Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
A threat group linked to Iran has targeted a U.S.-based research company whose services are used by businesses and government organizations. [Read More]
A targeted phishing campaign against government entities in Persian Gulf and Middle East countries is leveraging the killing of Iranian general Qasem Suleimani. [Read More]
16Shop offers its phishing kit as a malware-as-a-service (MaaS) and includes several features designed to make it more resilient against defenders, and easier to use by wannabe hackers. [Read More]
A phishing campaign apparently aimed at Ukrainian gas company Burisma has been linked by researchers to the Russian hacker group APT28. [Read More]
Google sent out over 12,000 state-sponsored phishing warnings to users in 149 countries in the third quarter of 2019. [Read More]
Louisiana governor reveals that a ransomware attack hit state servers, prompting a response from the state’s cyber-security team. [Read More]
Venafi has uncovered over 100,000 fake domains with valid TLS certificates that mimic the domains of 20 major retailers in the US, UK, Australia, Germany and France. [Read More]
While there are policy, technology and training solutions that can help mitigate the spear phishing threat, it doesn't seem as if any are foolproof. [Read More]
A currently ongoing mobile-aware phishing campaign is targeting various non-governmental entities worldwide, including United Nations humanitarian organizations such as UNICEF. [Read More]
Texas man found guilty of hacking into the Los Angeles Superior Court computer system and abusing it to send phishing emails was sentenced to 145 months in federal prison. [Read More]
- 1 of 26
- ››
FEATURES, INSIGHTS // Phishing
Most of today’s cyber-attacks are front ended by phishing campaigns. So, what can organizations do to prevent their users from falling for the bait of these attacks?
Many of us are familiar with the two most common types of socially engineered attacks – phishing and spear-phishing – but there are many more to be aware of.
Domain name typo-squatting is an established tactic in the world of cybercrime.
Cybercriminals rely on tried and trusted methods for phishing; as long as there is even a four percent chance that phishing techniques will be successful, they will continue to use them.
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
If phishing attacks slip past the first line of defense, security teams need to be able to identify suspicious activity and stop it before hackers can learn enough about their enterprise to execute a full attack.
Even organizations with the most robust defense solutions and advanced automated technologies cannot effectively combat threats such as BEC without the adequate support and nuanced expertise of humans.
Even though I've been analyzing malware for the past 20 years, I do understand that internet security is not merely a technical problem, but also a business problem.
- 1 of 4
- ››
Subscribe to the Daily Briefing
- OpenSMTPD Vulnerability Leads to Command Injection
- Is Conditional Access the Right Approach to Authentication? It Depends.
- UK Financial Regulator Admits to Data Breach
- Firefox Gets DNS-over-HTTPS as Default in U.S.
- Samsung Says it Leaked Data on Handful of UK Customers
- RSA Conference 2020: Product Announcement Summary (Day 2)
- Over 100 Vulnerabilities Patched in MyBB in Past 5 Years
- State-Sponsored Cyberspies Use Sophisticated Server Firewall Bypass Technique
- Zyxel Patches Zero-Day Vulnerability in Network Storage Products
- KPMG on Key Cybersecurity Considerations for 2020
Copyright © 2020 Wired Business Media. All Rights Reserved. Privacy Policy