Compromised accounts may be the most dangerous email threat that organizations face. Once an account has been compromised, it can be used to execute additional attacks—providing threat actors a variety of opportunities to steal funds and sensitive information.
And because the messages are being sent from the...
Supply chain compromise attacks cost an average of $183,000. You should be prepared.
In this white paper from Dr. Eric Cole at Secure Anchor, learn how attackers leverage compromised accounts from vendors or partners to launch attacks that are specifically designed to bypass traditional email security. These...
Credential phishing attacks represent a huge threat to organizations as a well-crafted (or even somewhat realistic-looking) phishing email can trick an employee into providing login credentials.
In our threat report covering data from January-June 2022, Abnormal Security found a 48% increase in email attacks over...
As a leader in insurance and asset management, this Fortune 200
company recognizes that its security must protect its employees and
customers from cyber attacks. Customers place their trust and their assets
in the control of this company, so the security team built a robust solution
reducing risk, gaining...
Invoice fraud. Payroll diversion. Gift card requests. Fraudulent wire transfers. Malicious attachments. These types of attacks have dominated the cybersecurity space for the past few years, as security leaders worldwide attempt to find ways to stop increasingly-sophisticated inbound threats.
But what about those...
With Microsoft offering a cost-effective and highly integrated security stack that covers endpoint, email, cloud, identity and more, many organizations are replacing their legacy tools with Microsoft’s advanced security stack and getting the most out of their Office 365 investment.
To fully unlock the power of E5,...
Whether for profit or in furtherance of Russian geopolitical interests - or both - former members of the Conti ransomware group have been targeting networks operated by the Ukrainian government and businesses, as well as European nonprofit organizations, Google's Threat Analysis Group reports.
CISO Marcin Szczepanik recalls when his team's budget was cut dramatically after the onset of the pandemic. He wanted to invest in the latest state-of-the-art tools but prioritized his costs and focused on email security - a move that improved the company's level of cyber maturity.
Why is business identity theft increasing, and what are the latest tactics fraudsters are using to scam businesses and gig workers? Eva Velasquez, CEO at the Identity Theft Resource Center, shares her views on how business identity theft has evolved over the years and how to prevent it.
Insurance market giant Lloyd's of London says that starting next year, its cyber insurance policies will no longer cover state-sponsored cyberattacks. But with attribution being inherently tricky, expect this move to be tested in court, says Jonathan Armstrong, a partner at Cordery law firm.
In the latest weekly update, four Information Security Media Group editors discuss key cybersecurity issues, including the high cost of BEC scams, a Cuba ransomware gang's attack on Montenegro, and why so many hacktivists couldn't overcome the technical ennui of the Russia-Ukraine cyberwar.
Ransomware gets the headlines, and phishing sets off the most alerts, but business email compromise costs enterprises the most - more than $43 billion since 2016. U.S. Secret Service agents Stephen Dougherty and Michael Johns discuss the criticality of rapid detection and response.
As more and more business is conducted digitally and online, the resiliency and adaptability of the business depend on reliable, scalable, secure, and cost-effective on-demand infrastructure. Autonomous governance uses policy-driven automation and predictive AI/ML decision support to dynamically align datacenter,...
Identity and access management giant Okta says some customer data was exposed by the "relentless phishing campaign" that breached Twilio, which it uses to provide some SMS services. Twilio says attackers accessed data for 163 customer organizations.
An Iranian government-backed hacking group known as Charming Kitten has updated its malware arsenal to include an email inbox scraping tool, proof of the group's dedication to developing and maintaining purpose-built capabilities. The tool spoofs the user agent to look like an outdated browser.