Page 3 - Anti-Phishing, DMARC - information risk management

Article

SANS Institute Sees Its Breach as Teachable Moment

Chinmay Rautmare • August 13, 2020

The SANS Institute, which is known for its cybersecurity training courses, is now planning to turn its own data breach into a teachable moment for its membership.

Whitepaper

State of OT/ICS Cybersecurity Survey

August 10, 2020

The 2019 SANS OT/ICS Security Survey reveals a growing maturity in identifying potential risk and detecting and remediating actual events. People are considered the leading risk for compromise, signaling the need for a blended approach to addressing OT/ICS cybersecurity, one not solely reliant on technology. The top...

►

Article

FBI on China, Election Security and Impact of COVID-19

Tom Field • August 8, 2020

The day after President Trump issued executive orders to ban Chinese-owned social media apps TikTok and WeChat, Sanjay Virmani of the FBI's San Francisco office shared insights on the Chinese cyberthreat, election security and crime trends in the wake of COVID-19.

Article

North Korean Hackers Targeted US Aerospace, Defense Firms

Prajeet Nair • August 1, 2020

Hackers with suspected ties to North Korea targeted U.S. aerospace and defense firms with fake job offer emails sent to employees, according to security firm McAfee. The messages contained malware designed to gain a foothold in networks and gather data.

Article

Microsoft Seizes Domains Used for COVID-19 Phishing Scam

Doug Olenick • July 7, 2020

A U.S. federal court has issued an injunction that gives Microsoft permission to seize control of several malicious domains being used to operate a COVID-19-themed phishing scam, according to recently unsealed court documents.

Webinar

OnDemand | The Post-Pandemic New Normal: Rethink and Rebuild Cyber Security

Jinan Budge, Principal Analyst Serving Security & Risk Professionals, Forrester , Ashwin Pal, Director of Cybersecurity Services, Asia Pacific, Unisys , Gergana Winzer, Industry Director of Cybersecurity, Australia and New Zealand, Unisys • June 25, 2020

The COVID-19 pandemic has put new security pressures on organizations, which are adapting to having large numbers of employees working from home. The threat landscape has changed, and attackers are looking to exploit weaknesses in how organizations have changed access to applications and data assets, which has forced...

Whitepaper

Triton 2.0 & The Future of OT Cyber-Attacks

June 21, 2020

This white paper evaluates the development of known OT attack campaigns, and the wider progression of malware, in order to identify trends and extrapolate future scenarios. Special focus is given to the emergence of AI and machine learning techniques, which have revolutionized cyber defense, and will become even...

Whitepaper

Email Security Threat Report 2020

June 21, 2020

Email and collaboration platforms are the connective tissue of most businesses and organizations, where information is shared, plans are hatched, and alliances formed. Yet email often represents the 'weakest link' in an organization's security strategy - around 94% of cyber-threats originate in the email environment....

Whitepaper

Cyber AI for SaaS Security

June 21, 2020

In this whitepaper, learn why securing today's dynamic workforce requires a new approach. Security teams must be equipped to discern when and how a trusted account has been leveraged for nefarious purposes, and discover how an AI 'immune system' approach to security provides adaptive, autonomous detection capabilities...

Article

Separate Phishing Attacks Target Wells Fargo, BofA Customers

Akshaya Asokan • June 20, 2020

Researchers at two security firms are tracking separate phishing campaigns that are targeting customers of Wells Fargo and Bank of America, according to reports. In each case, the fraudsters are attempting to steal users' credentials using various methods and lures.

Whitepaper

AI-Augmented Attacks and the Battle of the Algorithms

June 19, 2020

This report will document an end-to-end attack lifecycle, and how each stage could leverage elements of the AI 'toolkit' to improve and streamline the process. Attackers will, of course, evolve their tools to drive efficiency gains, however these tradecraft improvements are iterative and do not happen all at once....

Webinar

Your Brand is Being Used as Bait - You Just Don't Know It Yet

Dirk Jan Koekkoek , Danielle Papadakis • June 15, 2020

Without ever confronting an organization's email perimeter, it's easy for cybercriminals to impersonate a brand on the internet. Even unsophisticated attackers can spoof your email domain or host a fake website designed to trick customers, suppliers and employees. Join us to learn about the tactics cybercriminals are...

Article

Gamaredon Group Using Fresh Tools to Target Outlook

Akshaya Asokan • June 13, 2020

The Gamaredon hacking group is now using a new set of malicious tools to compromise Microsoft Outlook as a way of sending spear-phishing emails to victims' contact lists, according to security firm ESET. This hacking group, which appears to have ties to Russia, has primarily targeted Ukraine for years.

Article

Phishing Attack Targeted German COVID-19 Task Force Firm

Ishita Chigilli Palli • June 9, 2020

An ongoing phishing campaign has targeted top officials at a German multinational company tasked with procuring personal protective equipment during the COVID-19 pandemic, according to IBM. While it's not clear if these attacks were successful, they contain the hallmarks of a nation-state group.

Article

Phishing Attacks Traced to Indian Commercial Espionage Firm

Mathew J. Schwartz • June 9, 2020

Surveillance researchers at Citizen Lab have tied thousands of "Dark Basin" corporate espionage phishing attacks to a small Indian cybersecurity firm called BellTroX InfoTech Services. It's led by Sumit Gupta, who was indicted by the U.S. in 2015 for criminal hacking on behalf of private investigators.