Anti-Phishing, DMARC

Webinar

Live Webinar | The Post-Pandemic New Normal: Rethink and Rebuild Cyber Security (11 am AEST I 1 pm NZST)

Jinan Budge, Principal Analyst Serving Security & Risk Professionals, Forrester , Ashwin Pal, Director of Cybersecurity Services, Asia Pacific, Unisys , Gergana Winzer, Industry Director of Cybersecurity, Australia and New Zealand, Unisys • June 25, 2020

The COVID-19 pandemic has put new security pressures on organizations, which are adapting to having large numbers of employees working from home. The threat landscape has changed, and attackers are looking to exploit weaknesses in how organizations have changed access to applications and data assets, which has forced...

Article

Separate Phishing Attacks Target Wells Fargo, BofA Customers

Akshaya Asokan • June 20, 2020

Researchers at two security firms are tracking separate phishing campaigns that are targeting customers of Wells Fargo and Bank of America, according to reports. In each case, the fraudsters are attempting to steal users' credentials using various methods and lures.

Article

Gamaredon Group Using Fresh Tools to Target Outlook

Akshaya Asokan • June 13, 2020

The Gamaredon hacking group is now using a new set of malicious tools to compromise Microsoft Outlook as a way of sending spear-phishing emails to victims' contact lists, according to security firm ESET. This hacking group, which appears to have ties to Russia, has primarily targeted Ukraine for years.

Article

Phishing Attack Targeted German COVID-19 Task Force Firm

Ishita Chigilli Palli • June 9, 2020

An ongoing phishing campaign has targeted top officials at a German multinational company tasked with procuring personal protective equipment during the COVID-19 pandemic, according to IBM. While it's not clear if these attacks were successful, they contain the hallmarks of a nation-state group.

Article

Phishing Attacks Traced to Indian Commercial Espionage Firm

Mathew J. Schwartz • June 9, 2020

Surveillance researchers at Citizen Lab have tied thousands of "Dark Basin" corporate espionage phishing attacks to a small Indian cybersecurity firm called BellTroX InfoTech Services. It's led by Sumit Gupta, who was indicted by the U.S. in 2015 for criminal hacking on behalf of private investigators.

Article

Latest Phishing Campaign Spoofs Microsoft Teams Messages

Akshaya Asokan • May 2, 2020

A recently uncovered phishing campaign is spoofing notifications from Microsoft's Teams collaboration platform in order to harvest Office 365 credentials from employees working from home offices because of the COVID-19 pandemic, according to research from Abnormal Security.

Article

Phishing Campaigns Target Senior Executives via Office 365

Mathew J. Schwartz • May 1, 2020

A sophisticated, highly targeted phishing campaign has hit high-level executives at more than 150 businesses, stealing confidential documents and contact lists, says security firm Group-IB. The campaign, which targets Office 365 users, appears to trace to attackers operating from Nigeria and South Africa.

Interview

Role of Deception in the 'New Normal'

Tom Field • April 6, 2020

As global enterprises get their arms around supporting and securing a near-total remote workforce, their digital adversaries are adapting - and so is the role of deception technology. Carolyn Crandall of Attivo Networks discusses how deception can help mitigate new risks.

Article

Spear-Phishing Campaign Uses COVID-19 to Spread LokiBot

Akshaya Asokan • April 4, 2020

A recently uncovered spear-phishing campaign is using fears of the COVID-19 pandemic to spread an information stealer called LokiBot. FortiGuard Labs researchers find that cybercriminals are once again using World Health Organization images as a lure.

Interview

Analysis: The Path Back to Business as Usual After COVID-19

Nick Holland • April 3, 2020

The latest edition of the ISMG Security Report offers an analysis of the phases businesses will go through in the recovery from the COVID-19 pandemic, plus an assessment of new risks resulting from the work-at-home shift and lessons learned from the Equifax breach.

Webinar

Live Webinar | Online Brand Spoofing - How to Stop it Before it Hurts

Dirk Jan Koekkoek , Elad Schulman • March 30, 2020

If you conduct business online, provide your customers and partners with secure web-access to your systems, or just have a brand worth spoofing, it is very likely your brand is already being exploited via email or the web. This attack technique has gone well beyond the big internet brands like Microsoft, ebay, and...

Interview

Analysis: COVID-19 as a Cybercrime Opportunity

Nick Holland • March 20, 2020

The latest edition of the ISMG Security Report analyzes how cybercriminals are exploiting the COVID-19 pandemic. Also featured: A discussion of potential 2020 election changes; tips for staying secure in a remote workplace.

►

Article

Phishing's Impact on the Federal Government

Tom Field • March 19, 2020

Federal government agencies certainly are not immune from phishing scams, and Aaron Higbee of Cofense is focused on tackling the unique challenges that government faces in detecting and stopping the crimes.

Whitepaper

5 Reasons to Streamline Healthcare Accounts Payable Today

March 19, 2020

Healthcare executives face tremendous pressure to provide quality care to patients, streamline registration experiences, and comply with data privacy regulations - all while being tasked with increasing operational efficiencies and decreasing costs. These pressures land heavily on Accounts Payable (AP) departments...

Article

Cybersecurity Sector Faces Reckoning After Coronavirus Hits

Scott Ferguson • March 10, 2020

Wall Street has been hit by the twin threats of the new coronavirus as well as oil prices plummeting, with the Dow dropping 2,000 points on Monday for its worst day in 12 years. Amidst fears that a recession could tank the global economy, some experts still see upsides for the cybersecurity sector.