Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

SYN Ventures is leading a $23 million Series A investment in RevealSecurity, a startup building technology to thwart malicious insider threats. [Read More]
Disguised as a cryptocurrency miner, Malibot focuses on stealing financial information, cryptocurrency wallets, and personally identifiable information (PII). [Read More]
Big-game malware hunters at Volexity call attention to a sophisticated Chinese APT caught recently exploiting a Sophos firewall zero-day to plant backdoors and launch man-in-the-middle attacks. [Read More]
Radian Capital leads a $15 million Series A investment in threat intelligence startup GreyNoise. [Read More]
An Israeli startup promising technology to help developers simplify security has banked an eye-opening $38.5 million in seed-stage funding. [Read More]
Adobe warned of “critical” code execution flaws that expose both Windows and macOS users to malicious hacker attacks. [Read More]
L3 Technologies, a U.S. government contractor that sells aerospace and defense technology, has emerged as a "leading candidate" to acquire Israeli exploit merchant NSO Group. [Read More]
Based on the Adore-Ng rootkit, a new, under-development Linux rootkit dubbed Syslogk is hiding the Rekoobe backdoor on infected systems. [Read More]
A pair of high-risk flaws in a third-party library exposes Drupal-powered websites to remote takeover attacks. [Read More]
Backup-as-a-service firm HYCU has raised $53 million in a Series B funding round led by Acrew Capital. [Read More]

FEATURES, INSIGHTS // Phishing

rss icon

Jeff Orloff's picture
Most organizations rely too heavily on their cybersecurity pros to protect them from threats, ignoring the painful reality that human error is by far the most common cause of security breaches.
Keith Ibarguen's picture
Leveraging humans for detection makes it hard for the attackers to predict whether or not their malicious emails will be identified and using technology to automate response provides scale and speed in resolution.
Torsten George's picture
Vishing is a form of criminal phone fraud, combining one-on-one phone calls with custom phishing sites.
Alastair Paterson's picture
The barriers to entering the field of cybercrime have been significantly lowered, and for modest amounts of money, would-be scammers can buy high-quality phishing tools online.
Torsten George's picture
Most of today’s cyber-attacks are front ended by phishing campaigns. So, what can organizations do to prevent their users from falling for the bait of these attacks?
Laurence Pitt's picture
Many of us are familiar with the two most common types of socially engineered attacks – phishing and spear-phishing – but there are many more to be aware of.
Alastair Paterson's picture
Domain name typo-squatting is an established tactic in the world of cybercrime.
Alastair Paterson's picture
Cybercriminals rely on tried and trusted methods for phishing; as long as there is even a four percent chance that phishing techniques will be successful, they will continue to use them.
Siggi Stefnisson's picture
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
Alastair Paterson's picture
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.