Security Experts:

Email Security
long dotted


DMARC has been fully implemented on two thirds of U.S. government domains, but there’s less than a month until all domains should be compliant with BOD 18-01 [Read More]
Loki Bot’s operators have been fairly active over the past couple of months, targeting corporate mailboxes with their spam messages, Kaspersky Lab reports. [Read More]
The belief that spammers would rush to register new domains under new GDPR-enforced anonymity; and that spam would spike once GDPR became effective in May 2018. It hasn't happened. [Read More]
The latest ESRA report from Mimecast indicates just why email attacks are so loved by cybercriminals, and why organizations need to take email security more seriously. [Read More]
Cyber threat intelligence firm RiskIQ runs about 2 billion virtual user requests every day to search out malicious activity across the Internet. [Read More]
The use of DMARC to prevent exact-domain sender spoofing is growing -- but it is difficult to configure correctly and completely. [Read More]
A recently observed spam campaign powered by the infamous Necurs botnet has been specifically targeting banks with the FlawedAmmyy RAT, security researchers warn. [Read More]
Attackers managed to infect tens of thousands of MikroTik network routers in Brazil with code that would inject the CoinHive in-browser crypto-mining script in users’ traffic. [Read More]
A survey of 650 IT and IT security professionals found disconnect between concerns about email threats and fraud and the lack of action taken by companies represented in the study. [Read More]
Email and data security firm Mimecast has acquired threat detection firm Solebit for approximately $88 million net of cash acquired. [Read More]

FEATURES, INSIGHTS // Email Security

rss icon

Siggi Stefnisson's picture
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
Siggi Stefnisson's picture
Ninety percent of breaches may begin with an email, but today most of the action happens well after an inbound email has been scanned and delivered.
Josh Lefkowitz's picture
Even organizations with the most robust defense solutions and advanced automated technologies cannot effectively combat threats such as BEC without the adequate support and nuanced expertise of humans.
Jack Danahy's picture
To mitigate the risk of attacks, IT teams should disable unused tools and components, while deploying endpoint protection that doesn’t rely solely on file scanning or whitelisting.
Markus Jakobsson's picture
DMARC is an email authentication standard designed to eliminate phishing and other types of attack that use spoofing to misrepresent an email sender identity.
Markus Jakobsson's picture
Endpoint protection will never be able to catch up with “known wolves,” but machine learning and artificial perception can change the rules of engagement with models of “known good.”
Erin O’Malley's picture
Conventional email security solutions may defend against spam, viruses, and malware, but they don’t defend against ignorance or egregious stupidity.
Bill Sweeney's picture
As data moves online, social engineering techniques have become far more personalized, technologically advanced and ultimately successful.
Travis Greene's picture
Yahoo's “Account Key” uses push notifications to their Yahoo Mail app on mobile devices. Will this securely replace passwords and two-factor authentication?
Travis Greene's picture
In the case of Hilary Clinton's personal email server, we know that Top Secret information was transmitted over a network that likely wasn’t equipped to safeguard it. If her server was a target of foreign state actors, the implications are frightening.