Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Email Security

knowbe4

Phishing Attacks Are Abusing Legitimate Services to Avoid Detection

Oct 18, 2024 By Stu Sjouwerman In KnowBe4
Microsoft warns that threat actors are abusing legitimate file-hosting services to launch phishing attacks. These attacks are more likely to bypass security filters and appear more convincing to employees who frequently use these services. “Legitimate hosting services, such as SharePoint, OneDrive, and Dropbox, are widely used by organizations for storing, sharing, and collaborating on files,” Microsoft says.
Read Post
Egress

24 takeaways from the Human Risk Summit 2024

Oct 18, 2024 By Egress In Egress
The Human Risk Summit has concluded for another year, showcasing an exciting new theme focused on the personalization of security. This year’s discussions highlighted the importance of tailoring security measures to individual needs, with a strong focus on AI, social engineering tactics, and actionable steps organizations can take to strengthen their security strategy.
Read Post
spambrella

What Is Payloadless Malware?

Oct 16, 2024 By Spambrella In Spambrella
This malicious tactic enables cybercriminals to sneak into an organization’s email network or other systems without the payloads typically associated with harmful software. The payloadless method leverages harder-to-detect malware delivery techniques and psychological manipulation to execute attacks. It reflects the ingenuity of threat actors and emphasizes the need for organizations to never stop revamping their security strategies.
Read Post
knowbe4

The Number of Malicious Emails Reaching Inboxes Is Declining

Oct 16, 2024 By Stu Sjouwerman In KnowBe4
New research shows that less malicious emails are getting past security scanners to the inbox, but also provides details about how phishing emails are becoming increasingly dangerous. So much of our training is centered around elevating the employee’s state of cyber awareness so that when they do come across that sketchy email or that too good to be true web page, they know better. But it’s only one part of a larger cybersecurity effort within an organization.
Read Post
tripwire

Analyzing the Latest APWG Phishing Activity Trends Report: Key Findings and Insights

Oct 14, 2024 By Kirsten Doyle In Tripwire
In the second quarter of 2024, 877,536 phishing attacks were reported, a marked decrease from the 963,994 attacks reported in the first quarter of the same year. However, this might not be a reason to celebrate just yet, as this reduction might be due to the fact that email providers have made it increasingly difficult for users to report phishing attempts.
Read Post
knowbe4

"Operation Kaerb" Takes Down Sophisticated Phishing-as-a-Service Platform "iServer"

Oct 14, 2024 By Stu Sjouwerman In KnowBe4
A partnering of European and Latin American law enforcement agencies took down the group behind the mobile phone credential theft of 483,000 victims. Someone steals a physical mobile phone and they need to unlock it. But to do so, you need the Apple ID or Google account of the phone’s owner. So, where do you go? Well, it used to be iServer – an automated phishing-as-a-service platform that could harvest credentials to unlock the stolen phones.
Read Post
securitysenses

Top Free Crucial Tools for Maintaining Privacy In Online Reviews

Oct 14, 2024 By SecuritySenses In SecuritySenses
Your online reputation matters, right? With everyone sharing opinions about everything, keeping your privacy intact while dealing with reviews is crucial. Think about it - do you really want all your personal data floating around with every click? There are tools out there that help keep things under wraps. You might be surprised at what's available. Let's explore the five must-have tools to ensure you stay private while still hearing what people have to say about their experiences.
Read Post
memcyco

The Mobile Phishing Boom and How to Avoid It

Oct 11, 2024 By Arthur Zavalkovsky In Memcyco
As mobile technology becomes integral to day-to-day life, fraudsters are refining phishing techniques to exploit vulnerabilities in mobile browsing. According to Zimperium’s 2024 zLabs Global Mobile Threat report, 82% of phishing sites specifically targeted mobile devices in 2023. To protect customer data, enterprises need to counter-adapt.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.