Email Security
Email Security | News, how-tos, features, reviews, and videos
Three-quarters of businesses braced for ‘serious’ email attack this year
Use of email is rising, leading to more email-based threats with increasing attack sophistication a top concern for IT security leaders.
Almost half of customers have left a vendor due to poor digital trust: Report
New research from DigiCert has found that digital trust is a key driver of customer loyalty, with 84% of customers saying they would consider leaving a vendor that did not manage digital trust.
Global 2000 companies failing to adopt key domain security measures
Lookalike domains are targeting Forbes Global 2000 brands to launch phishing attacks and other forms of digital brand abuse/IP infringement.
Attackers switch to self-extracting password-protected archives to distribute email malware
This variation on an old technique does not require the victim to provide a password to execute the malware.
Sophisticated BEC scammers bypass Microsoft 365 multi-factor authentication
Analysis of the BEC campaign reveal weaknesses in Microsoft's authentication system.
Why business email compromise still tops ransomware for total losses
Losses from business email compromise (BEC) scams are about 50 times greater than those caused by ransomware. Here's why BEC is favored by cybercriminals.
Ransomware, email compromise are top security threats, but deepfakes increase
While ransomware and business email compromise are leading causes of cybersecurity threats, geopolitics and deepfakes play an increasing role, according to reports from VMware and Palo Alto.
How Salvation Army Australia’s CISO moved away from ‘extreme risk’
The Salvation Army Australia had started its move towards cyberresilience before hiring Lachlan McGill, which helped him make cybersecurity and SOC investments a dialogue, not a plea.
Attacks using Office macros decline in wake of Microsoft action
Researchers see 66% decline in attacks over eight months since Microsoft turned off macros by default.
Office 365 phishing campaign that can bypass MFA targets 10,000 organizations
The phishing web pages that this adversary-in-the-middle phishing campaign uses act as a proxy and pull content from the legitimate Office 365 login page.
Cisco reports vulnerabilities in products including email and web manager
New vulnerabilities found in Cisco internal testing allow remote access and scripting that could lead to the loss of sensitive user data.
A formula for measuring real-world email security efficacy
You have the data needed to assess the efficacy of your email security tools. Here's how to use it.
Microsoft help files repurposed to contain Vidar malware in new campaign
A new email malware campaign hides a malicious payload in what appears to be a Microsoft Compiled HTML Help file.
Cloudflare unveils email security tools, free WAF ruleset, and API gateway
Cloudflare has announced a slew of new products, including a suite of email security tools for phishing and malware detection, a free WAF ruleset and a machine-learning powered API gateway.
INTERPOL and Nigerian Police bust business email compromise ring, arrest 11
Operation Falcon II focused on malware skills and knowledge to track suspects thought to be members of the SilverTerrier BEC network that has harmed thousands of companies globally.
9 cloud and on-premises email security suites compared
These email security suites have evolved to keep pace with email-enabled threats.
Microsoft Exchange Emergency Mitigation: What admins need to know
The Emergency Mitigation service adds protections to Exchange Server in the wake of recent zero-day compromises.
4 steps to protect the C-suite from business email compromise attacks
Preventing top executives from becoming BEC victims requires a different approach. Putting the risk in business terms is key.