Threat actors are running a series of campaigns spoofing several departments of the United States government.
The emails claim to request bids for government projects but lead victims to credential phishing pages instead.
These campaigns have been ongoing since at least mid-2019 and were first covered in our Flash...
Jamf plans to buy startup ZecOps to extend its ability to detect and respond to sophisticated threats across Mac, iOS and Android devices. Jamf's proposed acquisition will provide threat hunting tools to determine if any advanced attacks have compromised mobile devices.
The reality of remote work has made it abundantly clear that past and present technologies designed to protect humans and sensitive data are not working as expected. It's time for a new approach to cybersecurity awareness training to mobilize end users as the last line of defense (human firewall) and enable them to...
Vista Equity Partners has joined Thoma Bravo in the take-private cybersecurity spree, offering to buy security awareness training behemoth KnowBe4 at a $4.22 billion valuation. KnowBe4 says it has received a nonbinding offer from Vista of $24 per share for the shares not currently owned by Vista.
If you receive a sextortion email at work, how did the criminals find you? Do they really have embarrassing videos, your browsing history, or password? Cofense can shed some light on this dark corner of the web. After all, we’ve been monitoring the largest confirmed dump of email addresses used for sextortion to...
Get out of your comfort zone and embrace the truth about phishing defense and today’s rapidly changing threat landscape. When over 90% of breaches start as phishing emails—threats that email gateways miss and other defenses are slow to stop—you need to stare the truth in the eye and rethink your approach.
...
See how one company stopped an attack in 19 minutes! Imagine a cunning phisher: he knows his craft and sends your users an email appearing to come from your CEO that bypasses all your other technology. What would you do? A Cofense customer faced that very scenario and relied on Cofense to analyze, respond to, and...
Credential phishing attacks represent a huge threat to organizations as a well-crafted (or even somewhat realistic-looking) phishing email can trick an employee into providing login credentials.
In our threat report covering data from January-June 2022, Abnormal Security found a 48% increase in email attacks over...
The latest ISMG Security Report discusses a new phishing-as-a-service toolkit designed to bypass multifactor authentication, the decision by Lloyd's of London to exclude nation-state attacks from cyber insurance policies, and challenges at Okta after it acquired customer identity giant Auth0.
Not all forms of MFA are created equal—at protecting against cyberattacks, in terms of the friction created for end users or IT support teams, or the ability to seamlessly work with the technology stack.
Download the Yubico white paper; Graduating from Legacy MFA to Modern Authentication to learn about:
...
Despite the growing tide and sophistication of cyber attacks, many organizations continue to rely on legacy authentication methods such as usernames and passwords and mobile-based authentication, to secure access to critical and sensitive applications and data.
While any form of multi-factor authentication...
In today’s connected world, securing web applications and APIs from a wide range of threats — from web app business logic attacks and API abuse to bots — is critical for business success. However, securing digital properties amid cloud journeys, modern DevOps practices, and constantly changing applications and...
The SANS 2022 Security Awareness Report™ analyzes data provided by more than a thousand security awareness professionals from around the world to identify and benchmark how organizations are managing their human risk.
Download this report to discover actionable steps and resources to enable organizations at any...
Fastmail's customers utilize its platform specifically to get away from Google's user tracking and privacy invasion practices.
To meet the needs and expectations of its customers, Fastmail wanted to implement a privacy-centric bot management solution to effectively safeguard new account creations, recoveries, and...
Digital identities a – particularly the TLS certificates throughout your organization – are used by
machines to authenticate machine-to-machine communications. But they also protect machines
through consistent, trusted encryption.
When these machine identities fail, organizations experience outages. Even...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
