Compromised accounts may be the most dangerous email threat that organizations face. Once an account has been compromised, it can be used to execute additional attacks—providing threat actors a variety of opportunities to steal funds and sensitive information.
And because the messages are being sent from the...
Supply chain compromise attacks cost an average of $183,000. You should be prepared.
In this white paper from Dr. Eric Cole at Secure Anchor, learn how attackers leverage compromised accounts from vendors or partners to launch attacks that are specifically designed to bypass traditional email security. These...
Credential phishing attacks represent a huge threat to organizations as a well-crafted (or even somewhat realistic-looking) phishing email can trick an employee into providing login credentials.
In our threat report covering data from January-June 2022, Abnormal Security found a 48% increase in email attacks over...
As a leader in insurance and asset management, this Fortune 200
company recognizes that its security must protect its employees and
customers from cyber attacks. Customers place their trust and their assets
in the control of this company, so the security team built a robust solution
reducing risk, gaining...
New malware variants are being developed at breakneck speeds, each more sophisticated and devastating than the last. On top of that, successful threats are being commodified by initial access brokers (IAB) and sold as-a-service. Threats are propagating faster than ever with stealthy evasion techniques coded in,...
Ransomware-wielding criminals feel the need for speed as they seek to take down victims more quickly and quietly. Cue the use of intermittent, or partial, encryption to speed up attacks. It scrambles files partially but enough to make them unusable.
Japanese conglomerate Hitachi has sold its small identity-as-a-service practice to Canadian software specialist Volaris Group to drive better execution around core products. The firm found it was easy to get lost within Hitachi given the conglomerate's size and focus on electronics and engineering.
Twitter security exec-turned-whistleblower Peiter Zatko today listed alleged security and privacy shortcomings of the social media company for a Senate panel. "It's not farfetched to say that an employee inside the company could take over the accounts of all of the senators in this room," he said.
Invoice fraud. Payroll diversion. Gift card requests. Fraudulent wire transfers. Malicious attachments. These types of attacks have dominated the cybersecurity space for the past few years, as security leaders worldwide attempt to find ways to stop increasingly-sophisticated inbound threats.
But what about those...
Iran is again implicated in a cyberattack against Albania, this time on a border-crossing system. Albanian government officials acknowledged the attack on Saturday, just days after the country broke off relations with Tehran in a rebuke for launching an assault on Albania's e-government portal.
After an international law enforcement operation shuttered stolen data forum RaidForums in February, one of its power users launched a replacement called Breached. Within months, the English-language forum has amassed more stolen records and nearly as many users as its predecessor.
The Lazarus Group, a North Korean advanced persistent threat gang, recently targeted energy companies in Canada, the U.S. and Japan to establish long-term access into victim networks to conduct espionage operations by deploying custom-built malware implants VSingle, YamaBot and MagicRAT.
A thief stole $1.25 million worth of cryptocurrency from DeFi protocol New Free DAO in a flash loan attack and so far has cashed out nearly half of the funds. The attack resulted in a sharp drop in the platform's native token $NFD, whose value slumped more than 99% day-on-day on Thursday.
The United States hit Iran with a new round of sanctions after linking Tehran with the July cyberattack against Albania. The sanctions are more symbolic than material in effect but send a message that hacking U.S. allies has consequences.
In the latest weekly update, Ari Redbord, head of legal and government affairs at TRM Labs, joins ISMG editors to discuss how extremist groups could circumvent sanctions and fund terrorism through NFTs, the limitations of digital assets regulations, and new U.K. rules for crypto exchange reporting.