Trustwave MailMarshal will receive a massive upgrade on March 28 that will add four new levels of functionality, including an improved dashboard interface, the ability to detect and halt malicious QR codes, the ability to scan and divert potentially damaging images, and DNS-based Authentication of Named Entities (DANE).

Analysis of a new initial access malware attack shows how simple these attacks can be while also proving that malware can reside on legitimate repositories. Security analysts at cybersecurity company Fortinet dissect the methods and actions taken by a new malicious Java-based downloader intent on spreading the remote access trojans (RAT) VCURMS and STRRAT.

Multi-factor authentication (MFA) is widely recognized as an important control to make our accounts more secure by providing protection beyond just passwords. When MFA is enabled, we tend to think our accounts are safe from unauthorized access — but what if we said it's time to rethink this belief?

You're browsing your inbox and spot an email that looks like it's from a brand you trust. Yet, something feels off. This might be a phishing attempt, a common tactic where cybercriminals impersonate reputable entities — we've written about the top 50 most impersonated brands used in phishing attacks. One factor that can be used to help evaluate the email's legitimacy is its Top-Level Domain (TLD) — the part of the email address that comes after the dot.

As the threat landscape continues to evolve, cybercriminals are relentlessly refining their phishing tactics. This means that many of the tips and tricks organizations have told their employees to use in the past to spot a malicious email are no longer as effective in safeguarding their digital environments. Here, we dissect three commonly cited phishing detection strategies and unveil their limitations in the face of advanced cyber threats.

Email makes modern communications work. We use email for keeping in touch with friends and family, organizing business activities, and tracking a variety of other needs. But how does email actually work and why do you get so many spam emails? That all comes down to email messaging protocols.

A Phishing-as-a-Service (PhaaS) platform called “Tycoon 2FA” has surged in popularity over the past several months, according to researchers at Sekoia. The phishing kit is notable for its focus on bypassing victims’ multi-factor authentication measures.

The FBI’s Internet Crime Complaint Center (IC3) newly-released Internet Crimes Report provides an unbiased big picture of the cyber crimes that were the most used and most successful. A few weeks ago we covered the alarming trends on ransomware, and FBI’s IC3 division took in over 880,000 complaints last year from individuals and businesses about every cyber crime being committed. Unfortunately, the details on overall cyber crime show things are not improving.

Read also: E-Root Marketplace admin sentenced, an IT-contractor jailed for cyber fraud, and more.

Criminals have always been among the first to adopt the latest technology to benefit themselves financially. Famed bank robbers Bonnie and Clyde used high-powered V-8 engine-equipped Ford cars to outrun local police. Other gangs used the telephone to help coordinate their activities, and some realized they could gain an edge by outgunning security and police by toting Thomson submachine guns.