Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
The cybersecurity powerhouse plans to spend $195 million in cash to acquire Israeli application security startup Cider Security. [Read More]
According to a joint CISA/FBI advisory, Iranian government-sponsored hackers hit at least one Federal Civilian Executive Branch (FCEB) organization with an exploit for a Log4j vulnerability in an unpatched VMware Horizon server. [Read More]
Investors pour $65 million into an early-stage Israeli startup building technology to help businesses manage secrets like credentials, certificates and keys. [Read More]
Bishop Fox has raised more than $154 million in lifetime funding to build and market technology for continuous attack surface management. [Read More]
China-linked cybercrime group Fangxiao set up over 40,000 malicious websites spoofing more than 400 popular brands. [Read More]
VMware slapped a critical-severity rating on the bulletin and warned that three of the patched flaws are marked with a CVSS severity score of 9.8/10. [Read More]
For the second consecutive month, Microsoft rushed out patches to cover vulnerabilities that were already exploited as zero-day in the wild, including a pair of belated fixes for exploited Microsoft Exchange Server flaws. [Read More]
Redmond warns that China-based nation state threat actors are taking advantage of a one-year-old law to “stockpile” zero-days for use in sustained malware attacks. [Read More]
CISA publishes guidance on how organizations can protect against phishing and other known cyber threats using phishing-resistant MFA. [Read More]
Dropbox has suffered a data breach after employees fell for a phishing attack. The hackers gained access to source code and personal data. [Read More]
- 1 of 93
- ››
FEATURES, INSIGHTS // Phishing
Most organizations rely too heavily on their cybersecurity pros to protect them from threats, ignoring the painful reality that human error is by far the most common cause of security breaches.
Leveraging humans for detection makes it hard for the attackers to predict whether or not their malicious emails will be identified and using technology to automate response provides scale and speed in resolution.
Vishing is a form of criminal phone fraud, combining one-on-one phone calls with custom phishing sites.
The barriers to entering the field of cybercrime have been significantly lowered, and for modest amounts of money, would-be scammers can buy high-quality phishing tools online.
Most of today’s cyber-attacks are front ended by phishing campaigns. So, what can organizations do to prevent their users from falling for the bait of these attacks?
Many of us are familiar with the two most common types of socially engineered attacks – phishing and spear-phishing – but there are many more to be aware of.
Domain name typo-squatting is an established tactic in the world of cybercrime.
Cybercriminals rely on tried and trusted methods for phishing; as long as there is even a four percent chance that phishing techniques will be successful, they will continue to use them.
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
- 1 of 4
- ››
Get the Daily Briefing
- Hypr Raises $25 Million for Passwordless Authentication Platform
- Three Innocuous Linux Vulnerabilities Chained to Obtain Full Root Privileges
- Report: California Gun Data Breach Was Unintentional
- IBM Cloud Vulnerability Exposed Users to Supply Chain Attacks
- Over 100 Organizations Hit by Cuba Ransomware: CISA, FBI
- Mitsubishi Electric PLCs Exposed to Attacks by Engineering Software Flaws
- Google Migrating Android to Memory-Safe Programming Languages
- Wipers Are Widening: Here's Why That Matters
- 'Schoolyard Bully' Android Trojan Targeted Facebook Credentials of 300,000 Users
- Investors Double Down on Pangea Cyber API Security Bet
Copyright © 2022 Wired Business Media. All Rights Reserved. Privacy Policy