Email Security

69% of email attacks with malicious attachments in Q2 contained Locky

By

The first five months of 2016 were dominated by malicious email campaigns, the quick emergence of new ransomware variants, one of the largest botnets in the world went dark, and the Angler exploit kit (EK) went silent

Patchwork cyber-espionage campaign branches out to strike businesses

Patchwork cyber-espionage campaign branches out to strike businesses

By

The cyber-gang behind the Patchwork, aka Dropping Elephant, cyber-espionage campaign has expanded its reach outside of government organisations and is now hitting the private sector.

Phishing: What makes people click?

Phishing: What makes people click?

Dr Jules Pagna Disso explains why phishing remains one of the most successful forms of attack, and why staff education is key to tackling the problem.

Phishing scam targets Brexit anxiety

By

A cyber-scam has been unfolding in the wake of the Brexit vote.

Email is dead ... Long live malicious email

Email is dead ... Long live malicious email

email is one of the main routes for delivering malware into the enterprise, but despite frequent reports of its demise, it appears here to stay, so companies had better tailor their security posture accordingly says Carl Leonard.

No inbox left behind: What security education lacks and how we might fix it

No inbox left behind: What security education lacks and how we might fix it

Itay Glick says that new spear-phishing scams suggest that this method of spreading malware will surely continue to grow

New RAA ransomware written in JavaScript discovered

New RAA ransomware written in JavaScript discovered

By

A new variety of ransomware called RAA has been discovered that has the somewhat unusual attribution of being coded in JavaScript instead of one of the more standard programming languages making it more effective in certain situations.

Study claims economic globalisation brings on cyber-risk

By

Businesses have learned to embrace economic globalisation and have expanded operations around the world. A new report from BitSight studies how entering new countries can bring on financial, operational and legal risks, including cyber-risks, to an organisation.

State Dept. criticised for poor records management, Clinton broke rules, IG report says

State Dept. criticised for poor records management, Clinton broke rules, IG report says

By

"Longstanding, systemic weaknesses" prevented the State Department from properly managing cyber-security risks, according to an IG report.

Email error leaks hundreds of Northern Ireland prison officer details

By

An email error made in Northern Ireland has accidentally leaked the personal details of hundreds of prison officers working in the country to an outside contractor.

Eastern Ukraine separatists seemingly targeted in Operation Groundbait APT

Eastern Ukraine separatists seemingly targeted in Operation Groundbait APT

By

Researchers have discovered a malware-based APT dating back to 2008 that at least appears to target political enemies of Ukraine, including pro-Russia separatists in the disputed eastern region of the country.

117 million LinkedIn email credentials found for sale on the dark web

117 million LinkedIn email credentials found for sale on the dark web

By

The 2012 LinkedIn data breach may be the breach that just keeps on giving with the news that 117 million customer email credentials originating from that hack were found for sale on the dark web.

Fetish forum breached: 107,000 users facing major humiliation

By

Over 100,000 users are at risk of public humiliation or blackmail as Rosebutt Board, a web forum dedicated to the 'anal fisting' fetish, has suffered a data breach.

New PayPal phishing scam hooking victims

By

The research firm AppRiver reports a new PayPal phishing scam is making the rounds using a phony security message to obtain personally identifiable information.

The anatomy of a spear-phishing scam, or how to steal US $100M with a fake email

The anatomy of a spear-phishing scam, or how to steal US $100M with a fake email

By

Stealing $100 million (£70.4M) from a major US corporation should be hard than setting up a fake email account, but for one cyber-criminal enterprise this is all it took.

"Beautiful" ransomware arrives

By

Maktub Locker ransomware is targeting its victims with a spam campaign that attempts to trick people into thinking they are getting a terms-of-service update when in fact the attached document contains malware.

Exposed Seagate workers could face years of cyber-attacks

Exposed Seagate workers could face years of cyber-attacks

By

A Seagate employee was victimised by a phishing scam and unknowingly emailed the income tax data for current and some former company employees to an unauthorised third party making them all potentially vulnerable to potential income tax refund fraud.

RSA 2016: Many C-Suite execs unsure of security risks

RSA 2016: Many C-Suite execs unsure of security risks

By

The latest study by IBM Security found that C-Suite executives not directly involved in infosec operations feel it is not necessarily something on which they need to focus, instead believing it is a problem strictly for CISOs.

Over 2/3rds of wearable device owners don't use login credentials

By

Sixty nine percent of wearable device owners say that they don't use login credentials such as passwords, PINs fingerprint scanners and voice recognition to access their devices.

RSA 2016:Trust in the internet imperative to sustain worker productivity

By

One of the more frightening possible result from the seemingly endless stream of hacks taking place is that they degrade public trust in the internet and this could lead to a serious fall off in worker productivity

RSA 2016: Plea for more effective anti-phishing protection

RSA 2016: Plea for more effective anti-phishing protection

By

Email services are failing their customers when it comes to anti-phishing protection, according to Mario Vuksan, one of the presenters at RSA 2016 in San Francisco.

Sony hackers ID'd by Operation Blockbuster security team

Sony hackers ID'd by Operation Blockbuster security team

By

A two-year collaboration by a group of industry security firms has put a name and a modus operandi, if little else, on the group that conducted the 2014 Sony Pictures Entertainment hack.

The future of email security

There was a time 20 or so years ago that email security was fairly straightforward - make sure you have anti-virus software running and remind your users to not click links they don't recognise.

24% increase in DMARC adoption results in plummet of phishing attacks

By

Thanks to the rising growth of Domain-based Message Authentication, Reporting, and Conformance (DMARC) adoption, companies are successfully fighting off phishing attacks and domain spoofing.

Google tightens security in Gmail service

By

Gmail's security is being enhanced to keep its users protected from malware, phishing attacks and other threats.

Brazilian companies being targeted by malicious spam campaign

By

Symantec has discovered a spam campaign targeting Portuguese-language computers specifically focusing on companies based in Brazil with the goal of stealing email accounts to access sensitive corporate information.

UK school awareness on secure logins is lacking

By

A UK school technology supplier has committed to providing secure logins for a service used by many schools.

Let's spam! David Bowie death exploited by social engineering campaign

By

Cyber-criminals wasted no time in exploiting the media attention focused on the passing of rock icon David Bowie.

We can read encrypted emails on BlackBerry devices, Dutch team says

By

Despite an encrypted email service on BlackBerry smartphones, forensic investigators in the Netherlands said they can read encrypted messages sent on the devices.

SC Webcasts UK

Sign up to our newsletters

FOLLOW US