Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Managing data breach reputation damage

Data breaches are a costly and time-consuming problem for businesses in today's digital age and no organization, regardless of industry or size, is immune. Cyberattacks can impact the security of proprietary information, halt operations, and compromise private customer data. This guide explains how to respond to data breaches and protect your reputation and discusses the costs of data breach reputation damage.

Lessons from the Human Risk Summit with Nadine Michaelides and Jinan Budge

Following the release of the Phishing Threat Trends Report, we recently hosted the Human Risk Summit, a coming together of some of the biggest names in the industry to discuss the human element and the role it plays in cybersecurity. In this post, we’ll recap some of the themes, statistics, and insights from two of our speakers – Nadine Michaelides of University College London and Jinan Budge of Forrester.

Lessons from the Human Risk Summit with Chris Novak and Perry Carpenter

Following the release of the Phishing Threat Trends Report, we recently hosted the Human Risk Summit, a coming together of some of the biggest names in the industry to discuss the human element and the role it plays in cybersecurity. In this post, we’ll recap some of the themes, statistics, and insights from two of our speakers – Chris Novak of Verizon and Perry Carpenter from KnowBe4.

Insights from our 2023 Phishing Threat Trends Report

Cybercriminals never take a day off, and nor should your email protection. The online threat landscape is constantly evolving, and our Threat Intelligence team has unearthed some incredibly sophisticated threats over the last 10 months. To help equip you in the fight against phishing attacks, such as business email compromise, we published the Phishing Threat Trends Report, which outlines and explains the most common threats we’ve seen so far in 2023.

Egress Partners with Unique Security 4 Security (S4S) Event

Aimed at disrupting the market and providing 'real-world' conversations, S4S brings CISOs and senior cybersecurity professionals together to build a community to better combat cybercrime. Egress CEO, Tony Pepper, sits on the S4S Steering Committee Board and is delivering one of the key workshops at the event and will be an active participant in the community going forward.

Cybercriminals hijack this Microsoft 365 log-in feature as part of brand impersonation attacks that harvest users' credentials

On March 15th, 2023, a new feature released from Microsoft enabled organizations with a paid subscription to Microsoft 365 for business, Microsoft Dynamics CRM Online, Enterprise Mobility Suite, or other Microsoft services, to add company branding to their Microsoft 365 sign-in page via Azure Active Directory. This update is often recommended to improve both user experience and security by providing assurance the individual is logging in via the legitimate page for their company.

Cybercriminals don't take holidays: How bad actors use this two-step phishing campaign to weaponize out-of-office replies

The Egress Threat Intelligence team has detected an 83.6% increase in scouting phishing emails between May 1st – June 30, 2023, compared with March 1st – April 30th, 2023. These emails aim to identify organizations’ and individuals’ personal time off (PTO) patterns or other absences from work through the automatic out-of-office responses they receive. The scouting attacks were sent from multiple spoofed email addresses from servers located in Russia and Japan.

It's time to adapt: Why we've chosen to implement an adaptive security architecture in Egress Intelligent Email Security

Almost every organization freely admits that people are the biggest risk to its security. This year’s Data Breach Investigations Report by Verizon highlights that 74% of incidents involved the human element. People are a ‘soft’ target for cybercriminals. Networks and software can only be exploited if pre-existing vulnerabilities are discovered and hacked before they’re patched. People, however, can be engineered into creating vulnerability at any time.

What to do if you've been phished

Every employee in an organization has access to email, creating a vulnerability that cybercriminals seek to exploit through phishing attacks. There are many different types of phishing attacks that bad actors use to achieve their goals, and it is important to have the right processes and security solutions in place to prevent employees from falling victim.

What is fat finger error and how to prevent it

A fat finger error is a keyboard input mistake that results in the wrong information being transmitted. The term originated in financial trading markets and is now used more broadly in the security industry to describe data breaches that are caused by human error, particularly when the breach is attributed to mistyped information, like an email address. There are few people who have not experienced the sinking feeling caused by making a fat finger error.