Security Experts:

Email Security
long dotted

NEWS & INDUSTRY UPDATES

Mozilla has completely removed support for the File Transfer Protocol (FTP) from in the latest release of its flagship Firefox browser. [Read More]
Intezer warns that threat actors are abusing Argo Workflows to target Kubernetes deployments and deploy crypto-miners. [Read More]
New Google Cloud offerings aim to help federal, state, and local government organizations in the U.S. implement zero-trust architecture. [Read More]
The CloudKnox deal is Microsoft’s fourth cybersecurity acquisition over the last 12 months and comes just weeks after Redmond announced plans to purchase threat-intelligence vendor RiskIQ. [Read More]
Microsoft secures a court order to take down malicious domains that impersonate legitimate organizations. [Read More]
Networking gear vendor Juniper Networks ships product updates to address critical security vulnerabilities. [Read More]
Microsoft's security response team late Thursday acknowledged a new, unpatched bug that exposes Windows users to privilege escalation attacks. [Read More]
A security flaw in Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software could allow a remote attacker to trigger a denial-of-service condition. [Read More]
The search advertising giant released a Chrome security refresh overnight with a warning that malicious hackers are actively exploiting a critical type confusion vulnerability to launch malware attacks. [Read More]
Microsoft partners with Citizen Lab to identify a mysterious commercial surveillance company in Israel selling zero-days and high-end spyware to government hackers. [Read More]

FEATURES, INSIGHTS // Email Security

rss icon

Keith Ibarguen's picture
Leveraging humans for detection makes it hard for the attackers to predict whether or not their malicious emails will be identified and using technology to automate response provides scale and speed in resolution.
Idan Aharoni's picture
SPF, DMARC and DKIM are three email security methods that work together to prevent unauthorized third parties from sending emails on behalf of a domain.
Alastair Paterson's picture
Organizations may not be able to mitigate BEC scams entirely; however, tightening up processes will ensure data exposure is kept to a minimum.
Ashley Arbuckle's picture
By learning from the past there are many steps we can take to strength our approach to security as attackers continue to turn to email to help accomplish their mission.
Siggi Stefnisson's picture
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
Alastair Paterson's picture
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
Siggi Stefnisson's picture
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
Siggi Stefnisson's picture
Ninety percent of breaches may begin with an email, but today most of the action happens well after an inbound email has been scanned and delivered.
Josh Lefkowitz's picture
Even organizations with the most robust defense solutions and advanced automated technologies cannot effectively combat threats such as BEC without the adequate support and nuanced expertise of humans.
Jack Danahy's picture
To mitigate the risk of attacks, IT teams should disable unused tools and components, while deploying endpoint protection that doesn’t rely solely on file scanning or whitelisting.