Image-based phishing tactics evolve 2024-03-12 at 06:00 By Help Net Security While 70% of organizations feel their current security stacks are effective against image-based and QR code phishing attacks, 76% were still compromised in the last 12 months, according to IRONSCALES and Osterman Research. IT pros are highly aware of emerging types of phishing attacks […]
React to this headline:
Image-based phishing tactics evolve Read More »
Email security trends in the energy and infrastructure sector 2024-03-11 at 09:07 By Help Net Security In this Help Net Security video, Mike Britton, CISO at Abnormal Security, discusses how energy and infrastructure organizations face an increased risk of business email compromise and vendor email compromise attacks. According to Abnormal Security data, from February 2023
React to this headline:
Email security trends in the energy and infrastructure sector Read More »
Cybercriminals Spoof US Government Organizations in BEC, Phishing Attacks 2024-03-07 at 16:40 By Ionut Arghire Threat actor tracked as TA4903 spoofing US government entities in phishing and fraud campaigns. The post Cybercriminals Spoof US Government Organizations in BEC, Phishing Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original
React to this headline:
Cybercriminals Spoof US Government Organizations in BEC, Phishing Attacks Read More »
Discount Retail Giant Pepco Loses €15 Million to Cybercriminals 2024-02-29 at 17:46 By Eduard Kovacs European discount retailer Pepco has lost €15.5 million as a result of what it described as a phishing attack. The post Discount Retail Giant Pepco Loses €15 Million to Cybercriminals appeared first on SecurityWeek. This article is an excerpt from
React to this headline:
Discount Retail Giant Pepco Loses €15 Million to Cybercriminals Read More »
Domains Once Owned by Major Firms Help Millions of Spam Emails Bypass Security 2024-02-27 at 16:46 By Eduard Kovacs 8,800 domains, many once owned by major companies, have been abused to get millions of emails past spam filters as part of SubdoMailing campaign. The post Domains Once Owned by Major Firms Help Millions of Spam
React to this headline:
Domains Once Owned by Major Firms Help Millions of Spam Emails Bypass Security Read More »
CISA Warns of Roundcube Webmail Vulnerability Exploitation 2024-02-13 at 13:31 By Eduard Kovacs CISA has added the Roundcube flaw tracked as CVE-2023-43770 to its known exploited vulnerabilities catalog. The post CISA Warns of Roundcube Webmail Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to
React to this headline:
CISA Warns of Roundcube Webmail Vulnerability Exploitation Read More »
Protecting against AI-enhanced email threats 2024-02-13 at 07:31 By Helga Labus Generative AI based on large language models (LLMs) has become a valuable tool for individuals and businesses, but also cybercriminals. Its ability to process large amounts of data and quickly generate results has contributed to its widespread adoption. AI in the hands of cybercriminals
React to this headline:
Protecting against AI-enhanced email threats Read More »
HPE Says Russian Government Hackers Had Access to Emails for 6 Months 2024-01-25 at 12:16 By Eduard Kovacs HPE told the SEC that Russian state-sponsored threat group Midnight Blizzard had access to an email system for several months. The post HPE Says Russian Government Hackers Had Access to Emails for 6 Months appeared first on
React to this headline:
HPE Says Russian Government Hackers Had Access to Emails for 6 Months Read More »
Organizations need to switch gears in their approach to email security 2024-01-23 at 06:02 By Help Net Security Email security risks remain high with 94% of organizations experiencing incidents in the past 12 months, according to Egress. Inbound email incidents primarily took the form of malicious URLs, attacks sent from a compromised account, and malware
React to this headline:
Organizations need to switch gears in their approach to email security Read More »
Flipping the BEC funnel: Phishing in the age of GenAI 2024-01-15 at 08:02 By Help Net Security For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic (and usually poorly-written) email and fire it out to thousands of recipients in the hope that a few might take the
React to this headline:
Flipping the BEC funnel: Phishing in the age of GenAI Read More »
Social engineer reveals effective tricks for real-world intrusions 2024-01-08 at 08:31 By Mirko Zorz In this Help Net Security interview, Jayson E. Street, Chief Adversarial Officer at Secure Yeti, discusses intriguing aspects of social engineering and unconventional methods for gathering target information. Street explores the overlooked threat of physical security and the human tendency to
React to this headline:
Social engineer reveals effective tricks for real-world intrusions Read More »
Uncovering the hidden dangers of email-based attacks 2024-01-08 at 06:01 By Help Net Security Email-based attacks have evolved beyond traditional spam and phishing attempts. Cybercriminals now employ sophisticated tactics such as spear-phishing, whaling, and business email compromise (BEC), posing a significant threat to businesses of all sizes. Email attacks can result in financial losses, reputational
React to this headline:
Uncovering the hidden dangers of email-based attacks Read More »
Mimecast Acquires User Education Startup Elevate Security 2024-01-04 at 20:17 By Ryan Naraine Elevate Security raised $18.3 million in venture capital financing and scored investments from the likes of Cisco and CrowdStrike. The post Mimecast Acquires User Education Startup Elevate Security appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View
React to this headline:
Mimecast Acquires User Education Startup Elevate Security Read More »
Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day 2023-12-27 at 13:16 By Eduard Kovacs Chinese hackers exploited a zero-day tracked as CVE-2023-7102 to deliver malware to Barracuda Email Security Gateway (ESG) appliances. The post Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day appeared first on SecurityWeek. This
React to this headline:
Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day Read More »
SMTP Smuggling Allows Spoofed Emails to Bypass Authentication Protocols 18/12/2023 at 17:16 By Eduard Kovacs A new attack technique named SMTP Smuggling can allow malicious actors to send out spoofed emails that bypass authentication mechanisms. The post SMTP Smuggling Allows Spoofed Emails to Bypass Authentication Protocols appeared first on SecurityWeek. This article is an excerpt
React to this headline:
SMTP Smuggling Allows Spoofed Emails to Bypass Authentication Protocols Read More »
CISA Issues Warning for Russian ‘Star Blizzard’ APT Spear-Phishing Operation 08/12/2023 at 00:48 By Ryan Naraine The US cybersecurity agency calls attention to a Russian APT targeting academia, defense, governmental organizations, NGOs and think-tanks. The post CISA Issues Warning for Russian ‘Star Blizzard’ APT Spear-Phishing Operation appeared first on SecurityWeek. This article is an excerpt
React to this headline:
CISA Issues Warning for Russian ‘Star Blizzard’ APT Spear-Phishing Operation Read More »
Google’s RETVec Open Source Text Vectorizer Bolsters Malicious Email Detection 30/11/2023 at 14:16 By Eduard Kovacs Google shows how RETVec, a new and open source text vectorizer, can improve the detection of phishing attacks, spam and other harmful content. The post Google’s RETVec Open Source Text Vectorizer Bolsters Malicious Email Detection appeared first on SecurityWeek.
React to this headline:
Google’s RETVec Open Source Text Vectorizer Bolsters Malicious Email Detection Read More »
Google Will Start Deleting ‘Inactive’ Accounts in December. Here’s What You Need to Know 29/11/2023 at 15:02 By Associated Press The easiest way to keep your Google account active (and thus prevent it from being deleted) is to sign in at least once every two years. The post Google Will Start Deleting ‘Inactive’ Accounts in
React to this headline:
Google Will Start Deleting ‘Inactive’ Accounts in December. Here’s What You Need to Know Read More »
Zimbra Zero-Day Exploited to Hack Government Emails 16/11/2023 at 19:46 By Eduard Kovacs Google says a Zimbra zero-day from earlier this year, CVE-2023-37580, was exploited in several campaigns to hack government emails. The post Zimbra Zero-Day Exploited to Hack Government Emails appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View
React to this headline:
Zimbra Zero-Day Exploited to Hack Government Emails Read More »
How cybercriminals adapt and thrive amidst changing consumer trends 03/11/2023 at 08:36 By Help Net Security The email threat landscape is experiencing a profound transformation, adapting to new challenges and exploiting emerging vulnerabilities with speed and sophistication. In this Help Net Security video, Usman Choudhary, CPTO at VIPRE Security Group, discusses how cybercriminals modify their
React to this headline:
How cybercriminals adapt and thrive amidst changing consumer trends Read More »