Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Email Security

LimaCharlie

Multi-Source Telemetry: Finding Business Email Compromise

This post is the first of a multi-part blog series on various sources of telemetry. At LimaCharlie, we’re a firm believer in visibility. The more an analyst can see about their environment, the more impactful decisions they can make. We are huge fans of multi-source telemetry, bringing visibility from almost anywhere in your environment to one place for analysis, detection, and response capabilities.

ThreatQuotient

Spear Phishing Triage Using ThreatQ and TDR Orchestrator

According to Proofpoint’s 2021 State of the Phish Report, more than 80% of organizations fell victim to a phishing attack last year. Another report from PhishMe found that 91% of cyberattacks start with a phish, and the top reasons people are duped by phishing emails are curiosity (13.7%), fear (13.4%), and urgency (13.2%), followed by reward/recognition, social, entertainment, and opportunity.

lookout

Work and Life Have Intertwined: Why You Need to Protect Against Phishing on Both Fronts

Don't bring your personal life into the office; don't bring your work stuff home — these were already difficult tasks prior to the 2020 pandemic. Now, with hybrid work settling in, they have become nearly impossible to achieve. Where we work is no longer tethered to a static location. From the Wi-Fi we connect to, to the devices we use for work, our personal and professional lives are now closely intertwined.

tripwire

Top Phishing and Social Media Threats: Key Findings from the Quarterly Threat Trends & Intelligence Report

In today’s online landscape, it is crucial for organizations to stay on top of the threats that put their enterprises at risk. Agari and PhishLabs have put together their Quarterly Threat Trends & Intelligence Report detailing their analysis of phishing and social media attacks this quarter. The report presents statistics regarding the volume of attacks, the tactics used by cybercriminals, and the main targets of these attacks, documenting the changes since last quarter.

Trustwave

MailMarshal Upgrade Boosts 'Hard to Detect' Phishing by 40%

Trustwave MailMarshal has received a major upgrade to version 10.0.5 adding proprietary technologies to greatly increase the security tool’s ability to detect phishing emails, spam and malicious URLs. MailMarshal is already highly effective against phishing, but the new version’s phishing detection ability is boosted by being able to detect 40% of previously ‘hard to detect' samples the addition of these new capabilities.

netskope

The Looming Issue with Email Sharing

If you’ve been following my suggestions in this series, then your SaaS sharing configuration now protects sensitive information and your IaaS/PaaS access controls accurately follow the principle of least privilege. Of course, that doesn’t mean you’re done! We must now tame the giant of all file-sharing beasts: email. An email is probably the worst way to share files because there’s no way to limit who sees the file after it is sent.

Arctic Wolf

Recent Phishing Attack Highlights How Hacks Are Changing

Hackers are getting smarter, and phishing is becoming more sophisticated. Most employees know that when an email comes in from a random address, rife with misspellings, and credentials or other private data demands, it’s absolutely a phishing scam. But what if, as an employee, you got a text to update your Okta credentials? What if the link took you to a domain that looked just like your Okta login?

tripwire

Email and cybersecurity: Fraudsters are knocking

Can you remember your first email? Either sending one, or receiving it? I certainly remember explaining to people what email was, and I also remember someone telling me they could live without their email server for “about a month before it becomes a problem”. Can you imagine that now? A month without email?