Spear phishing attacks are in the news again following the Justice Department's indictment of Russian military intelligence officers for alleged attacks against U.S. politicians and county and state election boards. Here's how to play better phishing defense.
This edition of the ISMG Security Report includes an analysis by Executive Editor Matthew J. Schwartz on President Donald Trump's changing views on election meddling, plus an update on voter data being accidently exposed by a robocalling company.
The key to lowering the risk of employees becoming victims of phishing is to adopt an "adult learning" approach to training, says Brent Maher, CISO at Johnson Financial Group.
In response to Indian banks' slow progress in addressing outdated ATMs, the Reserve Bank of India has ordered all financial services firms in India to upgrade their ATMs in a phased manner, with a final deadline of June 2019.
Many phishing campaigns are very targeted against specific types of users inside an organization, says Ironscale's Brendon Rod, who notes that "70 percent of attacks are targeting just 10 mailboxes or less and around 30 percent are just targeting one mailbox."
Just one click: That's all it takes for a victim to inadvertently grant attackers access to their email account via a third-party application. Here's how to spot signs of OAuth-related hacking and how to defend against it.
Restaurant reservation service OpenTable aims to create an amazing dining experience for its millions of users.
Sift Science enabled OpenTable to scale a highly successful digital gift cards program without increasing risk.
Read the case study to learn how to:
Limit manual review;
Move from a manual...
RSA's most recent Quarterly Fraud Report shows that "newsjacking" is increasingly empowering phishing attacks, says Angel Grant, RSA's director of identity fraud and risk intelligence. The report also shows a continuing surge in mobile app fraud.
File-less malware is a huge security challenge for organizations today, and traditional email security controls aren't sufficient to meet the challenge. It's time for a new approach email security.
The big issue is: The malicious payloads shift so much. It's really easy to do 100 variants of the same malicious...
Business email compromise and account takeover attacks haven't faded; they've just morphed. Attacks are trending away from the old, static form and moving towards bypassing security controls and using social engineering techniques to ensnare victims.
Download this whitepaper on this new wave of attacks and learn...
A group of cybercriminals known for their persistence and precision in executing attacks against banks' ATMs and card processing infrastructures has regrouped despite the arrest of their alleged leader.
Calling Grant West "a one man cybercrime wave," a British judge sentenced him to serve more than 10 years in prison after he admitted to hacking into businesses, spoofing 100 organizations via phishing campaigns and earning profits in bitcoins from the sale of stolen personal details.
The 2018 State of the Phish Report presents analysis of data from tens of millions of simulated phishing attacks sent through our Security Education Platform. The report captures and delivers the types of data infosec professionals are seeking as they develop their own security awareness training programs. These...
Following 33 arrests, police in Europe say they have dismantled a Romanian-led crime gang that used phishing attacks, online scams and fake invoices to steal more than $9 million from victims in Spain, including individuals as well as organizations ranging from hospitals to government agencies.
Security vendor ProtectWise says a series of operating mistakes has allowed it to gain insight into a group, believed to be affiliated with Chinese intelligence, that specializes in stealing code-signing certificates. The certificates allow for the signing of malware that's unlikely to raise security alarms.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.