Anti-Phishing, DMARC

Article

Microsoft Seizes Domains Used for COVID-19 Phishing Scam

Doug Olenick • July 7, 2020

A U.S. federal court has issued an injunction that gives Microsoft permission to seize control of several malicious domains being used to operate a COVID-19-themed phishing scam, according to recently unsealed court documents.

Webinar

Live Webinar | The Post-Pandemic New Normal: Rethink and Rebuild Cyber Security (11 am AEST I 1 pm NZST)

Jinan Budge, Principal Analyst Serving Security & Risk Professionals, Forrester , Ashwin Pal, Director of Cybersecurity Services, Asia Pacific, Unisys , Gergana Winzer, Industry Director of Cybersecurity, Australia and New Zealand, Unisys • June 25, 2020

The COVID-19 pandemic has put new security pressures on organizations, which are adapting to having large numbers of employees working from home. The threat landscape has changed, and attackers are looking to exploit weaknesses in how organizations have changed access to applications and data assets, which has forced...

Whitepaper

Triton 2.0 & The Future of OT Cyber-Attacks

June 21, 2020

This white paper evaluates the development of known OT attack campaigns, and the wider progression of malware, in order to identify trends and extrapolate future scenarios. Special focus is given to the emergence of AI and machine learning techniques, which have revolutionized cyber defense, and will become even...

Whitepaper

Email Security Threat Report 2020

June 21, 2020

Email and collaboration platforms are the connective tissue of most businesses and organizations, where information is shared, plans are hatched, and alliances formed. Yet email often represents the 'weakest link' in an organization's security strategy - around 94% of cyber-threats originate in the email environment....

Whitepaper

Cyber AI for SaaS Security

June 21, 2020

In this whitepaper, learn why securing today's dynamic workforce requires a new approach. Security teams must be equipped to discern when and how a trusted account has been leveraged for nefarious purposes, and discover how an AI 'immune system' approach to security provides adaptive, autonomous detection capabilities...

Article

Separate Phishing Attacks Target Wells Fargo, BofA Customers

Akshaya Asokan • June 20, 2020

Researchers at two security firms are tracking separate phishing campaigns that are targeting customers of Wells Fargo and Bank of America, according to reports. In each case, the fraudsters are attempting to steal users' credentials using various methods and lures.

Whitepaper

AI-Augmented Attacks and the Battle of the Algorithms

• June 19, 2020

This report will document an end-to-end attack lifecycle, and how each stage could leverage elements of the AI 'toolkit' to improve and streamline the process. Attackers will, of course, evolve their tools to drive efficiency gains, however these tradecraft improvements are iterative and do not happen all at once....

Webinar

Live Webinar | Your Brand is Being Used as Bait - You Just Don't Know It Yet

Dirk Jan Koekkoek , Danielle Papadakis • June 15, 2020

Without ever confronting an organization's email perimeter, it's easy for cybercriminals to impersonate a brand on the internet. Even unsophisticated attackers can spoof your email domain or host a fake website designed to trick customers, suppliers and employees. Join us to learn about the tactics cybercriminals are...

Article

Gamaredon Group Using Fresh Tools to Target Outlook

Akshaya Asokan • June 13, 2020

The Gamaredon hacking group is now using a new set of malicious tools to compromise Microsoft Outlook as a way of sending spear-phishing emails to victims' contact lists, according to security firm ESET. This hacking group, which appears to have ties to Russia, has primarily targeted Ukraine for years.

Article

Phishing Attack Targeted German COVID-19 Task Force Firm

Ishita Chigilli Palli • June 9, 2020

An ongoing phishing campaign has targeted top officials at a German multinational company tasked with procuring personal protective equipment during the COVID-19 pandemic, according to IBM. While it's not clear if these attacks were successful, they contain the hallmarks of a nation-state group.

Article

Phishing Attacks Traced to Indian Commercial Espionage Firm

Mathew J. Schwartz • June 9, 2020

Surveillance researchers at Citizen Lab have tied thousands of "Dark Basin" corporate espionage phishing attacks to a small Indian cybersecurity firm called BellTroX InfoTech Services. It's led by Sumit Gupta, who was indicted by the U.S. in 2015 for criminal hacking on behalf of private investigators.

Whitepaper

Classification By Design: The Foundation Of Effective Data Protection Compliance

June 1, 2020

This whitepaper report looks in detail as to why achieving compliance across a wealth of new international data privacy laws and regulations is such a growing challenge. It will cover: How data breaches are driving regulatory change Data protection and the COVID-19 pandemic, an escalating external threat...

Article

Latest Phishing Campaign Spoofs Microsoft Teams Messages

Akshaya Asokan • May 2, 2020

A recently uncovered phishing campaign is spoofing notifications from Microsoft's Teams collaboration platform in order to harvest Office 365 credentials from employees working from home offices because of the COVID-19 pandemic, according to research from Abnormal Security.

Article

Phishing Campaigns Target Senior Executives via Office 365

Mathew J. Schwartz • May 1, 2020

A sophisticated, highly targeted phishing campaign has hit high-level executives at more than 150 businesses, stealing confidential documents and contact lists, says security firm Group-IB. The campaign, which targets Office 365 users, appears to trace to attackers operating from Nigeria and South Africa.

Whitepaper

NHS England Provides 6,800 Agile Workers with Secured Mobile Devices

April 20, 2020

NHS England not only manages the standards for healthcare services in England, but the way it operates is seen as hugely influential. Mobility is central to the way NHS England works: almost all its 7,500 staff work from mobile devices. Staff checks emails, shares reports and key documentation internally and with...