Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Email Security

Trustwave

Phishing and Ransomware: How Threat Actors Attack the Financial Services Sector

Sep 4, 2024 By Trustwave In Trustwave
Trustwave SpiderLabs is prepped to launch its newest threat intelligence research, the 2024 Trustwave Risk Radar Report: Financial Services Sector. The upcoming report, which is set to be released on September 10, promises to be an indispensable resource for cybersecurity professionals. This comprehensive report not only sheds light on the modus operandi of a dominant ransomware gang but also delves into the persistent use of phishing and brute-force attacks to compromise credentials.
Read Post
knowbe4

Threat Actors Abuse Microsoft Sway to Launch QR Code Phishing Attacks

Aug 30, 2024 By Stu Sjouwerman In KnowBe4
Researchers at Netskope last month observed a 2000-fold increase in traffic to phishing pages delivered through Microsoft Sway. The phishing attacks are targeting organizations in the technology, manufacturing, and finance sectors in Asia and North America. Most of these attacks involved QR code phishing (quishing) to trick victims into visiting the malicious sites.
Read Post
knowbe4

Phishing Attacks Are Increasingly Targeting Social Media and Smartphone Users

Aug 28, 2024 By Stu Sjouwerman In KnowBe4
Threat actors are increasingly tailoring their attacks to target social media apps and smartphone users, according to a new report from the Anti-Phishing Working Group (APWG). As email security technologies improve, scammers are turning to social media apps, text messages, and voice calls to conduct social engineering attacks.
Read Post
knowbe4

Email Compromise Remains Top Threat Incident Type for the Third Quarter in a Row

Aug 28, 2024 By Stu Sjouwerman In KnowBe4
New analysis of Q2 threats shows a consistent pattern of behavior on the part of threat actors and threat groups, providing organizations with a clear path to protect themselves. It’s every cybersecurity professionals’ worry; whether the security controls they’ve put in place will actually stop attacks.
Read Post
netskope

Phishing in Style: Microsoft Sway Abused to Deliver Quishing Attacks

Aug 27, 2024 By Jan Michael Alcantara In Netskope
In July 2024, Netskope Threat Labs tracked a 2,000-fold increase in traffic to phishing pages delivered through Microsoft Sway. The majority of the credential grabbing pages investigated used “Quishing,” a form of phishing that uses QR code to trick users into accessing a malicious website. The phishing campaigns targeted MS Office credentials, using documents to bait users into logging in.
Read Post
levelblue

Here's How Phishing Messages Break Through Email Filters

Aug 27, 2024 By David Balaban In LevelBlue
Phishing is an email-borne malicious technique aimed at learning the sensitive credentials of users or spreading malware. This practice has been on the list of the top cyber threats to individuals and businesses for years. According to the latest Phishing Activity Trends Report by APWG, the total number of phishing attacks identified in Q1 2024 exceeded 963,000.
Read Post
Trustwave

Trustwave Data Reveals HTML Attachments, QR Codes, and BEC as Top Email Attack Vectors

Aug 26, 2024 By Trustwave In Trustwave
The Trustwave SpiderLabs team regularly collects a trove of data while protecting clients from email-based attacks. HTML attachments, malicious QR codes, and business email compromise (BEC) are the favored attack methods. A recent snapshot of data from June 2024 from Trustwave MailMarshal shows that email-based threat actors still favor HTML attachments to deliver a variety of malware types.
Read Post

Friday Flows Episode 33: From Traditional SOAR to Tines Automation: An engineers perspective

Aug 23, 2024 By Tines In Tines
FRIDAY FLOWS #33 Pt.1 - From Traditional SOAR to Tines Automation: An Engineers Perspective A longer form episode with Tino Sif Baksh. An experienced SOAR engineer who has been blown away by Tines' capability since joining. This is part 1 of our chat. Three really simple unique things covered here: How SOAR has changed as a technology and automation going from ‘nice to have’ to ‘need to have’. Building rules into the Tines’ Webhook action to reduce noisy alerts. The power using Tines’ email mode within the receive email action to simplify the Phishing Response workflows.
View Video
knowbe4

The Number of Email-Based Cyber Attacks Detected Surge 239% in 1H 2024

Aug 23, 2024 By Stu Sjouwerman In KnowBe4
New data shows the most prevalent and obvious path into an organization – email – continues to be exploited by a growing number of cybercriminals. Email is one of those technologies that doesn’t seem willing to be replaced by collaborative tools that connect individuals and organizations – in many cases – in far more productive ways. And because of this, cybercriminals continue to leverage email to gain access to users.
Read Post
teramind

How To Improve Email Security with Data Loss Prevention (DLP)

Aug 22, 2024 By Teramind In Teramind
Email remains a critical communication channel for businesses of all sizes, but it also presents significant data security risks. Data loss prevention (DLP) for email is an essential component of any robust cybersecurity strategy that can help your organization safeguard sensitive information from accidental leaks, malicious insiders, and external threats.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.