Security Experts:

Email Security
long dotted


A threat group breached a company’s webmail server and used the access to steal credentials and maintain persistence.
Google this week announced improved security and privacy settings for Google Drive and Gmail.
Caroline Kennedy, the US ambassador to Japan and daughter of late president John F. Kennedy, was criticized for using private email for official business.
Google details mechanisms used to keep spam out of Gmail inboxes. Postmaster Tools released to help high-volume email senders.
Google let a digital certificate expire that was sed to secure its domain, the domain used by Gmail and Google Apps users to send outgoing email.
Yahoo said Sunday it plans to introduce "end to end encryption" for email this year to boost privacy protection for users concerned about snooping from governments or hackers.
Research from Venafi found that access to the personal email server used by former U.S. Secretary of State Hillary Clinton was not encrypted or authenticated by a digital certificate for the first three months of her term.
Security experts share thoughts on Hillary Clinton's use of personal email for conducting official government business.
The recently launched Outlook for iOS is a “security nightmare” for companies, a researcher warned on Thursday.
An email scam which targets businesses with bogus invoices has netted more than $214 million from victims in 45 countries in just over one year, an FBI task force said Thursday.

FEATURES, INSIGHTS // Email Security

rss icon

Travis Greene's picture
Yahoo's “Account Key” uses push notifications to their Yahoo Mail app on mobile devices. Will this securely replace passwords and two-factor authentication?
Travis Greene's picture
In the case of Hilary Clinton's personal email server, we know that Top Secret information was transmitted over a network that likely wasn’t equipped to safeguard it. If her server was a target of foreign state actors, the implications are frightening.
Marc Solomon's picture
Today’s email-based attacks don’t occur at a single point in time and use multiple methods to evade detection. To bolster protection, organizations may turn to a set of disparate products that don’t – and can’t – work together.
Marc Solomon's picture
Recent high-profile security breaches at major retailers stem from the fact that in-store networks and their components are evolving and spawning a range of attack vectors.
Marc Solomon's picture
Many continue to click on links or attachments sent via email without taking any steps to verify the origin of the email or the validity of the link or attachment. It only takes one click to for an attacker to establish a foothold in the target’s systems.
Jon-Louis Heimerl's picture
Social engineering attacks can happen at any time. Here are some strategies you can use to help reduce the chances of a successful social engineering/phishing attack you or your organization.
Jon-Louis Heimerl's picture
Was the Mayan Apocalypse was a myth? Since I am a security geek, I just happen to talk about security a lot. What are some security myths I have heard in my conversations with some very bright people?
Tal Be'ery's picture
In this column, Tal analyzes the technical details of the DKIM vulnerability, evaluates possible implications of the exploit, and points to some general lessons.
Alan Wlasuk's picture
Let’s look at what e-mail hacking is really all about and why it could be much more painful than just having to sort through our spouse’s energy drink messages.
Greg Olsen's picture
Transport Layer Security is a means of securing the transmission of email between two MTAs (mail transfer agents). In this column, I’ve highlighted some of the other things that can be done with TLS besides this opportunistic encryption of email.