Security Experts:

Email Security
long dotted


Panda Banker, an offspring of the infamous Zeus malware, was recently observed in a massive infection campaign where millions of spam messages were sent to potential victims. [Read More]
PhishMe, a company that helps organizations teach security awareness by educating employees on how to identify phishing attacks, today announced it has raised a whopping $42.5 million in funding. [Read More]
More than half of Alexa top 500 domains can be spoofed because their owners failed to properly configure email authentication [Read More]
Business email compromise (BEC) scams have resulted in losses of $3.1 billion from 22,000 victims as of May 2016. [Read More]
A vulnerability in Verizon’s webmail service could have been exploited by hackers to silently forward emails [Read More]
Thousands of Let's Encrypt users saw their email addresses being exposed when the open certificate authority (CA) started sending a notification to active subscribers. [Read More]
$2.3 billion stolen from 17,642 victims in at least 79 countries. These are the current figures for the growing scourge known as business email compromise (BEC). [Read More]
German federal CERT (CERT-BUND) warned that malicious emails containing fake invoices as Word documents contain a personal salutation and business role of the receiver. [Read More]
An official inquiry has found serious shortcomings in how US presidential candidate Hillary Clinton in her former post as secretary of state managed the security of their emails. [Read More]
Agari, a provider security solutions that help detect email-based cyberattacks, today announced that it has raised $22 million in a Series D funding round, bringing the total raised by the company to $44.7 million. [Read More]

FEATURES, INSIGHTS // Email Security

rss icon

Erin O’Malley's picture
Conventional email security solutions may defend against spam, viruses, and malware, but they don’t defend against ignorance or egregious stupidity.
Bill Sweeney's picture
As data moves online, social engineering techniques have become far more personalized, technologically advanced and ultimately successful.
Travis Greene's picture
Yahoo's “Account Key” uses push notifications to their Yahoo Mail app on mobile devices. Will this securely replace passwords and two-factor authentication?
Travis Greene's picture
In the case of Hilary Clinton's personal email server, we know that Top Secret information was transmitted over a network that likely wasn’t equipped to safeguard it. If her server was a target of foreign state actors, the implications are frightening.
Marc Solomon's picture
Today’s email-based attacks don’t occur at a single point in time and use multiple methods to evade detection. To bolster protection, organizations may turn to a set of disparate products that don’t – and can’t – work together.
Marc Solomon's picture
Recent high-profile security breaches at major retailers stem from the fact that in-store networks and their components are evolving and spawning a range of attack vectors.
Marc Solomon's picture
Many continue to click on links or attachments sent via email without taking any steps to verify the origin of the email or the validity of the link or attachment. It only takes one click to for an attacker to establish a foothold in the target’s systems.
Jon-Louis Heimerl's picture
Social engineering attacks can happen at any time. Here are some strategies you can use to help reduce the chances of a successful social engineering/phishing attack you or your organization.
Jon-Louis Heimerl's picture
Was the Mayan Apocalypse was a myth? Since I am a security geek, I just happen to talk about security a lot. What are some security myths I have heard in my conversations with some very bright people?
Tal Be'ery's picture
In this column, Tal analyzes the technical details of the DKIM vulnerability, evaluates possible implications of the exploit, and points to some general lessons.