This case study presents an organization that transformed its global business operations to deliver “digital everything” for its workforce and customers.
The AVP of Security Operations said: “as we move into a ‘digital everything’ world, protecting our customers and employees is the top priority. We’re...
U.S. Cyber Command and Security Service of Ukraine revealed malware indicators recently detected in Ukraine, which is resisting invasion by Russia. Cybersecurity firm Mandiant, which has ties to the U.S. military, published a detailed analysis of phishing campaigns with links to Belarus and Russia.
Threat actors carried out smishing attacks on nearly 10,000 Australian students enrolled at Deakin University and downloaded PII of about 47,000 students. Hackers compromised an employee's credentials to access the university's third-party SMS solutions provider to execute the attack.
Protecting the organization against email-borne threats is only becoming more difficult as attackers create new and more clever ways to fool users and embed threats and malware.
The best SEG solutions provide better protection than older products or those that are available with an email platform...
Organizations that are relying on cloud-based email providers to secure their email systems and data should strongly consider adding a secure email gateway. Too many organizations are confusing the existence of security features with the efficacy of those features.
While moving enterprise email to the cloud has...
Email continues to be the No. 1 source of cyberattacks and a significant point of risk for most organizations. Yet other
collaboration tools (e.g. Slack, Microsoft Teams, and even Zoom) are also emerging as points of risk.
An open and pervasive security integration strategy is required to reduce the burden on IT...
As the number one threat vector for most organizations, email continues to be widely used by cyber criminals to penetrate organizations in support of a wide variety of cyberattacks. Unlike other attack vectors, email enables cybercriminals to directly leverage humans in an effort to bypass security controls and...
The "deliberate actions" of a now-fired senior engineer at Customer.io put at risk email addresses of six client companies, including NFT marketplace OpenSea. The email delivery vendor did not specify how many individuals are now at elevated risk of phishing attacks.
Business email compromise (BEC) is when threat actors use email fraud to attack organizations, deceiving people into doing something they believe is helping the company. To request funds from victims, BEC threat actors conduct a variety of scams impersonating coworkers, vendors, or customers.
Despite the...
Business email compromise (BEC) is when threat actors use email fraud to attack organizations, deceiving people into doing something they believe is helping the company. To request funds from victims, BEC threat actors conduct a variety of scams impersonating coworkers, vendors, or customers.
Despite the...
The past few years have shown us a tremendous shift in BEC attacks, which changed its strategies from Executive Impersonation to opting to impersonate third party vendors and suppliers instead. This shift has given the threat actors a plethora of additional trusted identities to exploit.
This Threat Intelligence...
Emails shared with NFT marketplace OpenSea were disclosed to an unauthorized external party, the company is warning patrons. Anyone who shared an email address should be on guard for phishing attacks. The cause was a rogue employee at a third-party email delivery vendor.
For the seventh year in a row, business email compromise produced the largest losses of any type of cybercrime, according to Steve Dougherty of the U.S. Secret Service. He says organizations need to build and maintain relationships with law enforcement agencies before an attack happens.
Putting banners in emails to alert recipients to the potential dangers lurking in messages is a highly effective way to keep employees safe from phishing attacks. A lot of specialists in anti-phishing technology fall into a category analyst firm Gartner calls Cloud Email Security Supplements (CESSs). Every one of...
"Credential phishing is off the charts," says Tonia Dudley of Cofense. She discusses the challenge for organizations to strike a balance between having the right controls in place to block malicious emails and stopping the business from receiving legitimate emails.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.