What happens after a malicious email reaches employees’ inboxes?
On average, it takes three and half days (83 hours) from the moment a malicious email attack lands in an employees inbox, to when it is discovered by a security team or …
Cybersecurity leaders lacking basic cyber hygiene
Constella Intelligence released the results of a survey that unlocks the behaviors and tendencies that characterize how vigilant organizations’ leaders are when it comes to …
Exploiting common URL redirection methods to create effective phishing attacks
“Simple” can often be harder than “complex.” When thinking about the trickiest phishing campaigns and their components, URL redirection does not immediately come to mind as …
Attackers can teach you to defend your organization against phishing
People click on links and attachments and will, unfortunately, keep clicking even if they should know better. They’ll click for the chance of winning a holiday, or even …
Cybercriminals evolving their tactics to exploit collective human interest
Phishing activity increased significantly in the first few months of 2020, taking advantage of pandemic-induced product shortages and increased usage of streaming services, …
61% of organizations impacted by ransomware in 2020
Enterprises faced unprecedented cybersecurity risk in 2020 from increasing attack volume, the pandemic-driven digital transformation of work, and generally deficient cyber …
FBI removes web shells from hacked Microsoft Exchange servers
Authorities have executed a court-authorized operation to copy and remove malicious web shells from hundreds of vulnerable on-premises versions of Microsoft Exchange Server …
Tackling cross-site request forgery (CSRF) on company websites
Everyone with half a mind for security will tell you not to click on links in emails, but few people can explain exactly why you shouldn’t do that (they will usually offer a …
Only 14% of domains worldwide truly protected from spoofing with DMARC enforcement
While the DMARC enforcement rate increases, 3 billion messages per day are still spoofing the sender’s identity, Valimail reveals. Email continues to be an effective way to …
Years-old MS Office, Word flaws most exploited to deliver malware
29% of malware captured was previously unknown – due to the widespread use of packers and obfuscation techniques by attackers seeking to evade detection, according to a HP …
Data is most at risk on email, with 83% of organizations experiencing email data breaches
95% of IT leaders say that client and company data is at risk on email, an Egress report reveals. Additionally, an overwhelming 83% of organizations have suffered data …
The rise of non-English language spear phishing emails
Business email compromise (BEC) threats are one of the many tried-and-tested tactics cybercriminals use to target their victims. These tend to be brief messages with only a …