Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Mozilla fixes multiple high-severity vulnerabilities with the release of Firefox 96, Firefox ESR 91.5, and Thunderbird 91.5. [Read More]
Microsoft’s first batch of patches for 2022 cover at least 97 security flaws, including a critical HTTP Protocol Stack bug described as “wormable.” [Read More]
Celebrated cryptographer Moxie Marlinspike is stepping down as chief executive at Signal, the encrypted messaging app he created more than a decade ago. [Read More]
The non-profit group says companies that ship open-source code should do much more to help with security audits and fixes. [Read More]
The U.K.’s National Health Service warns that an unknown threat actor is successfully hitting vulnerable VMWare Horizon servers with Log4j exploits. [Read More]
US government agencies and cybersecurity companies have issued fresh warnings over the abuse of Google services. [Read More]
Researchers document a credential -stealing banking malware campaign exploiting Microsoft's digital signature verification. [Read More]
VMware ships patches for heap-overflow vulnerability that could lead to code execution attacks. [Read More]
Recorded Future snaps up SecurityTrails for a direct entry into the booming attack surface management business. [Read More]
The Goldman Sachs-owned startup formerly known as White Ops is planning on global expansion and new industry categories. [Read More]
FEATURES, INSIGHTS // Email Security
To mitigate the risk of attacks, IT teams should disable unused tools and components, while deploying endpoint protection that doesn’t rely solely on file scanning or whitelisting.
DMARC is an email authentication standard designed to eliminate phishing and other types of attack that use spoofing to misrepresent an email sender identity.
Endpoint protection will never be able to catch up with “known wolves,” but machine learning and artificial perception can change the rules of engagement with models of “known good.”
Conventional email security solutions may defend against spam, viruses, and malware, but they don’t defend against ignorance or egregious stupidity.
As data moves online, social engineering techniques have become far more personalized, technologically advanced and ultimately successful.
Yahoo's “Account Key” uses push notifications to their Yahoo Mail app on mobile devices. Will this securely replace passwords and two-factor authentication?
In the case of Hilary Clinton's personal email server, we know that Top Secret information was transmitted over a network that likely wasn’t equipped to safeguard it. If her server was a target of foreign state actors, the implications are frightening.
Today’s email-based attacks don’t occur at a single point in time and use multiple methods to evade detection. To bolster protection, organizations may turn to a set of disparate products that don’t – and can’t – work together.
Recent high-profile security breaches at major retailers stem from the fact that in-store networks and their components are evolving and spawning a range of attack vectors.
Many continue to click on links or attachments sent via email without taking any steps to verify the origin of the email or the validity of the link or attachment. It only takes one click to for an attacker to establish a foothold in the target’s systems.
Get the Daily Briefing
- Outlook Security Feature Bypass Allowed Sending Malicious Links
- Attack Surface Management Play Censys Scores $35M Investment
- French Ministry of Justice Targeted in Ransomware Attack
- Microsoft Saw Record-Breaking DDoS Attacks Exceeding 3 Tbps
- US Says National Water Supply 'Absolutely' Vulnerable to Hackers
- REvil Ransomware Operations Apparently Unaffected by Recent Arrests
- White House Publishes Federal Zero Trust Strategy
- Software Supply Chain Protection Startup Scribe Security Raises $7 Million
- VMware Warns of Log4j Attacks Targeting Horizon Servers
- QNAP Warns NAS Users of DeadBolt Ransomware Attacks
Copyright © 2022 Wired Business Media. All Rights Reserved. Privacy Policy