Security Experts:

Email Security
long dotted

NEWS & INDUSTRY UPDATES

The 47-minute outage last Monday, which severely affected operations at workplaces and schools globally, was caused by a bug in an automated quota management system that powers the Google User ID Service. [Read More]
The iOS 14.3 and iPadOS 14.3 relese will provide cover for 11 documented security flaws, some serious enough to expose iPhones and iPads to code execution attacks. [Read More]
Guardicore warns that 250,000 MySQL databases from 83,000 victims have been compromised in an ongoing ransomware campaign. [Read More]
At the Black Hat Europe security conference, a researcher shows how one simple link can compromise the entire contents of an unknown PDF. [Read More]
The FBI has issued a notification to warn organizations of scammers setting up auto-forwarding email rules to facilitate BEC schemes. [Read More]
Microsoft this week announced two new features meant to improve the security of priority accounts in Microsoft 365. [Read More]
Email security solutions provider Abnormal Security on Wednesday announced raising $50 million in a Series B funding round, which brings the total raised by the company to $75 million. [Read More]
A threat actor specializing in business email compromise (BEC) attacks has been spotted exploiting a vulnerability to spoof the domains of Rackspace customers. [Read More]
A newly detailed business email compromise (BEC) campaign has resulted in more than $15 million being diverted from at least 150 organizations worldwide. [Read More]
Google has patched a Gmail/G Suite email spoofing vulnerability that was reported to the company nearly 140 days ago, but the fix only came after its public disclosure. [Read More]

FEATURES, INSIGHTS // Email Security

rss icon

Erin O’Malley's picture
Conventional email security solutions may defend against spam, viruses, and malware, but they don’t defend against ignorance or egregious stupidity.
Bill Sweeney's picture
As data moves online, social engineering techniques have become far more personalized, technologically advanced and ultimately successful.
Travis Greene's picture
Yahoo's “Account Key” uses push notifications to their Yahoo Mail app on mobile devices. Will this securely replace passwords and two-factor authentication?
Travis Greene's picture
In the case of Hilary Clinton's personal email server, we know that Top Secret information was transmitted over a network that likely wasn’t equipped to safeguard it. If her server was a target of foreign state actors, the implications are frightening.
Marc Solomon's picture
Today’s email-based attacks don’t occur at a single point in time and use multiple methods to evade detection. To bolster protection, organizations may turn to a set of disparate products that don’t – and can’t – work together.
Marc Solomon's picture
Recent high-profile security breaches at major retailers stem from the fact that in-store networks and their components are evolving and spawning a range of attack vectors.
Marc Solomon's picture
Many continue to click on links or attachments sent via email without taking any steps to verify the origin of the email or the validity of the link or attachment. It only takes one click to for an attacker to establish a foothold in the target’s systems.
Jon-Louis Heimerl's picture
Social engineering attacks can happen at any time. Here are some strategies you can use to help reduce the chances of a successful social engineering/phishing attack you or your organization.
Jon-Louis Heimerl's picture
Was the Mayan Apocalypse was a myth? Since I am a security geek, I just happen to talk about security a lot. What are some security myths I have heard in my conversations with some very bright people?
Tal Be'ery's picture
In this column, Tal analyzes the technical details of the DKIM vulnerability, evaluates possible implications of the exploit, and points to some general lessons.