European computer security researchers say they have discovered vulnerabilities that relate to two techniques used to encrypt emails: PGP and S/MIME. Security experts recommend all PGP users immediately delete or disable their PGP tools, pending a full fix.
The White House, fearing China is spying on phone calls, has suggested that the U.S. government take a primary role in marshaling the development of secure 5G networks. But would nationalizing 5G networks make them more secure?
An assessment on whether North Korea is behind the WannaCry ransomware attacks leads the latest edition of the ISMG Security Report. Also, the co-author of NIST's revised Trustworthy Email special publication discusses changes in the guidance.
Email, which is too easily spoofed, phished or taken over, remains a leading cybersecurity risk. But finally, after years of pushing, the Domain-based Message Authentication, Reporting and Conformance standard, or DMARC is helping to bolster email security, says Phil Reitinger, CEO of the Global Cyber Alliance.
Adoption of the Domain-based Message Authentication, Reporting & Conformance - or DMARC - standard is very low in the healthcare sector, and broader use could greatly reduce phishing risks, according to a new study.
Former Trump campaign aide George Papadopoulos learned that Russia had thousands of pilfered emails containing "dirt" on Hillary Clinton three months before they appeared online, according to court documents.
An in-depth look at the DMARC anti-spoofing system - which the U.S. Department of Homeland Security this past week said it will require federal agencies to adopt - leads the latest edition of the ISMG Security Report. Also, continuous monitoring of the insider threat.
A new directive from the U.S. Department of Homeland Security elevates federal agencies' email security to the DMARC standard that's widely adopted by commercial email providers, including Google, Yahoo and Microsoft.
Two Russian hackers, members of a group called "Shaltay-Boltai" - Humpty Dumpty in Russian - that stole and sold high-level Russian officials' emails, have been sentenced to serve three years in prison. The case against them may tie to a high-profile Russian treason investigation.
In the wake of the surge in business email compromise incidents, many organizations have implemented new anti-phishing controls. But the attackers are countering the counter-measures, says Agari's Wes Dobry. What is the best response?
Opportunistic attackers may have breached some Parliament email accounts by brute-force guessing their way into accounts with weak passwords. But such a breach is hardly the "cyberattack" some are making it out to be.
Business email compromise (BEC) attacks that impersonate executives and business partners to trick employees comprise the biggest cyberthreat organizations face today. This is not news. But what may come as a surprise is that the vast majority of BEC attacks are preventable. This session will review why email spoofing...
Despite the proliferation of social networks and messaging apps, email remains the primary means of communication today. Unfortunately, it also remains a persistent threat vector for cybersecurity abuse. We see these evil emails everywhere: at work, at home and in the news, attempting to sell something, or steal...
Score another one for social engineering: A phishing campaign used a bogus "Google Docs" app to trick people into surrendering full access to their Google accounts and contacts. Before Google squashed the campaign, up to 1 million of its users may have fallen victim.