Collaborate Disseminate
In this Help Net Security video, Shai Gabay, CEO of Trustmi, discusses why payments are a source of cyber worry for CISOs. CISOs are worried about Business Email Compromise (BEC), cyber attackers’ use of AI, and securing the supply chain. These a… Continue reading How CISOs tackle business payment fraud
In this Help Net Security video, Mike Britton, CISO at Abnormal Security, discusses how energy and infrastructure organizations face an increased risk of business email compromise and vendor email compromise attacks. According to Abnormal Security data… Continue reading Email security trends in the energy and infrastructure sector
Pepco Group has confirmed that its Hungarian business has been hit by a “sophisticated fraudulent phishing attack.” The European company, which operates shops under the Pepco, Poundland and Dealz brands, said that the company lost approxima… Continue reading European retailer Pepco loses €15.5 million in phishing (possibly BEC?) attack
More 68% of employees knowingly put their organizations at risk, potentially leading to ransomware or malware infections, data breaches, or financial loss, according to Proofpoint. Perception on security responsibility And while the incidence of succes… Continue reading Understanding employees’ motivations behind risky actions
In 2023, malicious email threats bypassing secure email gateways (SEGs) increased by more than 100%, according to Cofense. In just two years, Cofense identified over 1.5 million malicious emails bypassing their customers’ SEGs, signaling a 37% increase… Continue reading Secure email gateways struggle to keep pace with sophisticated phishing campaigns
For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic (and usually poorly-written) email and fire it out to thousands of recipients in the hope that a few might take the bait. Over time, however, as spa… Continue reading Flipping the BEC funnel: Phishing in the age of GenAI
Attackers are compromising high-privilege Microsoft accounts and abusing OAuth applications to launch a variety of financially-motivated attacks. Abusing OAuth applications OAuth is an open standard authentication protocol that uses tokens to grant app… Continue reading Attackers abuse OAuth apps to initiate large-scale cryptomining and spam campaigns
“Malware free” attacks, attackers’ increased reliance on legitimate tools and scripting frameworks, and BEC scams were the most prominent threats small and medium businesses (SMBs) faced in Q3 2023, says the inaugural SMB Threat Repor… Continue reading SMBs face surge in “malware free” attacks
In this Help Net Security video, Dara Gibson, Senior Cyber Insurance Manager at Optiv, discusses cyber insurance and what we should expect to see in 2024: Ransomware, BEC, and pixel privacy claims will remain at the forefront of cyber insurance claims … Continue reading Cyber insurance predictions for 2024
88% of organizations experienced an average of 40 attacks in the past 12 months, according to a survey conducted by the Proofpoint and Ponemon Institute. Supply chain attacks: Leading patient care risk The average total cost of a cyberattack experience… Continue reading Cyberattacks on healthcare organizations affect patient care