Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

AT&T Alien Labs researchers flag new Golang-based malware threat that could potentially infect millions of routers and Internet of Things (IoT) devices. [Read More]
U.S. Vice President Kamala Harris on Wednesday announced support for the Paris Call for Trust and Security in Cyberspace. [Read More]
An authenticated attacker could exploit the flaw to trigger the restart of the WordPress installation process and create an administrator account. [Read More]
Researchers warn that the malware has extensive spyware capabilities, including data theft, GPS monitoring, and audio and video recording. [Read More]
Microsoft said the two under-attack vulnerabilities exist in Microsoft Exchange Server and Microsoft Excel, two widely deployed products in the Windows ecosystem. [Read More]
Adobe patches a security flaw in the RoboHelp Server product, warning that corporate environments are exposed to arbitrary code execution attacks. [Read More]
The U.S. Treasury Department slaps sanctions against the Chatex cryptocurrency exchange and offers multi-million-dollar rewards for information on the REvil ransomware gang. [Read More]
Since mid-September, at least nine global entities across multiple sectors were compromised in attacks exploiting a ManageEngine ADSelfService Plus security flaw. [Read More]
Electronic Warfare Associates said its email system was compromised in August by hackers who stole social security numbers and other personally identifiable information. [Read More]
As cybersecurity valuations soar, Drata banks $100 million in a funding deal that values the company north of $1 billion. [Read More]

FEATURES, INSIGHTS // Phishing

rss icon

Siggi Stefnisson's picture
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
Devon Kerr's picture
If phishing attacks slip past the first line of defense, security teams need to be able to identify suspicious activity and stop it before hackers can learn enough about their enterprise to execute a full attack.
Josh Lefkowitz's picture
Even organizations with the most robust defense solutions and advanced automated technologies cannot effectively combat threats such as BEC without the adequate support and nuanced expertise of humans.
Siggi Stefnisson's picture
Even though I've been analyzing malware for the past 20 years, I do understand that internet security is not merely a technical problem, but also a business problem.
Markus Jakobsson's picture
DMARC is an email authentication standard designed to eliminate phishing and other types of attack that use spoofing to misrepresent an email sender identity.
Jack Danahy's picture
Is the appropriate response to blame the victim when increasingly sophisticated attacks and the rise in credential thefts are making any user’s goal of protecting themselves much more difficult?
Simon Crosby's picture
It’s hard keeping criminals from infiltrating networks, much less worrying that users will simply open the door to bad guys by letting their guard down.
Johnnie Konstantas's picture
While most of us aren’t asking for it, chances are high that we, too, have been—or will become—victims of a cyber attack.
Alastair Paterson's picture
While you may understand the risks that come from the use of social media, what options do you have to protect your organization against them?
Bill Sweeney's picture
As data moves online, social engineering techniques have become far more personalized, technologically advanced and ultimately successful.