"Email security doesn't get the attention it deserves" because "phishing is not going away and is not getting any less," says Jess Burn, a senior analyst at Forrester. She shares best practices for phishing prevention.
The U.S. Federal Bureau of Investigation has issued a warning to consumers about cybercriminals targeting people through maliciously crafted quick response - or QR - codes that direct them to links where their credentials and financial information are siphoned off.
People are leaving their jobs in droves during "Great Resignation," and the cybersecurity industry is not immune to the trend. Mike Hamilton, the former CISO for the city of Seattle, warns organizations about the opportunities this presents for cybercriminals and outlines how employers can work to retain talent. "The...
A new Lazarus-linked APT threat known as BlueNoroff has emerged and is actively targeting cryptocurrency startups in a campaign called "SnatchCrypto." Research by Kaspersky found that more than 15 venture businesses and their employees have fallen victim to the nation-state threat actors.
Healthcare and public health sector entities must heed the warnings this week by federal authorities of Russian state-sponsored cyberthreats to critical infrastructure organizations, some experts say. Why are the stakes so high?
A healthcare technology vendor is notifying dozens of its healthcare provider clients of an email security breach affecting their patients' protected health information. Experts say the incident serves as the latest reminder of the risks business associates pose to sensitive healthcare data.
As ransomware attacks continue to pose a significant threat to enterprises and individuals, "We will keep banging the message that basic cyber hygiene makes a big difference to lots of people," says Andy Bates of the Global Cyber Alliance. He also discusses the alliance's top priorities for 2022.
Threat actors have attempted to steal two-factor authentication codes from users of Australian cryptocurrency exchange CoinSpot, researchers say. The codes would help attackers perform "potentially unauthorized withdrawals from individual accounts," say analysts at Cofense Phishing Defense Center.
DMARC, SPF, and DKIM are global anti-domain-spoofing standards, which can significantly cut down on phishing attacks. Implemented correctly they allow you to monitor email traffic, quarantine suspicious emails, and reject unauthorized emails. But less than 30% of organizations are actually using them. And even fewer...
The spyware of sanctioned Israeli firm NSO Group was reportedly detected on the smartphones of high-profile Polish figures associated with the nation's opposition party. And the spyware has also reportedly been tied to the phone of Hanan Elatr, wife of the late journalist Jamal Khashoggi.
A Kentucky-based medical specialty practice is notifying nearly 107,000 individuals that their information was potentially compromised in a recent email hack. Meanwhile, a Missouri medical center is still dealing with a phone and IT systems outage that started last week.
Cyber GRX senior director and CyberEdBoard executive member Peter Gregory discusses data everyone has that is an asset, but also a liability - your contact list - and how to decrease your chances of it turning toxic.
Ransomware is the fastest growing malware threat, but detection and response are both challenging. Too often, ransomware is seen as solely a technology or security issue even though it impacts the entire enterprise. Read this white paper to learn a four-phase, prudent approach to ransomware defense.
Ransomware attackers commonly bypass traditional email gateways,
targeting people directly to gain access to a company’s systems.
The answer? Replace these porous controls with a people-centric
security strategy, says Matt Cooke of Proofpoint.
Download this eBook to learn more about:
How ransomware attackers...