Communications Security
Communications Security | News, how-tos, features, reviews, and videos
Global 2000 companies failing to adopt key domain security measures
Lookalike domains are targeting Forbes Global 2000 brands to launch phishing attacks and other forms of digital brand abuse/IP infringement.
Attackers switch to self-extracting password-protected archives to distribute email malware
This variation on an old technique does not require the victim to provide a password to execute the malware.
Sophisticated BEC scammers bypass Microsoft 365 multi-factor authentication
Analysis of the BEC campaign reveal weaknesses in Microsoft's authentication system.
Why business email compromise still tops ransomware for total losses
Losses from business email compromise (BEC) scams are about 50 times greater than those caused by ransomware. Here's why BEC is favored by cybercriminals.
Top 5 security risks of Open RAN
Open RAN enables interoperability among hardware, software, and interfaces used in cellular networks but also changes their attack surface.
Ransomware, email compromise are top security threats, but deepfakes increase
While ransomware and business email compromise are leading causes of cybersecurity threats, geopolitics and deepfakes play an increasing role, according to reports from VMware and Palo Alto.
How Salvation Army Australia’s CISO moved away from ‘extreme risk’
The Salvation Army Australia had started its move towards cyberresilience before hiring Lachlan McGill, which helped him make cybersecurity and SOC investments a dialogue, not a plea.
5 best practices for secure collaboration
How successful companies are facing the challenges of securing emerging communication technologies.
Attacks using Office macros decline in wake of Microsoft action
Researchers see 66% decline in attacks over eight months since Microsoft turned off macros by default.
Office 365 phishing campaign that can bypass MFA targets 10,000 organizations
The phishing web pages that this adversary-in-the-middle phishing campaign uses act as a proxy and pull content from the legitimate Office 365 login page.
Cisco reports vulnerabilities in products including email and web manager
New vulnerabilities found in Cisco internal testing allow remote access and scripting that could lead to the loss of sensitive user data.
U.S. government proposals spell out 5G security advancements
A joint proposal from federal cybersecurity and defense agencies defines a process for ensuring the security of 5G networks.
A formula for measuring real-world email security efficacy
You have the data needed to assess the efficacy of your email security tools. Here's how to use it.
Microsoft help files repurposed to contain Vidar malware in new campaign
A new email malware campaign hides a malicious payload in what appears to be a Microsoft Compiled HTML Help file.
Cloudflare unveils email security tools, free WAF ruleset, and API gateway
Cloudflare has announced a slew of new products, including a suite of email security tools for phishing and malware detection, a free WAF ruleset and a machine-learning powered API gateway.
INTERPOL and Nigerian Police bust business email compromise ring, arrest 11
Operation Falcon II focused on malware skills and knowledge to track suspects thought to be members of the SilverTerrier BEC network that has harmed thousands of companies globally.
CISOs, what's in your travel security program?
It's time to review (or create) your travel security program now that more people are traveling for work and pleasure. Here's what it should include.
