Security Experts:

Email Security
long dotted

NEWS & INDUSTRY UPDATES

A recently observed spam campaign powered by the infamous Necurs botnet has been specifically targeting banks with the FlawedAmmyy RAT, security researchers warn. [Read More]
Attackers managed to infect tens of thousands of MikroTik network routers in Brazil with code that would inject the CoinHive in-browser crypto-mining script in users’ traffic. [Read More]
A survey of 650 IT and IT security professionals found disconnect between concerns about email threats and fraud and the lack of action taken by companies represented in the study. [Read More]
Email and data security firm Mimecast has acquired threat detection firm Solebit for approximately $88 million net of cash acquired. [Read More]
More than half of U.S. government agencies have properly implemented the DMARC email security standard in response to a binding operational directive from the DHS [Read More]
Email security firm GreatHorn wanted to examine the state of email security today, nearly fifty years after email was first developed. [Read More]
Symantec announces availability of Email Threat Isolation, a new solution designed to protect enterprises against phishing, account hijacking, and other attacks [Read More]
The losses and potential losses reported as a result of business email compromise (BEC) and email account compromise (EAC) scams exceed over $12 billion globally, says the FBI [Read More]
London, UK-based email archiving and security firm Mimecast has acquired Bethesda, Md-based security training company Ataata. Financial terms of the acquisition have not been disclosed. [Read More]
ProtonMail hit by significant DDoS attack apparently carried out by a group that claims to have ties to Russia [Read More]

FEATURES, INSIGHTS // Email Security

rss icon

Siggi Stefnisson's picture
Ninety percent of breaches may begin with an email, but today most of the action happens well after an inbound email has been scanned and delivered.
Josh Lefkowitz's picture
Even organizations with the most robust defense solutions and advanced automated technologies cannot effectively combat threats such as BEC without the adequate support and nuanced expertise of humans.
Jack Danahy's picture
To mitigate the risk of attacks, IT teams should disable unused tools and components, while deploying endpoint protection that doesn’t rely solely on file scanning or whitelisting.
Markus Jakobsson's picture
DMARC is an email authentication standard designed to eliminate phishing and other types of attack that use spoofing to misrepresent an email sender identity.
Markus Jakobsson's picture
Endpoint protection will never be able to catch up with “known wolves,” but machine learning and artificial perception can change the rules of engagement with models of “known good.”
Erin O’Malley's picture
Conventional email security solutions may defend against spam, viruses, and malware, but they don’t defend against ignorance or egregious stupidity.
Bill Sweeney's picture
As data moves online, social engineering techniques have become far more personalized, technologically advanced and ultimately successful.
Travis Greene's picture
Yahoo's “Account Key” uses push notifications to their Yahoo Mail app on mobile devices. Will this securely replace passwords and two-factor authentication?
Travis Greene's picture
In the case of Hilary Clinton's personal email server, we know that Top Secret information was transmitted over a network that likely wasn’t equipped to safeguard it. If her server was a target of foreign state actors, the implications are frightening.
Marc Solomon's picture
Today’s email-based attacks don’t occur at a single point in time and use multiple methods to evade detection. To bolster protection, organizations may turn to a set of disparate products that don’t – and can’t – work together.