Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Mozilla has completely removed support for the File Transfer Protocol (FTP) from in the latest release of its flagship Firefox browser. [Read More]
Intezer warns that threat actors are abusing Argo Workflows to target Kubernetes deployments and deploy crypto-miners. [Read More]
New Google Cloud offerings aim to help federal, state, and local government organizations in the U.S. implement zero-trust architecture. [Read More]
The CloudKnox deal is Microsoft’s fourth cybersecurity acquisition over the last 12 months and comes just weeks after Redmond announced plans to purchase threat-intelligence vendor RiskIQ. [Read More]
Microsoft secures a court order to take down malicious domains that impersonate legitimate organizations. [Read More]
Networking gear vendor Juniper Networks ships product updates to address critical security vulnerabilities. [Read More]
Microsoft's security response team late Thursday acknowledged a new, unpatched bug that exposes Windows users to privilege escalation attacks. [Read More]
A security flaw in Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software could allow a remote attacker to trigger a denial-of-service condition. [Read More]
The search advertising giant released a Chrome security refresh overnight with a warning that malicious hackers are actively exploiting a critical type confusion vulnerability to launch malware attacks. [Read More]
Microsoft partners with Citizen Lab to identify a mysterious commercial surveillance company in Israel selling zero-days and high-end spyware to government hackers. [Read More]
- 1 of 52
- ››
FEATURES, INSIGHTS // Email Security
Leveraging humans for detection makes it hard for the attackers to predict whether or not their malicious emails will be identified and using technology to automate response provides scale and speed in resolution.
SPF, DMARC and DKIM are three email security methods that work together to prevent unauthorized third parties from sending emails on behalf of a domain.
Organizations may not be able to mitigate BEC scams entirely; however, tightening up processes will ensure data exposure is kept to a minimum.
By learning from the past there are many steps we can take to strength our approach to security as attackers continue to turn to email to help accomplish their mission.
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
Ninety percent of breaches may begin with an email, but today most of the action happens well after an inbound email has been scanned and delivered.
Even organizations with the most robust defense solutions and advanced automated technologies cannot effectively combat threats such as BEC without the adequate support and nuanced expertise of humans.
To mitigate the risk of attacks, IT teams should disable unused tools and components, while deploying endpoint protection that doesn’t rely solely on file scanning or whitelisting.
- 1 of 4
- ››
Get the Daily Briefing
- US Acting to Better Protect Infrastructure From Cyberthreats
- Foxit Plugs Multiple Security Holes in PDF Reader, Editor
- US Gov Warning: VPN, Network Perimeter Product Flaws Under Constant Attack
- Cyber Asset Management Platform Noetic Launches With $20 Million in Funding
- Hospital Network Reveals Cause of 2020 Cyberattack
- Leveraging People in the Email Security Battle
- Survey Shows Reasons for Cloud Misconfigurations are Many and Complex
- University of San Diego Health Says Personal Information Stolen in Data Breach
- Iranian Spies Maintained Social Media Persona for Years Before Targeting Defense Contractor
- IBM: Average Cost of Data Breach Exceeds $4.2 Million
Copyright © 2021 Wired Business Media. All Rights Reserved. Privacy Policy