Email Security News, Articles and Updates
Just because a company offers a cybersecurity training program to its employees doesn't mean it's necessarily doing enough to change workers' dangerous online behaviors, according to a report from Experian and Ponemon Institute.
The ACLU petitioned a federal court to join Microsoft's lawsuit to force the U.S. government to notify its customers of email and cloud storage searches.
The 2012 LinkedIn data breach may be the breach that just keeps on giving with the news that 117 million customer email credentials originating from that hack were found for sale on the dark web.
The Anti-Phishing Working Group observed more phishing attacks in the first quarter of 2016 than in any other three-month span since it began tracking data in 2004, according to the anti-cybercrime coalition.
Although an Adobe update to its Flash program fixed a zero-day vulnerability, attackers are still taking advantage of it as many users have failed to install the patch.
The infamous hacker Guccifer, who claims to have infiltrated Hillary Clinton's email servers while she was Secretary of State, will reportedly plead guilty today to at least one of the federal charges for which he was extradited to the U.S.
Researchers at endpoint security solutions company Invincea have discovered a new variant of Cerber ransomware that could lock out legitimate users, while still allowing attackers to potentially launch DDoS attacks against other networks.
Operation Ke3chang, the APT that in 2013 was discovered targeting Europe-based Ministries of Foreign Affairs, not only apparently remains active but also seems to be leveraging a new family of malware called TidePool.
With the news of over 100 million user login credentials being stolen from online professional networking website LinkedIn, the industry offers it's viewpoints on passwords, the GDPR and LinkedIn's choice of encryption.
Basketball fans have heard of the "Hack-a-Shaq" strategy. But yesterday, the NBA's Milwaukee Bucks franchise publicly acknowledged that the entire team was hacked — by a cybercriminal.
Researchers have discovered a malware-based APT dating back to 2008 that at least appears to target political enemies of Ukraine, including pro-Russia separatists in the disputed eastern region of the country.
Figuring out to defend against phishing attacks, along with how to train company workers to identify and report these ubiquitous scams instead of clicking on them was the focal point of the final panel held today at the inaugural SC Congress Atlanta.
Hundreds of different banking Trojans attack Android users, one being Android.SmsSpy.88.origin, which was first spotted in 2014.
FireEye researchers believe a mature and sophisticated criminal operation has been responsible for conducting spearphishing attacks that resulted in more 100 organizations in North America being victimized.
The research firm AppRiver is reporting a new PayPal phishing scam is making the rounds with this version using a phony security message to obtain personal identifiable information.
Point-of-sale (POS) malware is still a clear and present danger, say Proofpoint researchers.
Researchers at Cylance removed some of the mystery surrounding the new ransomware AlphaLocker after accessing its configuration files and subsequently pulling up its admin interface.
St. Agnes Medical Center in Fresno, Calif. reported that about 2,800 staffers had their W-2 information compromised by a spearphishing attack earlier this month.
A vigilante hacker turned the tables on a major Locky ransomware distributor, after hacking into its command and control server and swapping out the malicious payload with a script that contains the message "Stupid Locky."
An employee at a Troy, Mich. Investment firm was tricked using a spearphishing attack into transferring almost $500,000 to a Hong Kong bank.
Marcel Lehel Lazar, better known as the Romanian hacker Guccifer, has claimed in an interview with NBC News that he didn't just publicly expose U.S. presidential candidate Hillary Clinton's email address, but actually broke into her email server.
Hold Security reported that one of its researchers discovered, and then acquired, a mega-size load of 272 million stolen email credentials from a hacker.
Brunswick Corp. reported on May 3 that it was victimized by a spearsphishing scam that netted the W-2 information for possibly all 13,000 current and former company employees.
Criminal outfits are increasingly distributing "designer" spam and malware, customized to optimally target victims in specific geographic regions, according to new research from Sophos' research division, SophosLabs.
Solano Community College in Fairfield, Calif. was hit with a spearphishing attack led to the W-2 information for about 1,200 staffers being compromised.
The Lansing, Mich., Board of Water & Light (BWL) hopes to be fully back online today after suffering a cyberattack earlier this week that knocked the utility's internal computer systems offline.
Over 10 percent of the UK population has pretended to be someone else online by snooping or sending messages through someone else's social media or email accounts without their permission.
Emails sent to businesses demanding payment to avoid a DDoS attack were enough to spur some to pay off, even though no attacks resulted.
Two updates in TeslaCrypt illustrate that ransomware is not only spreading wider, but is also evolving with new capabilities.
The terror attacks that struck Belgium and France also kicked off a period of increased cyber attack activity in both countries, according to a report by Cytegic.
SC Magazine Articles
- GCHQ infosec group disclosed kernel privilege exploit to Apple
- Adobe Flash remains threat as users fail to update, researchers
- Update: 117 million LinkedIn email credentials found for sale on the dark web
- 2.5K Twitter accounts hacked to spread links to adult content
- Russian bank app changes password when users attempt removal
- Some U.S. Bancorp workers' W-2 info exposed in ADP data breach
- Spearphishing attack nets $495K from investment firm
- Updated: Gmail, Yahoo email credentials among millions found on the dark web
- Adobe Flash remains threat as users fail to update, researchers
- Organizations need formal vendor risk management programs, study
- Knock Knock! Unique new backdoor Trojan infecting computers
- CEO sacked after aircraft company grounded by whaling attack
- Workplace security awareness programs lacking in efficacy, says study
- ACLU seeks to join Microsoft in demanding gov't notify customers of email, cloud storage searches
- Latest Flash Exploit being used to create drive-by ransomware attack