Security Experts:

Email Security
long dotted

NEWS & INDUSTRY UPDATES

Email-focused cybersecurity firm Vade Secure has agreed to a €70 million (approximately US$79.3 million) investment by venture capital firm General Catalyst. [Read More]
Security researchers documented the of evolution a Nigerian cybercriminal group from its emergence as a one-man shop into a large business email compromise (BEC) operation employing dozens of threat actors. [Read More]
Privacy-focused ProtonMail has been accused of voluntarily helping law enforcement spy on users, but the company has denied the accusations. [Read More]
Google on Tuesday said that some customer passwords for its G Suite customers were stored in an unhashed format since 2005. [Read More]
Tampa Bay, FL-based security awareness and simulated phishing firm KnowBe4 has acquired Oslo, Norway-based security culture measurement company CLTRe for an undisclosed sum. [Read More]
The Russia-linked threat group known as Turla has been using a sophisticated backdoor dubbed LightNeuron to hijack Microsoft Exchange mail servers. [Read More]
2020 presidential campaigns are preparing for cyber threats, which includes training, mandatory use of 2FA, and phishing simulations. [Read More]
After testing more than two dozen popular encrypted email clients, researchers found that the majority are vulnerable to one or more signature spoofing attacks. [Read More]
A majority of the 2020 US presidential campaigns are vulnerable to sophisticated email attacks, according to a study conducted by email security firm Agari. [Read More]
Armorblox emerges from stealth mode with a platform that uses natural language understanding to detect threats hidden in emails and documents. The company also announced a $16.5 million Series A funding round. [Read More]

FEATURES, INSIGHTS // Email Security

rss icon

Alastair Paterson's picture
Organizations may not be able to mitigate BEC scams entirely; however, tightening up processes will ensure data exposure is kept to a minimum.
Ashley Arbuckle's picture
By learning from the past there are many steps we can take to strength our approach to security as attackers continue to turn to email to help accomplish their mission.
Siggi Stefnisson's picture
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
Alastair Paterson's picture
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
Siggi Stefnisson's picture
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
Siggi Stefnisson's picture
Ninety percent of breaches may begin with an email, but today most of the action happens well after an inbound email has been scanned and delivered.
Josh Lefkowitz's picture
Even organizations with the most robust defense solutions and advanced automated technologies cannot effectively combat threats such as BEC without the adequate support and nuanced expertise of humans.
Jack Danahy's picture
To mitigate the risk of attacks, IT teams should disable unused tools and components, while deploying endpoint protection that doesn’t rely solely on file scanning or whitelisting.
Markus Jakobsson's picture
DMARC is an email authentication standard designed to eliminate phishing and other types of attack that use spoofing to misrepresent an email sender identity.
Markus Jakobsson's picture
Endpoint protection will never be able to catch up with “known wolves,” but machine learning and artificial perception can change the rules of engagement with models of “known good.”