Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
email
What happens after a malicious email reaches employees’ inboxes?

On average, it takes three and half days (83 hours) from the moment a malicious email attack lands in an employees inbox, to when it is discovered by a security team or …

idea
Cybersecurity leaders lacking basic cyber hygiene

Constella Intelligence released the results of a survey that unlocks the behaviors and tendencies that characterize how vigilant organizations’ leaders are when it comes to …

phishing
Exploiting common URL redirection methods to create effective phishing attacks

“Simple” can often be harder than “complex.” When thinking about the trickiest phishing campaigns and their components, URL redirection does not immediately come to mind as …

Phishing
Attackers can teach you to defend your organization against phishing

People click on links and attachments and will, unfortunately, keep clicking even if they should know better. They’ll click for the chance of winning a holiday, or even …

Hand
Cybercriminals evolving their tactics to exploit collective human interest

Phishing activity increased significantly in the first few months of 2020, taking advantage of pandemic-induced product shortages and increased usage of streaming services, …

ransomware
61% of organizations impacted by ransomware in 2020

Enterprises faced unprecedented cybersecurity risk in 2020 from increasing attack volume, the pandemic-driven digital transformation of work, and generally deficient cyber …

Microsoft Exchange
FBI removes web shells from hacked Microsoft Exchange servers

Authorities have executed a court-authorized operation to copy and remove malicious web shells from hundreds of vulnerable on-premises versions of Microsoft Exchange Server …

Tackling cross-site request forgery (CSRF) on company websites

Everyone with half a mind for security will tell you not to click on links in emails, but few people can explain exactly why you shouldn’t do that (they will usually offer a …

DMARC
Only 14% of domains worldwide truly protected from spoofing with DMARC enforcement

While the DMARC enforcement rate increases, 3 billion messages per day are still spoofing the sender’s identity, Valimail reveals. Email continues to be an effective way to …

biohazard
Years-old MS Office, Word flaws most exploited to deliver malware

29% of malware captured was previously unknown – due to the widespread use of packers and obfuscation techniques by attackers seeking to evade detection, according to a HP …

email danger
Data is most at risk on email, with 83% of organizations experiencing email data breaches

95% of IT leaders say that client and company data is at risk on email, an Egress report reveals. Additionally, an overwhelming 83% of organizations have suffered data …

email
The rise of non-English language spear phishing emails

Business email compromise (BEC) threats are one of the many tried-and-tested tactics cybercriminals use to target their victims. These tend to be brief messages with only a …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools