Security Experts:

Email Security
long dotted

NEWS & INDUSTRY UPDATES

Email provider VFEmail was hit by a destructive attack, where a hacker who accessed its network was able to erase its servers in the United States, including the backup systems. [Read More]
A group of scammers has been abusing a Gmail feature that gives users control over all dotted versions of their Gmail addresses. [Read More]
The check-in links sent via email or SMS by several major airlines from around the world can allow hackers to obtain passengers’ personal information and possibly make changes to their booking. [Read More]
A U.S. judge has rejected Yahoo’s data breach settlement, citing, among other things, inadequate disclosure of the settlement fund and high attorney fees. [Read More]
Email security firm, Mimecast, has acquired Simply Migrate (a cloud migration specialist) for an undisclosed sum on January 29, 2019. [Read More]
Microsoft Exchange 2013 and newer versions allow an attacker to escalate privileges when performing a NT LAN Manager (NTLM) relay attack. [Read More]
Spam campaigns that have active during the last several months have been distributing the Redaman banking malware, Palo Alto Networks security researchers say. [Read More]
Alphabet’s Jigsaw unit has published a quiz that tests users’ ability to identify phishing attacks and teaches them what signs to look for to determine if a message is legitimate or not. [Read More]
DHS issues an emergency directive instructing federal agencies to take measures to mitigate DNS hijacking attacks after several government domains were targeted by malicious actors. [Read More]
Barracuda Networks this week announced automated incident response capabilities are now available for customers using its Total Email Protection solution. [Read More]

FEATURES, INSIGHTS // Email Security

rss icon

Erin O’Malley's picture
Conventional email security solutions may defend against spam, viruses, and malware, but they don’t defend against ignorance or egregious stupidity.
Bill Sweeney's picture
As data moves online, social engineering techniques have become far more personalized, technologically advanced and ultimately successful.
Travis Greene's picture
Yahoo's “Account Key” uses push notifications to their Yahoo Mail app on mobile devices. Will this securely replace passwords and two-factor authentication?
Travis Greene's picture
In the case of Hilary Clinton's personal email server, we know that Top Secret information was transmitted over a network that likely wasn’t equipped to safeguard it. If her server was a target of foreign state actors, the implications are frightening.
Marc Solomon's picture
Today’s email-based attacks don’t occur at a single point in time and use multiple methods to evade detection. To bolster protection, organizations may turn to a set of disparate products that don’t – and can’t – work together.
Marc Solomon's picture
Recent high-profile security breaches at major retailers stem from the fact that in-store networks and their components are evolving and spawning a range of attack vectors.
Marc Solomon's picture
Many continue to click on links or attachments sent via email without taking any steps to verify the origin of the email or the validity of the link or attachment. It only takes one click to for an attacker to establish a foothold in the target’s systems.
Jon-Louis Heimerl's picture
Social engineering attacks can happen at any time. Here are some strategies you can use to help reduce the chances of a successful social engineering/phishing attack you or your organization.
Jon-Louis Heimerl's picture
Was the Mayan Apocalypse was a myth? Since I am a security geek, I just happen to talk about security a lot. What are some security myths I have heard in my conversations with some very bright people?
Tal Be'ery's picture
In this column, Tal analyzes the technical details of the DKIM vulnerability, evaluates possible implications of the exploit, and points to some general lessons.