Security Experts:

Email Security
long dotted


Kaspersky Lab has updated its Secure Mail Gateway to resolve a series of vulnerabilities that could lead to account takeover, code execution, and privilege escalation. [Read More]
Kaspersky expands SMB offering with a new product designed to provide an extra layer of security for the Exchange Online email service in Office 365 [Read More]
Insurance companies and non-profit organizations are most likely to fall for phishing attacks, according to a study of 6 million users conducted by KnowBe4 [Read More]
Cisco patches high severity vulnerabilities, including privilege escalation and DoS, in email security, NX-OS and collaboration products [Read More]
Russia-linked hackers leaked private correspondence between International Olympic Committee officials in response to Russia being banned from the Pyeongchang 2018 Winter Games [Read More]
DMARC implemented on roughly half of US government domains as a result of a DHS directive, but only 16% quarantine or reject unauthenticated emails [Read More]
The Necurs botnet ended the year sending tens of millions of spam emails daily as part of massive ransomware distribution campaigns. [Read More]
Facebook introduces simple new security feature to help users check if the emails they receive are legitimate or part of a phishing campaign [Read More]
Nigerian national David Chukwuneke Adindu sentenced by a U.S. court to 41 months in prison for his role in BEC scams [Read More]
Netherlands-based security firm Fox-IT revealed that it was the victim of an MitM attack after hackers changed DNS records at its domain registrar [Read More]

FEATURES, INSIGHTS // Email Security

rss icon

Josh Lefkowitz's picture
Even organizations with the most robust defense solutions and advanced automated technologies cannot effectively combat threats such as BEC without the adequate support and nuanced expertise of humans.
Jack Danahy's picture
To mitigate the risk of attacks, IT teams should disable unused tools and components, while deploying endpoint protection that doesn’t rely solely on file scanning or whitelisting.
Markus Jakobsson's picture
DMARC is an email authentication standard designed to eliminate phishing and other types of attack that use spoofing to misrepresent an email sender identity.
Markus Jakobsson's picture
Endpoint protection will never be able to catch up with “known wolves,” but machine learning and artificial perception can change the rules of engagement with models of “known good.”
Erin O’Malley's picture
Conventional email security solutions may defend against spam, viruses, and malware, but they don’t defend against ignorance or egregious stupidity.
Bill Sweeney's picture
As data moves online, social engineering techniques have become far more personalized, technologically advanced and ultimately successful.
Travis Greene's picture
Yahoo's “Account Key” uses push notifications to their Yahoo Mail app on mobile devices. Will this securely replace passwords and two-factor authentication?
Travis Greene's picture
In the case of Hilary Clinton's personal email server, we know that Top Secret information was transmitted over a network that likely wasn’t equipped to safeguard it. If her server was a target of foreign state actors, the implications are frightening.
Marc Solomon's picture
Today’s email-based attacks don’t occur at a single point in time and use multiple methods to evade detection. To bolster protection, organizations may turn to a set of disparate products that don’t – and can’t – work together.
Marc Solomon's picture
Recent high-profile security breaches at major retailers stem from the fact that in-store networks and their components are evolving and spawning a range of attack vectors.