Security Experts:

Email Security
long dotted

NEWS & INDUSTRY UPDATES

Vast majority of the exhibitors at the RSA Conference have not implemented DMARC on their primary domains, opening the door to fraudulent and fake emails [Read More]
Trend Micro unveils Writing Style DNA, an AI-powered capability that uses writing style analysis to detect business email compromise (BEC) attacks [Read More]
Cisco has launched new email security services to protect users from email attacks, as well as new capabilities to protect devices from ransomware, cryptomining, and fileless malware. [Read More]
Cloudflare launches Spectrum, a new service designed to extend the company’s DDoS and other protections to gaming, remote access, email and other services [Read More]
Ransomware is the most prevalent type of malware and it increasingly targets business-critical systems, according to Verizon’s 2018 Data Breach Investigations Report (DBIR) [Read More]
Multiple critical vulnerabilities impacting SecurEnvoy SecurMail could result in an attacker being able to read encrypted emails and even delete or overwrite messages in a user’s inbox. [Read More]
A investigation led to the arrest of one French and one Belgian national for their part in large scale CEO fraud (also known as business email compromise -- BEC). [Read More]
Researchers discover a dozen vulnerabilities in Trend Micro’s Email Encryption Gateway. Most of them have been patched [Read More]
A new business email compromise (BEC) campaign is targeting accounts payable personnel at Fortune 500 companies in an attempt to trick victims into initiating fraudulent wire transactions to attacker-controlled accounts, IBM warns. [Read More]
Maliciously modified copies of popular applications distributed via the MacUpdate site were observed installing crypto-mining malware on the users’ Macs. [Read More]

FEATURES, INSIGHTS // Email Security

rss icon

Josh Lefkowitz's picture
Even organizations with the most robust defense solutions and advanced automated technologies cannot effectively combat threats such as BEC without the adequate support and nuanced expertise of humans.
Jack Danahy's picture
To mitigate the risk of attacks, IT teams should disable unused tools and components, while deploying endpoint protection that doesn’t rely solely on file scanning or whitelisting.
Markus Jakobsson's picture
DMARC is an email authentication standard designed to eliminate phishing and other types of attack that use spoofing to misrepresent an email sender identity.
Markus Jakobsson's picture
Endpoint protection will never be able to catch up with “known wolves,” but machine learning and artificial perception can change the rules of engagement with models of “known good.”
Erin O’Malley's picture
Conventional email security solutions may defend against spam, viruses, and malware, but they don’t defend against ignorance or egregious stupidity.
Bill Sweeney's picture
As data moves online, social engineering techniques have become far more personalized, technologically advanced and ultimately successful.
Travis Greene's picture
Yahoo's “Account Key” uses push notifications to their Yahoo Mail app on mobile devices. Will this securely replace passwords and two-factor authentication?
Travis Greene's picture
In the case of Hilary Clinton's personal email server, we know that Top Secret information was transmitted over a network that likely wasn’t equipped to safeguard it. If her server was a target of foreign state actors, the implications are frightening.
Marc Solomon's picture
Today’s email-based attacks don’t occur at a single point in time and use multiple methods to evade detection. To bolster protection, organizations may turn to a set of disparate products that don’t – and can’t – work together.
Marc Solomon's picture
Recent high-profile security breaches at major retailers stem from the fact that in-store networks and their components are evolving and spawning a range of attack vectors.