Email Security News, Articles and Updates

Workplace security awareness programs lacking in efficacy, says study

Workplace security awareness programs lacking in efficacy, says study

By

Just because a company offers a cybersecurity training program to its employees doesn't mean it's necessarily doing enough to change workers' dangerous online behaviors, according to a report from Experian and Ponemon Institute.

ACLU seeks to join Microsoft in demanding gov't notify customers of email, cloud storage searches

By

The ACLU petitioned a federal court to join Microsoft's lawsuit to force the U.S. government to notify its customers of email and cloud storage searches.

Update: 117 million LinkedIn email credentials found for sale on the dark web

Update: 117 million LinkedIn email credentials found for sale on the dark web

By

The 2012 LinkedIn data breach may be the breach that just keeps on giving with the news that 117 million customer email credentials originating from that hack were found for sale on the dark web.

APWG report: Phishing surges by 250 percent in Q1 2016

APWG report: Phishing surges by 250 percent in Q1 2016

By

The Anti-Phishing Working Group observed more phishing attacks in the first quarter of 2016 than in any other three-month span since it began tracking data in 2004, according to the anti-cybercrime coalition.

Adobe Flash remains threat as users fail to update, researchers

Adobe Flash remains threat as users fail to update, researchers

By

Although an Adobe update to its Flash program fixed a zero-day vulnerability, attackers are still taking advantage of it as many users have failed to install the patch.

Guccifer reportedly to plead guilty to certain charges; may aid ongoing federal probes

Guccifer reportedly to plead guilty to certain charges; may aid ongoing federal probes

By

The infamous hacker Guccifer, who claims to have infiltrated Hillary Clinton's email servers while she was Secretary of State, will reportedly plead guilty today to at least one of the federal charges for which he was extradited to the U.S.

Variant of Cerber ransomware features bot capabilities that could launch DDoS attacks

Variant of Cerber ransomware features bot capabilities that could launch DDoS attacks

By

Researchers at endpoint security solutions company Invincea have discovered a new variant of Cerber ransomware that could lock out legitimate users, while still allowing attackers to potentially launch DDoS attacks against other networks.

Changing of the TidePool: Operation Ke3chang malware evolves as APT threat reappears

Changing of the TidePool: Operation Ke3chang malware evolves as APT threat reappears

By

Operation Ke3chang, the APT that in 2013 was discovered targeting Europe-based Ministries of Foreign Affairs, not only apparently remains active but also seems to be leveraging a new family of malware called TidePool.

LinkedinGate: industry reacts to

LinkedinGate: industry reacts to

With the news of over 100 million user login credentials being stolen from online professional networking website LinkedIn, the industry offers it's viewpoints on passwords, the GDPR and LinkedIn's choice of encryption.

Spoofing scam goes for the steal, scores Milwaukee Bucks' W-2 forms

Spoofing scam goes for the steal, scores Milwaukee Bucks' W-2 forms

By

Basketball fans have heard of the "Hack-a-Shaq" strategy. But yesterday, the NBA's Milwaukee Bucks franchise publicly acknowledged that the entire team was hacked — by a cybercriminal.

Eastern Ukraine separatists seemingly targeted in Operation Groundbait APT

Eastern Ukraine separatists seemingly targeted in Operation Groundbait APT

By

Researchers have discovered a malware-based APT dating back to 2008 that at least appears to target political enemies of Ukraine, including pro-Russia separatists in the disputed eastern region of the country.

SC Congress Atlanta: The Phish and how to prevent it

SC Congress Atlanta: The Phish and how to prevent it

By

Figuring out to defend against phishing attacks, along with how to train company workers to identify and report these ubiquitous scams instead of clicking on them was the focal point of the final panel held today at the inaugural SC Congress Atlanta.

Banking Trojan has infected at least 40K Android users worldwide

Banking Trojan has infected at least 40K Android users worldwide

Hundreds of different banking Trojans attack Android users, one being Android.SmsSpy.88.origin, which was first spotted in 2014.

Spearphishers using a Windows zero day to attack companies

Spearphishers using a Windows zero day to attack companies

By

FireEye researchers believe a mature and sophisticated criminal operation has been responsible for conducting spearphishing attacks that resulted in more 100 organizations in North America being victimized.

New PayPal phishing scam hooking victims

New PayPal phishing scam hooking victims

By

The research firm AppRiver is reporting a new PayPal phishing scam is making the rounds with this version using a phony security message to obtain personal identifiable information.

AbaddonPOS malware preys on retail POS software

AbaddonPOS malware preys on retail POS software

By

Point-of-sale (POS) malware is still a clear and present danger, say Proofpoint researchers.

Cybercriminals' oversight allows rare inside glimpse into AlphaLocker ransomware

Cybercriminals' oversight allows rare inside glimpse into AlphaLocker ransomware

By

Researchers at Cylance removed some of the mystery surrounding the new ransomware AlphaLocker after accessing its configuration files and subsequently pulling up its admin interface.

2,800 St. Agnes Medical Center workers compromised in W-2 attack

By

St. Agnes Medical Center in Fresno, Calif. reported that about 2,800 staffers had their W-2 information compromised by a spearphishing attack earlier this month.

Hacker pranks 'stupid' Locky distributor, but ransomware threat keeps growing

Hacker pranks 'stupid' Locky distributor, but ransomware threat keeps growing

By

A vigilante hacker turned the tables on a major Locky ransomware distributor, after hacking into its command and control server and swapping out the malicious payload with a script that contains the message "Stupid Locky."

Spearphishing attack nets $495K from investment firm

Spearphishing attack nets $495K from investment firm

By

An employee at a Troy, Mich. Investment firm was tricked using a spearphishing attack into transferring almost $500,000 to a Hong Kong bank.

Guccifer hacker boasts he hacked into Hillary Clinton's email server

Guccifer hacker boasts he hacked into Hillary Clinton's email server

By

Marcel Lehel Lazar, better known as the Romanian hacker Guccifer, has claimed in an interview with NBC News that he didn't just publicly expose U.S. presidential candidate Hillary Clinton's email address, but actually broke into her email server.

Updated: Gmail, Yahoo email credentials among millions found on the dark web

Updated: Gmail, Yahoo email credentials among millions found on the dark web

By

Hold Security reported that one of its researchers discovered, and then acquired, a mega-size load of 272 million stolen email credentials from a hacker.

Brunswick Corp.'s 13,000 workers' W-2 data compromised

By

Brunswick Corp. reported on May 3 that it was victimized by a spearsphishing scam that netted the W-2 information for possibly all 13,000 current and former company employees.

Localized "designer" malware campaigns all the rage, says Sophos

Localized "designer" malware campaigns all the rage, says Sophos

By

Criminal outfits are increasingly distributing "designer" spam and malware, customized to optimally target victims in specific geographic regions, according to new research from Sophos' research division, SophosLabs.

1,206 Solano Community College employees victimized in W-2 data breach

By

Solano Community College in Fairfield, Calif. was hit with a spearphishing attack led to the W-2 information for about 1,200 staffers being compromised.

Cyberattack knocks Lansing utility offline

Cyberattack knocks Lansing utility offline

By

The Lansing, Mich., Board of Water & Light (BWL) hopes to be fully back online today after suffering a cyberattack earlier this week that knocked the utility's internal computer systems offline.

37% of Brits share personal login details with friends or partners

37% of Brits share personal login details with friends or partners

Over 10 percent of the UK population has pretended to be someone else online by snooping or sending messages through someone else's social media or email accounts without their permission.

Empty email threats reap payoff for Armada Collective

Empty email threats reap payoff for Armada Collective

By

Emails sent to businesses demanding payment to avoid a DDoS attack were enough to spur some to pay off, even though no attacks resulted.

New version of TeslaCrypt ups ante for ransomware

New version of TeslaCrypt ups ante for ransomware

By

Two updates in TeslaCrypt illustrate that ransomware is not only spreading wider, but is also evolving with new capabilities.

Cytegic finds ties between terror and cyberattacks

Cytegic finds ties between terror and cyberattacks

By

The terror attacks that struck Belgium and France also kicked off a period of increased cyber attack activity in both countries, according to a report by Cytegic.

RECENT COMMENTS

Sign up to our newsletters

FOLLOW US