Many organizations face an upward battle when detecting and preventing fraud.
Consumers continue to migrate to digital channels and while organizations are
benefiting from this transition, it comes at a price. Where transactions occur, fraudsters follow, seeking out new vulnerabilities to exploit.
In this webinar,...
Email is the number one threat vector for ransomware. But the solution to ransomware is not simply blocking malware in an attachment. Attackers have pivoted to using email as the first step to gain access, which will ultimately allow them to deploy their ransomware or broker the access to someone who will.
Join...
Are data breaches getting worse? So far for 2021, the number of records that were reportedly exposed declined slightly, while the total number of reported data breaches increased both in the U.S. and globally.
According to a new threat report from Expel, business email compromise should now be viewed as "public enemy #1." Jonathan Hencinski of Expel is joined by Theodore Peterson of Datasite to support that claim and discuss how best to strategize against these schemes.
Business email compromise (BEC), also known as email fraud, is one of cybersecurity’s costliest and least understood threats. As BEC schemes have evolved, industry nomenclature has outlived its usefulness. Without a framework to describe and break down BEC attacks—let alone conceptualize them—researching and...
Researchers report that because of increased use of multifactor authentication, attackers are developing phishing kits that steal tokens and bypass this trusted layer of security, enabling them to "man in the middle" a browser session and steal credentials and session cookies in real time.
We thought it was bad enough when traditional ransomware started to steal data in its second generation of evolution, now dubbed "double extortion". The third stage of ransomware is beginning to happen now and will make us wish for the good, old days of Ransomware 2.0.
Attend this presentation to learn how...
In 2021, there were 1,862 data compromises - a 68% increase over 2020, according to the Identity Theft Resource Center's Annual Data Breach Report. "In this past year, there were more cyberattack-related data breaches than there were all forms of data breaches in 2020," says ITRC COO James E. Lee.
North Korean advanced persistent threat group Lazarus - an entity sanctioned by the U.S. and the United Nations - has emerged with a fresh spear-phishing campaign that exploits Windows Updates to execute a malicious payload, using GitHub as a command-and-control server.
"Email security doesn't get the attention it deserves" because "phishing is not going away and is not getting any less," says Jess Burn, a senior analyst at Forrester. She shares best practices for phishing prevention.
While SEGs (Secure Email Gateways) may claim to protect emails from all possible threats, they unwittingly send infected emails to users, just waiting for them to act. Since the invention of email, phishing has evolved continuously, and hackers have been finding
new ways to infiltrate users’ inboxes and trick...
As ransomware attacks continue to pose a significant threat to enterprises and individuals, "We will keep banging the message that basic cyber hygiene makes a big difference to lots of people," says Andy Bates of the Global Cyber Alliance. He also discusses the alliance's top priorities for 2022.
Threat actors have attempted to steal two-factor authentication codes from users of Australian cryptocurrency exchange CoinSpot, researchers say. The codes would help attackers perform "potentially unauthorized withdrawals from individual accounts," say analysts at Cofense Phishing Defense Center.
Phishing is one of the most well-known cyberattack methods, but hackers still have considerable success despite security teams' best efforts. Attackers use phishing attacks to gain access to login credentials, financial information like credit card details or bank accounts, company data, and any other digital assets...
DMARC, SPF, and DKIM are global anti-domain-spoofing standards, which can significantly cut down on phishing attacks. Implemented correctly they allow you to monitor email traffic, quarantine suspicious emails, and reject unauthorized emails. But less than 30% of organizations are actually using them. And even fewer...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.