Security Experts:

Email Security
long dotted

NEWS & INDUSTRY UPDATES

Cisco patches critical and high severity DoS vulnerabilities that can be exploited remotely without authentication in its Email Security Appliance. [Read More]
A DNS hijacking campaign targeting government, telecoms and commercial entities around the world has been linked to Iran. [Read More]
FireEye has added several important features to its Email Security - Server Edition product. [Read More]
A phishing template used in recent attacks targeting customers of a major U.S. bank uses fake fonts to evade detection, Proofpoint security researchers warn. [Read More]
A wave of bomb threats emailed to hundreds of schools, businesses and government buildings across the U.S. triggered searches, evacuations and fear — but there were no signs of explosives, and authorities said the scare appeared to be a crude extortion attempt. [Read More]
Thousands of emails were stolen from the hacked accounts of aides to the National Republican Congressional Committee (NRCC) during the 2018 midterm campaign. [Read More]
There is not enough evidence to attribute a recent wave of spear-phishing emails impersonating personnel at the United States Department of State to Russian hackers, Microsoft says. [Read More]
Anti-phishing firm Cofense (formerly PhishMe) has discovered an uptick in the use of .com file extensions in phishing email attacks. [Read More]
GreatHorn has expanded its machine-learning phishing protection system into a complete email security platform that addresses every potential stage of a phishing attack with integrated threat detection, protection, and incident response. [Read More]
A newly discovered botnet that appears designed to send spam emails likely infected around 400,000 machines to date, 360 Netlab security researchers warn. [Read More]

FEATURES, INSIGHTS // Email Security

rss icon

Siggi Stefnisson's picture
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
Alastair Paterson's picture
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
Siggi Stefnisson's picture
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
Siggi Stefnisson's picture
Ninety percent of breaches may begin with an email, but today most of the action happens well after an inbound email has been scanned and delivered.
Josh Lefkowitz's picture
Even organizations with the most robust defense solutions and advanced automated technologies cannot effectively combat threats such as BEC without the adequate support and nuanced expertise of humans.
Jack Danahy's picture
To mitigate the risk of attacks, IT teams should disable unused tools and components, while deploying endpoint protection that doesn’t rely solely on file scanning or whitelisting.
Markus Jakobsson's picture
DMARC is an email authentication standard designed to eliminate phishing and other types of attack that use spoofing to misrepresent an email sender identity.
Markus Jakobsson's picture
Endpoint protection will never be able to catch up with “known wolves,” but machine learning and artificial perception can change the rules of engagement with models of “known good.”
Erin O’Malley's picture
Conventional email security solutions may defend against spam, viruses, and malware, but they don’t defend against ignorance or egregious stupidity.
Bill Sweeney's picture
As data moves online, social engineering techniques have become far more personalized, technologically advanced and ultimately successful.