Security Experts:

Email Security
long dotted

NEWS & INDUSTRY UPDATES

Symantec announces availability of Email Threat Isolation, a new solution designed to protect enterprises against phishing, account hijacking, and other attacks [Read More]
The losses and potential losses reported as a result of business email compromise (BEC) and email account compromise (EAC) scams exceed over $12 billion globally, says the FBI [Read More]
London, UK-based email archiving and security firm Mimecast has acquired Bethesda, Md-based security training company Ataata. Financial terms of the acquisition have not been disclosed. [Read More]
ProtonMail hit by significant DDoS attack apparently carried out by a group that claims to have ties to Russia [Read More]
The Electronic Frontier Foundation (EFF) announced STARTTLS Everywhere, a new project aimed at improving the security of email delivery. [Read More]
The Necurs botnet has started using Internet Query (IQY) files in recent waves of spam attacks, in an attempt to thwart security protections. [Read More]
Cybercriminals use a technique dubbed by researchers ZeroFont to bypass Office 365 phishing protections [Read More]
UK-based start-up Tessian, which uses machine learning artificial intelligence to prevent sensitive data leakage via email, has raised $13 million in a Series A funding. [Read More]
EFAIL: researchers say they’ve found ways to steal plain text from emails encrypted with OpenPGP and S/MIME, but some believe the claims are overblown [Read More]
Researchers discover that cybercriminals have been using a new method to bypass the Safe Links security feature in Office 365. Microsoft is investigating [Read More]

FEATURES, INSIGHTS // Email Security

rss icon

Siggi Stefnisson's picture
Ninety percent of breaches may begin with an email, but today most of the action happens well after an inbound email has been scanned and delivered.
Josh Lefkowitz's picture
Even organizations with the most robust defense solutions and advanced automated technologies cannot effectively combat threats such as BEC without the adequate support and nuanced expertise of humans.
Jack Danahy's picture
To mitigate the risk of attacks, IT teams should disable unused tools and components, while deploying endpoint protection that doesn’t rely solely on file scanning or whitelisting.
Markus Jakobsson's picture
DMARC is an email authentication standard designed to eliminate phishing and other types of attack that use spoofing to misrepresent an email sender identity.
Markus Jakobsson's picture
Endpoint protection will never be able to catch up with “known wolves,” but machine learning and artificial perception can change the rules of engagement with models of “known good.”
Erin O’Malley's picture
Conventional email security solutions may defend against spam, viruses, and malware, but they don’t defend against ignorance or egregious stupidity.
Bill Sweeney's picture
As data moves online, social engineering techniques have become far more personalized, technologically advanced and ultimately successful.
Travis Greene's picture
Yahoo's “Account Key” uses push notifications to their Yahoo Mail app on mobile devices. Will this securely replace passwords and two-factor authentication?
Travis Greene's picture
In the case of Hilary Clinton's personal email server, we know that Top Secret information was transmitted over a network that likely wasn’t equipped to safeguard it. If her server was a target of foreign state actors, the implications are frightening.
Marc Solomon's picture
Today’s email-based attacks don’t occur at a single point in time and use multiple methods to evade detection. To bolster protection, organizations may turn to a set of disparate products that don’t – and can’t – work together.