Making HTTPS phishing sites easier to spot
For years, we taught users that a website’s URL that includes https at its very beginning is a relatively good indicator of whether they can safely input sensitive …
phishing
Criminalization of DNS for phishing continues to advance
Cybercriminals have been shifting their tactics markedly, by registering more and more domain names, rather using web servers and domains they have hacked into. These …
Email-borne threats: Watch your inbox closely on Thursdays
Malicious email attachment message volume spikes more than 38% on Thursdays over the average weekday volume. Ransomware attackers in particular favor sending malicious …
Why people are at the heart of your information security success
In this podcast, Perry Carpenter, Chief Evangelist and Strategy Officer at KnowBe4, talks about the human side of security. Are humans the weakest link? Why do people fall for …
Enterprise endpoint security: Millions of devices still running outdated systems
Duo Security analyzed the security health of 4.6 million endpoint devices, including 3.5 million mobile phones across multiple industries and geographic regions. With …
New Gmail anti-phishing features rely on machine learning
Google has announced several new security features and improvement of existing ones in order to protect Gmail users against phishing emails. New features The new features are …
Hackers hosted tools on a Stanford University website for months
Compromising legitimate websites and the web servers that store and deliver them is a time-honoured tactic of opportunistic hackers, and a failure to keep them out can result …
Analyzing phishing attacks against 500,000 mailboxes at 100 organizations
Phishing has evolved from a mere nuisance into a global epidemic in which organizations of all sizes and across all industries are being negatively impacted at high frequency. …
Number of HTTPS phishing sites triples
When, in January 2017, Mozilla and Google made Firefox and Chrome flag HTTP login pages as insecure, the intent was to make phishing pages easier to recognize, as well as push …
DocuSign breached, stolen info used for targeted phishing campaign
Phishing emails impersonating electronic signature technology provider DocuSign are not an unusual sight, but the latest campaign has the added advantage of specifically …
