Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
SAP releases patches for a total of 11 security flaws in NetWeaver, five of which are rated high-severity. [Read More]
Patch Tuesday takes on extra urgency this month with the news that at least six previously undocumented vulnerabilities are being actively exploited in the wild. [Read More]
Adobe's June batch of security patches address a swathe of potentially dangerous vulnerabilities in Adobe Acrobat and Reader, Adobe Photoshop, and the ever-present Adobe Creative Cloud Desktop Application. [Read More]
Apple has announced a VPN-like service and several new privacy features at its 2021 Worldwide Developers Conference (WWDC). [Read More]
Navistar International Corporation confirms data stolen in cyberattack that affected some operations. [Read More]
Palo Alto researchers document a new malware that leverages Windows container escape techniques and can achieve code execution on the node and spread to entire Kubernetes clusters. [Read More]
Two members of the notorious Carbanak cybercrime syndicate were sentenced to 8 years in prison, Kazakhstani authorities announced this week. [Read More]
Cisco issues fixes for a wide range of gaping security holes, including three high-risk vulnerabilities in the widely deployed Webex product line. [Read More]
Ongoing, multi-vendor investigations into the SolarWinds mega-hack lead to the discovery of new malware artifacts that could be used in future supply chain attacks, including a poisoned update installer. [Read More]
A KPMG report finds that the email system used by Accellion never sent the email notifications to FTA customers and the company never informed them of the flaw being actively exploited. [Read More]
- 1 of 46
- ››
FEATURES, INSIGHTS // Email Security
Organizations may not be able to mitigate BEC scams entirely; however, tightening up processes will ensure data exposure is kept to a minimum.
By learning from the past there are many steps we can take to strength our approach to security as attackers continue to turn to email to help accomplish their mission.
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
Ninety percent of breaches may begin with an email, but today most of the action happens well after an inbound email has been scanned and delivered.
Even organizations with the most robust defense solutions and advanced automated technologies cannot effectively combat threats such as BEC without the adequate support and nuanced expertise of humans.
To mitigate the risk of attacks, IT teams should disable unused tools and components, while deploying endpoint protection that doesn’t rely solely on file scanning or whitelisting.
DMARC is an email authentication standard designed to eliminate phishing and other types of attack that use spoofing to misrepresent an email sender identity.
Endpoint protection will never be able to catch up with “known wolves,” but machine learning and artificial perception can change the rules of engagement with models of “known good.”
- 1 of 4
- ››
Get the Daily Briefing
- Apple Reaffirms Privacy Stance Amid Trump Probe Revelations
- Volkswagen America Discloses Data Breach Impacting 3.3 Million
- Wray: FBI Frowns on Ransomware Payments Despite Recent Trend
- Recorded Future Unveils $20M Threat-Intel Investment Fund
- COO of Security Company Charged for Cyberattack on Medical Center
- RSA Spins Out Fraud and Risk Intelligence Unit as Standalone Company Outseer
- McDonald's Says Hackers Breached Data in Taiwan, South Korea
- GitHub Discloses Details of Easy-to-Exploit Linux Vulnerability
- Canada Privacy Watchdog Slams Police Use of Facial Recognition Tool
- Alibaba's Lazada Launches Public Bug Bounty Program
Copyright © 2021 Wired Business Media. All Rights Reserved. Privacy Policy