Anti-Phishing, DMARC

Webinar

Live Webinar | The Post-Pandemic New Normal: Rethink and Rebuild Cyber Security (11 am AEST I 1 pm NZST)

Jinan Budge, Principal Analyst Serving Security & Risk Professionals, Forrester , Ashwin Pal, Director of Cybersecurity Services, Asia Pacific, Unisys , Gergana Winzer, Industry Director of Cybersecurity, Australia and New Zealand, Unisys • June 25, 2020

The COVID-19 pandemic has put new security pressures on organizations, which are adapting to having large numbers of employees working from home. The threat landscape has changed, and attackers are looking to exploit weaknesses in how organizations have changed access to applications and data assets, which has forced...

Article

Separate Phishing Attacks Target Wells Fargo, BofA Customers

Akshaya Asokan • June 20, 2020

Researchers at two security firms are tracking separate phishing campaigns that are targeting customers of Wells Fargo and Bank of America, according to reports. In each case, the fraudsters are attempting to steal users' credentials using various methods and lures.

Webinar

Live Webinar | Your Brand is Being Used as Bait - You Just Don't Know It Yet

Dirk Jan Koekkoek , Danielle Papadakis • June 15, 2020

Without ever confronting an organization's email perimeter, it's easy for cybercriminals to impersonate a brand on the internet. Even unsophisticated attackers can spoof your email domain or host a fake website designed to trick customers, suppliers and employees. Join us to learn about the tactics cybercriminals are...

Article

Gamaredon Group Using Fresh Tools to Target Outlook

Akshaya Asokan • June 13, 2020

The Gamaredon hacking group is now using a new set of malicious tools to compromise Microsoft Outlook as a way of sending spear-phishing emails to victims' contact lists, according to security firm ESET. This hacking group, which appears to have ties to Russia, has primarily targeted Ukraine for years.

Article

Phishing Attacks Traced to Indian Commercial Espionage Firm

Mathew J. Schwartz • June 9, 2020

Surveillance researchers at Citizen Lab have tied thousands of "Dark Basin" corporate espionage phishing attacks to a small Indian cybersecurity firm called BellTroX InfoTech Services. It's led by Sumit Gupta, who was indicted by the U.S. in 2015 for criminal hacking on behalf of private investigators.

Article

Phishing Campaigns Target Senior Executives via Office 365

Mathew J. Schwartz • May 1, 2020

A sophisticated, highly targeted phishing campaign has hit high-level executives at more than 150 businesses, stealing confidential documents and contact lists, says security firm Group-IB. The campaign, which targets Office 365 users, appears to trace to attackers operating from Nigeria and South Africa.

Interview

Role of Deception in the 'New Normal'

Tom Field • April 6, 2020

As global enterprises get their arms around supporting and securing a near-total remote workforce, their digital adversaries are adapting - and so is the role of deception technology. Carolyn Crandall of Attivo Networks discusses how deception can help mitigate new risks.

Article

Spear-Phishing Campaign Uses COVID-19 to Spread LokiBot

Akshaya Asokan • April 4, 2020

A recently uncovered spear-phishing campaign is using fears of the COVID-19 pandemic to spread an information stealer called LokiBot. FortiGuard Labs researchers find that cybercriminals are once again using World Health Organization images as a lure.

Interview

Analysis: The Path Back to Business as Usual After COVID-19

Nick Holland • April 3, 2020

The latest edition of the ISMG Security Report offers an analysis of the phases businesses will go through in the recovery from the COVID-19 pandemic, plus an assessment of new risks resulting from the work-at-home shift and lessons learned from the Equifax breach.

Webinar

Live Webinar | Online Brand Spoofing - How to Stop it Before it Hurts

Dirk Jan Koekkoek , Elad Schulman • March 30, 2020

If you conduct business online, provide your customers and partners with secure web-access to your systems, or just have a brand worth spoofing, it is very likely your brand is already being exploited via email or the web. This attack technique has gone well beyond the big internet brands like Microsoft, ebay, and...

Interview

Analysis: COVID-19 as a Cybercrime Opportunity

Nick Holland • March 20, 2020

The latest edition of the ISMG Security Report analyzes how cybercriminals are exploiting the COVID-19 pandemic. Also featured: A discussion of potential 2020 election changes; tips for staying secure in a remote workplace.

►

Article

Phishing's Impact on the Federal Government

Tom Field • March 19, 2020

Federal government agencies certainly are not immune from phishing scams, and Aaron Higbee of Cofense is focused on tackling the unique challenges that government faces in detecting and stopping the crimes.

Article

Cybersecurity Sector Faces Reckoning After Coronavirus Hits

Scott Ferguson • March 10, 2020

Wall Street has been hit by the twin threats of the new coronavirus as well as oil prices plummeting, with the Dow dropping 2,000 points on Monday for its worst day in 12 years. Amidst fears that a recession could tank the global economy, some experts still see upsides for the cybersecurity sector.

Whitepaper

How to Fight Phishing, Ransomware and Malware in 2020

March 6, 2020

The rapidly evolving threat environment requires a multilayered protection strategy - one that closes the technical and human gaps - for every organization to maximize its cybersecurity performance and minimize the risk of falling victim to sophisticated attacks, including phishing, malware and ransomware which can...

Article

Emotet Malware Alert Sounded by US Cybersecurity Agency

Mathew J. Schwartz • January 23, 2020

Emotet malware alert: The U.S. Cybersecurity and Infrastructure Security Agency says it's been "tracking a spike" in targeted Emotet malware attacks. It urges all organizations to immediately put in place defenses to not just avoid infection, but also detect lateral movement in their networks by hackers.