Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
VMware slapped a critical-severity rating on the bulletin and warned that three of the patched flaws are marked with a CVSS severity score of 9.8/10. [Read More]
For the second consecutive month, Microsoft rushed out patches to cover vulnerabilities that were already exploited as zero-day in the wild, including a pair of belated fixes for exploited Microsoft Exchange Server flaws. [Read More]
Redmond warns that China-based nation state threat actors are taking advantage of a one-year-old law to “stockpile” zero-days for use in sustained malware attacks. [Read More]
CISA publishes guidance on how organizations can protect against phishing and other known cyber threats using phishing-resistant MFA. [Read More]
Dropbox has suffered a data breach after employees fell for a phishing attack. The hackers gained access to source code and personal data. [Read More]
Bed Bath & Beyond has suffered a data breach after an employee fell victim to a phishing attack. [Read More]
Twilio has concluded its investigation into the recent data breach and revealed that its employees were targeted in smishing and vishing attacks on two separate occasions. [Read More]
See Tickets is informing users that their payment card data was likely exposed after hackers injected skimmer code on its website. [Read More]
SafeBreach warns of a new PowerShell backdoor that pretends to be part of the Windows update process. [Read More]
California startup Bolster banks early-stage venture capital funding to build a fraud prevention platform for businesses. [Read More]
FEATURES, INSIGHTS // Phishing
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
If phishing attacks slip past the first line of defense, security teams need to be able to identify suspicious activity and stop it before hackers can learn enough about their enterprise to execute a full attack.
Even organizations with the most robust defense solutions and advanced automated technologies cannot effectively combat threats such as BEC without the adequate support and nuanced expertise of humans.
Even though I've been analyzing malware for the past 20 years, I do understand that internet security is not merely a technical problem, but also a business problem.
DMARC is an email authentication standard designed to eliminate phishing and other types of attack that use spoofing to misrepresent an email sender identity.
Is the appropriate response to blame the victim when increasingly sophisticated attacks and the rise in credential thefts are making any user’s goal of protecting themselves much more difficult?
It’s hard keeping criminals from infiltrating networks, much less worrying that users will simply open the door to bad guys by letting their guard down.
While most of us aren’t asking for it, chances are high that we, too, have been—or will become—victims of a cyber attack.
While you may understand the risks that come from the use of social media, what options do you have to protect your organization against them?
As data moves online, social engineering techniques have become far more personalized, technologically advanced and ultimately successful.
Get the Daily Briefing
- Apple Adding End-to-End Encryption to iCloud Backup
- Google Documents IE Browser Zero-Day Exploited by North Korean Hackers
- Cyberattack on Top Indian Hospital Highlights Security Risk
- Big Tech Vendors Object to US Gov SBOM Mandate
- Investors Pour $200 Million Into Compliance Automation Startup Drata
- Self-Propagating 'Zerobot' Botnet Targeting Spring4Shell, IoT Vulnerabilities
- Vaultree Raises $12.8 Million for Data-in-Use Encryption Solution
- Fortinet Patches High-Severity Authentication Bypass Vulnerability in FortiOS
- New Zealand Government Hit by Ransomware Attack on IT Provider
- 4 Nigerians Arrested in Europe Over US Charges Involving Hacking, Fraud
Copyright © 2022 Wired Business Media. All Rights Reserved. Privacy Policy