
Attackers inject themselves into ongoing email exchanges in highly targeted spear-phishing attacks aimed at entities around the world [Read More]
Adobe security team accidentally publishes private PGP key on its blog [Read More]
A helpdesk vulnerability exposes the internal communications of hundreds of companies, researcher warned [Read More]

FEATURES, INSIGHTS // Email Security

rss icon

Markus Jakobsson's picture
Endpoint protection will never be able to catch up with “known wolves,” but machine learning and artificial perception can change the rules of engagement with models of “known good.”
Erin O’Malley's picture
Conventional email security solutions may defend against spam, viruses, and malware, but they don’t defend against ignorance or egregious stupidity.
Bill Sweeney's picture
As data moves online, social engineering techniques have become far more personalized, technologically advanced and ultimately successful.
Travis Greene's picture
Yahoo's “Account Key” uses push notifications to their Yahoo Mail app on mobile devices. Will this securely replace passwords and two-factor authentication?
Travis Greene's picture
In the case of Hilary Clinton's personal email server, we know that Top Secret information was transmitted over a network that likely wasn’t equipped to safeguard it. If her server was a target of foreign state actors, the implications are frightening.
Marc Solomon's picture
Today’s email-based attacks don’t occur at a single point in time and use multiple methods to evade detection. To bolster protection, organizations may turn to a set of disparate products that don’t – and can’t – work together.
Marc Solomon's picture
Recent high-profile security breaches at major retailers stem from the fact that in-store networks and their components are evolving and spawning a range of attack vectors.
Marc Solomon's picture
Many continue to click on links or attachments sent via email without taking any steps to verify the origin of the email or the validity of the link or attachment. It only takes one click to for an attacker to establish a foothold in the target’s systems.
Jon-Louis Heimerl's picture
Social engineering attacks can happen at any time. Here are some strategies you can use to help reduce the chances of a successful social engineering/phishing attack you or your organization.
Jon-Louis Heimerl's picture
Was the Mayan Apocalypse was a myth? Since I am a security geek, I just happen to talk about security a lot. What are some security myths I have heard in my conversations with some very bright people?