A survey of over 600 IT decision makers across the US, UK and Australia finds that 76 percent believe end users are more at risk from attacks on mobile devices than they were a year ago.

The study from Menlo Security also shows 53 percent admit that it's not possible to be prepared for all the tactics and strategies used by attackers targeting mobile devices. And, more than a third (38 percent) claim that it's impossible to keep up with the pace of these attacks.

Continue reading →

There are many things to consider when it comes to making systems secure, but one thing that is often overlooked is the human angle.

George Finney, CISO, CEO and founder of Well Aware Security believes that cybersecurity is a people problem first and foremost -- people are the ones who write and employ processes and people are the ones who create and use technology. No surprise then that people are behind some 95 percent of cybersecurity incidents.

Continue reading →

Over the past 12 months, the COVID-19 pandemic has created the perfect environment for cybercrime to flourish, according to Verizon's 2021 Data Breach Investigations Report.

The report analyzed 29,207 quality incidents, of which 5,258 were confirmed breaches. With large numbers of people working remotely, phishing attacks increased by 11 percent, while attacks using ransomware rose by six percent.

Continue reading →

Traditional techniques such as security awareness training and phishing simulations have a limited impact on improving employees' real-world cybersecurity practices according to a new report.

The study, prepared by the Cyentia Institute, uses aggregated data from 114,000 Elevate Security Platform users for the last three years, examining malware, phishing, email security and other real world attack data.

Continue reading →

In early March, Microsoft disclosed that Chinese hackers had exploited software vulnerabilities in Microsoft Exchange on-premises servers to gain access to the email accounts of thousands of Microsoft customers.

While these companies are now laser-focused on deploying patches and other security measures to remediate the vulnerabilities in their email software, Josh Douglas, VP of product management -- threat intelligence at Mimecast, believes these technical fixes will only go so far.

Continue reading →

Phishing attacks are getting more sophisticated and therefore harder to spot. However, there are still times when the phisherfolk don't do themselves any favors, making their attempts at deception amusingly obvious.

Email security company GreatHorn has launched a new blog series called Phishing Phails which looks at some of the less successful examples of phishing bait.

Continue reading →

New research from Menlo Security reveals that numbers of fake login pages and forms looking to steal credential are on the increase.

The majority of attacks are serving Outlook and Office 365 logins, reflecting the widespread use of these services across corporate environments.

Continue reading →

A new report looking at trends in DMARC adoption shows that while take up of the identity verification technology is increasing, three billion messages per day are still spoofing the sender's identity.

The study from Valimail shows that email remains a favourite attack route, implicated in over 90 percent of all cyberattacks with the pandemic providing a new focus.

Continue reading →

The move to home working provided new opportunities for phisherfolk, but as many people start to return to their offices the attackers are pivoting to exploit that too.

A new report from email phishing protection specialist INKY shows attacks are capitalizing on vulnerability and the desire for accurate information about returning to the office in-person.

Continue reading →

The past few months have seen plenty of news surrounding COVID-19 vaccines, from the buzz surrounding roll outs to fears of possible side effects.

As always with a major news event cybercriminals seek to exploit the opportunity it presents. Cloud-native email security company GreatHorn has identified a new pattern of techniques being used to exploit the unease of vulnerable email users by spoofing critical vaccine information.

Continue reading →

Researchers at Cybereason have detected a new campaign targeting US taxpayers with documents that purport to contain tax-related content.

These deliver NetWire and Remcos -- two powerful and popular RATs which can allow attackers to take control of the victims' machines and steal sensitive information. The malicious documents used are roughly 7MB in size, which allows them to evade traditional AV mechanisms and heuristic detection.

Continue reading →

As mobile device usage continues to grow within enterprises the security risk increases too. Mobile browsers get patched less often and other threats come from phishing and malicious document downloads.

To combat these problems Menlo Security is extending its cloud-based Secure Web Gateway (SWG) to include web isolation for mobile devices.

Continue reading →

A new report from Akamai looks at the technology shifts and usage patterns of 2020 noting a 30 percent jump in internet traffic thanks to COVID-19 lockdowns.

It also highlights criminals taking advantage worldwide, targeting all business sectors and industries, including information technology and security.

Continue reading →

Business-related applications such as Zoom, Microsoft and DocuSign, now account for 45 percent of impersonation-related phishing attacks as cybercriminals seek to cash in on the vulnerabilities of remote work.

This is one of the findings of a new report from email security company GreatHorn which collected data from over 580 participants working across a diverse set of roles within the information technology security market.

Continue reading →

During 2020 Microsoft maintained its position as the brand most often found in phishing emails, followed by Facebook and PayPal.

Email defense specialist Vade Secure has released its 2020 Phishers' Favorites report which also shows that cloud services overtook financial services to become the most impersonated industry, whilst cynical hackers have been quick to exploit the COVID-19 pandemic.

Continue reading →