Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
VMware releases an urgent security patch for a flaw in its vCenter Server product and warned users to expect public exploit code within minutes of disclosure. [Read More]
Cisco Talos researchers say the backdoor is installed as a service and constantly contacts its command and control (C&C) to receive commands. [Read More]
The iOS 15 makeover also includes patches for at least 22 documented security vulnerabilities, some serious enough to expose iPhone and iPad users to arbitrary code execution attacks. [Read More]
Endpoint security platform Kolide gets a fresh round of capital from venture capital investors. [Read More]
Google announced plans to support the Open Source Technology Improvement Fund in launching its Managed Audit Program to review critical open source projects. [Read More]
The patch comes exactly one week after the Redmond, Wash. software giant acknowledged the CVE-2021-40444 security defect and confirmed the existence of in-the-wild exploitation via booby-trapped Microsoft Office documents. [Read More]
Google joins Apple and Microsoft in warning about zero-day flaws being exploited in the wild. This time the target is the popular Google Chrome browser. [Read More]
Apple ships fixes for a pair of iOS and macOS security defects alongside a warning that these issues belong in the “actively exploited” zero-day category. [Read More]
Hackers leaked online credentials stolen from 87,000 VPN devices, affecting roughly 22,500 victims worldwide, including nearly 3,000 in the United States. [Read More]
Tenable makes its priciest acquisition to date and expands its product portfolio with capabilities to detect security problems in code before they become operational security risks. [Read More]
- 1 of 58
- ››
FEATURES, INSIGHTS // Email Security
Leveraging humans for detection makes it hard for the attackers to predict whether or not their malicious emails will be identified and using technology to automate response provides scale and speed in resolution.
SPF, DMARC and DKIM are three email security methods that work together to prevent unauthorized third parties from sending emails on behalf of a domain.
Organizations may not be able to mitigate BEC scams entirely; however, tightening up processes will ensure data exposure is kept to a minimum.
By learning from the past there are many steps we can take to strength our approach to security as attackers continue to turn to email to help accomplish their mission.
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
Ninety percent of breaches may begin with an email, but today most of the action happens well after an inbound email has been scanned and delivered.
Even organizations with the most robust defense solutions and advanced automated technologies cannot effectively combat threats such as BEC without the adequate support and nuanced expertise of humans.
To mitigate the risk of attacks, IT teams should disable unused tools and components, while deploying endpoint protection that doesn’t rely solely on file scanning or whitelisting.
- 1 of 4
- ››
Get the Daily Briefing
- Google Says Threat Actors Using New Code Signing Tricks to Evade Detection
- SonicWall Patches Critical Vulnerability in SMA Appliances
- LG to Acquire Vehicle Cybersecurity Firm Cybellum
- CISA Opens IPv6 Guidance to Public Feedback
- Port of Houston Target of Suspected Nation-State Hack
- F5 to Acquire Threat Stack for $68 Million in Cash
- Working Securely From Anywhere With Zero Trust
- Apple Confirms New Zero-Day Attacks on Older iPhones
- Improving Security Posture to Lower Insurance Premiums
- Web Security Provider Jscrambler Raises $15 Million
Copyright © 2021 Wired Business Media. All Rights Reserved. Privacy Policy