Phishing is no longer restricted to just emails. As attackers broaden their arsenal, businesses today also need to be on the lookout for impersonation attempts via SMS text messages or voice calls, says Roger Grimes, a data-driven defense evangelist at KnowBe4.
Several major email breaches reported by healthcare entities in recent days and weeks have affected the health data of nearly 300,000 individuals. Experts say the incidents highlight the ongoing challenges many organization face involving phishing attacks and similar email compromises.
According to Gartner, continued increases in the volume and success of phishing attacks and migration to cloud email require a reevaluation of email security controls and processes.
Download the 2021 Gartner Market Guide for Email Security to learn:
What integrated cloud email security (ICES) solutions are and...
A recently identified Chinese hacking group dubbed Aoqin Dragon has been targeting government, education and telecommunication organizations in Southeast Asia and Australia since 2013 as part of an ongoing cyberespionage campaign, according to research from SentinelLabs.
A phishing campaign used stolen credentials to log into Facebook user accounts and send links leading to phishing pages to the victims' friends to harvest their credentials. Researchers detail the evasion techniques the threat actor allegedly used to likely make millions from the scam.
Memo to IT administrators: Don't store data in cloud in an unsecure manner. Security researchers at Secureworks have found more than 1,200 cloud-based, unsecured Elasticsearch databases that attackers wiped, leaving only a ransom note demanding Bitcoin in return for their restoration.
Police in Nigeria this week arrested a 37-year-old man who's been charged with masterminding "a criminal syndicate tied to massive business email compromise and phishing campaigns," Interpol says. But with known BEC losses last year exceeding $2.4 billion, will the arrest have a noticeable impact?
Financial services firms lose an average of $18.5 million per year through malicious activity like leaked credentials, payment fraud, money laundering, fake account registration, loyalty abuse, and more. Fraud prevention depends on effective intelligence gathering, and few firms have the tools or personnel to...
The new Expel Quarterly Threat Report provides data on what we’re seeing,
detection opportunities, and resilience recs to help protect your organization.
We’ll dive into the trends in this report, based on incidents the Expel security
operations center (SOC) team identified through investigations into...
The new Expel Quarterly Threat Report provides data on what we’re seeing,
detection opportunities, and resilience recs to help protect your organization.
We’ll dive into the trends in this report, based on incidents the Expel security
operations center (SOC) team identified through investigations into...
North Korean information technology workers have been attempting to obtain employment in public and private sectors in the United States to fund their home country's weapons of mass destruction and ballistic missiles programs, according to an advisory from U.S. federal agencies.
Poor security configurations, weak controls and gaps in authentication protocols are among the common initial access vectors "routinely exploited" by threat actors, the Five Eyes cybersecurity alliance says. Firms offering cybersecurity services weigh in on the gaps and implementation challenges.
The Financial Services industry has seen a 1000%+ increase in the amount of ransomware attacks hitting their organizations. It is also one of the most targeted verticals out there. We know why this is a favored target; because that’s where the money is. The question to be answered is identifying the attack vector...
In the today’s digital world, when so much of our lives are online, identity verification and authentication are critical to addressing fraud-related risk management challenges. To prevent fraud and protect your business and your customers, you must be certain the people you are dealing with are who they represent...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.