Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Email Security

knowbe4

Phishing Attacks Are Increasingly Targeting Social Media and Smartphone Users

Aug 28, 2024 By Stu Sjouwerman In KnowBe4
Threat actors are increasingly tailoring their attacks to target social media apps and smartphone users, according to a new report from the Anti-Phishing Working Group (APWG). As email security technologies improve, scammers are turning to social media apps, text messages, and voice calls to conduct social engineering attacks.
Read Post
knowbe4

Email Compromise Remains Top Threat Incident Type for the Third Quarter in a Row

Aug 28, 2024 By Stu Sjouwerman In KnowBe4
New analysis of Q2 threats shows a consistent pattern of behavior on the part of threat actors and threat groups, providing organizations with a clear path to protect themselves. It’s every cybersecurity professionals’ worry; whether the security controls they’ve put in place will actually stop attacks.
Read Post
netskope

Phishing in Style: Microsoft Sway Abused to Deliver Quishing Attacks

Aug 27, 2024 By Jan Michael Alcantara In Netskope
In July 2024, Netskope Threat Labs tracked a 2,000-fold increase in traffic to phishing pages delivered through Microsoft Sway. The majority of the credential grabbing pages investigated used “Quishing,” a form of phishing that uses QR code to trick users into accessing a malicious website. The phishing campaigns targeted MS Office credentials, using documents to bait users into logging in.
Read Post
levelblue

Here's How Phishing Messages Break Through Email Filters

Aug 27, 2024 By David Balaban In LevelBlue
Phishing is an email-borne malicious technique aimed at learning the sensitive credentials of users or spreading malware. This practice has been on the list of the top cyber threats to individuals and businesses for years. According to the latest Phishing Activity Trends Report by APWG, the total number of phishing attacks identified in Q1 2024 exceeded 963,000.
Read Post
Trustwave

Trustwave Data Reveals HTML Attachments, QR Codes, and BEC as Top Email Attack Vectors

Aug 26, 2024 By Trustwave In Trustwave
The Trustwave SpiderLabs team regularly collects a trove of data while protecting clients from email-based attacks. HTML attachments, malicious QR codes, and business email compromise (BEC) are the favored attack methods. A recent snapshot of data from June 2024 from Trustwave MailMarshal shows that email-based threat actors still favor HTML attachments to deliver a variety of malware types.
Read Post
knowbe4

The Number of Email-Based Cyber Attacks Detected Surge 239% in 1H 2024

Aug 23, 2024 By Stu Sjouwerman In KnowBe4
New data shows the most prevalent and obvious path into an organization – email – continues to be exploited by a growing number of cybercriminals. Email is one of those technologies that doesn’t seem willing to be replaced by collaborative tools that connect individuals and organizations – in many cases – in far more productive ways. And because of this, cybercriminals continue to leverage email to gain access to users.
Read Post

Friday Flows Episode 33: From Traditional SOAR to Tines Automation: An engineers perspective

Aug 23, 2024 By Tines In Tines
FRIDAY FLOWS #33 Pt.1 - From Traditional SOAR to Tines Automation: An Engineers Perspective A longer form episode with Tino Sif Baksh. An experienced SOAR engineer who has been blown away by Tines' capability since joining. This is part 1 of our chat. Three really simple unique things covered here: How SOAR has changed as a technology and automation going from ‘nice to have’ to ‘need to have’. Building rules into the Tines’ Webhook action to reduce noisy alerts. The power using Tines’ email mode within the receive email action to simplify the Phishing Response workflows.
View Video
teramind

How To Improve Email Security with Data Loss Prevention (DLP)

Aug 22, 2024 By Teramind In Teramind
Email remains a critical communication channel for businesses of all sizes, but it also presents significant data security risks. Data loss prevention (DLP) for email is an essential component of any robust cybersecurity strategy that can help your organization safeguard sensitive information from accidental leaks, malicious insiders, and external threats.
Read Post
knowbe4

Threat Actors Abuse URL Rewriting to Mask Phishing Links

Aug 21, 2024 By Stu Sjouwerman In KnowBe4
Threat actors are abusing a technique called “URL rewriting” to hide their phishing links from security filters, according to researchers at Perception Point. Security tools from major vendors use URL rewriting to prevent phishing attacks, but the same technique can be abused to trick these tools into thinking a malicious link is legitimate.
Read Post
levelblue

How to Use Mailvelope for Encrypted Email on Gmail

Aug 19, 2024 By Kushalveer Singh Bachchas In LevelBlue
In the previous blog we covered how to use PGP keys for encrypting and decrypting emails on desktop clients like Thunderbird and Outlook. Now, let's take a look on securing your emails without too much hassle using OpenPGP on webmail services like Gmail using the Mailvelope extension for Google Chrome.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.