Database Containing Extensive Information of 200 Million Americans Exposed Online
Mar24

Database Containing Extensive Information of 200 Million Americans Exposed Online

A database on the Google Cloud platform containing 800 gigabytes of data and over 200 million user records has been misconfigured and was exposed online, according to researchers at CyberNews. The database contained a folder that included detailed information on around 200 million Americans, including full names, phone numbers, email addresses, dates of birth, credit ratings, home addresses, mortgaged property addresses, number of...

Read More
WHO Director-General Impersonated in Spam Campaign Delivering HawkEye Keylogger and Malware Downloader
Mar20

WHO Director-General Impersonated in Spam Campaign Delivering HawkEye Keylogger and Malware Downloader

Another coronavirus-themed phishing campaign has been detected impersonating the World Health Organization (WHO), or more specifically, the Director-General of WHO, Dr. Tedros Adhanom Ghebreyesus. The campaign was identified by security researchers at IBM X-Force Threat Intelligence who report that several waves of spam have already been delivered. The threat actors behind the campaign are using spam emails to distribute a malware...

Read More
Microsoft Announces Takedown of Necurs Botnet
Mar11

Microsoft Announces Takedown of Necurs Botnet

Microsoft has announced it has seized the U.S. command and control infrastructure of the Necurs botnet and has taken steps to prevent the infrastructure from being recreated. The Necurs botnet is one of the largest spamming and malware distribution networks ever created. The botnet consists of more than 9 million zombie devices that have been infected with Necurs malware and are under the control of the botnet operators. The botnet is...

Read More
Several New Coronavirus-Themed Phishing Scams and Malspam Campaigns Detected
Mar09

Several New Coronavirus-Themed Phishing Scams and Malspam Campaigns Detected

Further email campaigns have been detected that are using the novel coronavirus (COVID-19) outbreak as a lure to spread malware, phish for sensitive data, and fool people into making donations to fake charities. The World Health Organization has previously issued a warning that cybercriminals were using its logos in malicious email campaigns and those campaigns have continued. Campaigns have also been detected impersonating the...

Read More
What is a DNS Filter?
Feb29

What is a DNS Filter?

In this post we explain what a DNS filter is, why DNS filtering is important for cybersecurity, and other advantages of DNS filtering, but first it is useful to explain what the DNS is and why it is essential to the correct functioning of the internet. What is the Domain Name System? The Domain Name System (DNS) is the brainchild of Paul Mockapetris. In 1983, Mockapetris and his team developed the DNS to support the growth of email...

Read More
74% of Phishing Sites Now Use HTTPS
Feb27

74% of Phishing Sites Now Use HTTPS

The latest phishing activity trends report from the Anti-Phishing Working Group (APWG) shows a decline in the number of detected phishing sites after the 3-year high seen in Q3, 2019. Between October 2019 and December 2019, 162,155 phishing sites were detected, down from 266,387 in Q3. In Q4, 2019, the number of phishing site detections was closer to the mean level in 2019. An average of 333 brands were impersonated in phishing...

Read More
Phishers’ Favorite Report Reveals Massive Increase in WhatsApp Phishing URLs
Feb26

Phishers’ Favorite Report Reveals Massive Increase in WhatsApp Phishing URLs

The Q4, 2019 Phishers’ Favorite report from email security firm Vade Secure shows PayPal is the most impersonated brand in phishing attacks, making it two successive quarters at the top of the list. In Q4, 2019, Vade Secure detected 11,392 new PayPal phishing URLs at a rate of 124 new URLs a day. While the number of new PayPal URLs fell 31.2% from Q3, 2019, detections are up 23% on this time last year. Second place went to Facebook,...

Read More
Fresh Warnings Issued About Coronavirus Phishing Scams
Feb18

Fresh Warnings Issued About Coronavirus Phishing Scams

Fresh warnings have been issued about coronavirus phishing scams that are being conducted to steal sensitive data and spread malware. Multiple threat actors are taking advantage of fear about COVID-19 to conduct attacks, and as February has progressed, the number of COVID-19-themed phishing campaigns has increased dramatically. Earlier this month, the U.S. Federal Trade Commission (FTC) issued an alert warning that cybercriminals were...

Read More
Phishing Attack Results in $2.6 Million Loss for Puerto Rico Government
Feb17

Phishing Attack Results in $2.6 Million Loss for Puerto Rico Government

A Puerto Rican government employee has been duped by a phishing scam and wired more than $2.6 million to an account controlled by the scammers. The money had been allocated for remittance payments and was sent to a seemingly legitimate bank account on January 17, but it was later discovered that the transfer was fraudulent. The Puerto Rico government has managed to freeze some of the funds, and efforts are ongoing to recover the...

Read More
BEC Attacks Account for More Than Half of All Losses to Cybercrime
Feb13

BEC Attacks Account for More Than Half of All Losses to Cybercrime

Business email compromise attacks are the most financially damaging form of cybercrime, according to the 2019 Internet Crime Report from the FBI’s Internet Crime Complaint Center (IC3). In 2019, IC3 received 467,361 complaints about cybercrime and victims of those crimes reported losses of $3.5 billion. BEC attacks only accounted for 23,775 of those attacks (5.08%), yet they resulted in losses of $1.77 billion – 50.57% of all reported...

Read More
Threat from Phishing Highlighted on Safer Internet Day
Feb11

Threat from Phishing Highlighted on Safer Internet Day

Today is Safer Internet Day, a global event aimed at promoting safer use of online technology and the creation of a safe and stimulating online environment for everyone. Making the internet a safe and better place for children is a major focus of this year’s events. Initiatives have been launched to promote the benefits of the internet and draw attention to the risks of internet use. The internet can be a dangerous place and...

Read More
Ashley Madison Extortion Scams Show Repercussions from Data Breaches Can Last Forever
Feb04

Ashley Madison Extortion Scams Show Repercussions from Data Breaches Can Last Forever

Almost five years ago, Ashley Madison experienced a massive data breach. Hackers stole the information from 32 million accounts and the data was dumped online. Included in that data set were names, phone numbers, addresses, credit card details, passwords and other sensitive information. That information was used in a plethora of scams, spam campaigns, and many users suffered fraud as a result. There were even several suicides as a...

Read More
Evil Corp Resumes Operations Using New Phishing Tactic to Deliver RAT
Feb03

Evil Corp Resumes Operations Using New Phishing Tactic to Deliver RAT

A hacking group known as Evil Corp, aka TA505, has resumed its malicious activities and has adopted a new phishing tactic for delivering malware. The hacking group has been active since at least 2014 and primarily targets financial institutions and retailers. Large spam campaigns are conducted using the Necurs botnet. Evil Corp was targeted by law enforcement in the United States in late 2019 with U.S. authorities offering up to $5...

Read More
Beware of Coronavirus Themed Phishing Attacks
Jan31

Beware of Coronavirus Themed Phishing Attacks

The novel coronavirus that originated in the province of Wuhan in China has now spread to other countries, with Japan and Thailand the worst affected so far with 14 cases. People are naturally worried about infection and with good reason. More than 200 people are known to have died so far. In Japan, people have been receiving emails warning of new infections in their prefectures. The emails have file attachments that appear to be...

Read More
55% of Organizations Were Successfully Phished in 2019
Jan27

55% of Organizations Were Successfully Phished in 2019

Phishing is the most common method of attacking organizations and it continues to cause problems for IT departments and considerable losses for organizations. A new report from Proofpoint has revealed the extent of phishing and how often the attacks succeed. The data for the report came from a survey of more than 3,500 working adults and 600 cybersecurity professionals in Australia, France, Germany, Japan, Spain, the United States,...

Read More
CISA Warns of Increase in Emotet Malware Activity
Jan24

CISA Warns of Increase in Emotet Malware Activity

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning over an increase in Emotet malware activity. The Emotet botnet sprung back to life on January 13, 2020 with largescale spamming campaigns detected spreading the Emotet Trojan. The Emotet Trojan is a modular malware that serves as a banking Trojan, information stealer, and malware downloader. The Trojan can move...

Read More
Microsoft Database of 250 Million Records Exposed Online
Jan23

Microsoft Database of 250 Million Records Exposed Online

Microsoft has announced that one of its databases has been accidentally exposed online. The database could over the internet without the need for authentication. The database was found by security researchers at Comparitech, who reported the security issue to Microsoft. Microsoft immediately secured the database and launched an investigation to determine how long the data had been exposed and whether it had been accessed by...

Read More
TitanHQ’s Web and Email Security Solutions Now Available for Pax8 Partners
Jan22

TitanHQ’s Web and Email Security Solutions Now Available for Pax8 Partners

Pax8, the multi-award-winning cloud distribution company, has formed a new strategic partnership with TitanHQ, the leading provider of cloud-based email and web security solutions for managed service providers serving the SMB market. In order to block an increasingly diverse range of cyberthreats and effectively mitigate risk, a layered approach to security is required. Cybersecurity solutions need to be used to protect mobile...

Read More
Microsoft Takes Down 50 Phishing Domains Used by North Korea-Backed Threat Group
Jan02

Microsoft Takes Down 50 Phishing Domains Used by North Korea-Backed Threat Group

Microsoft has sought help from the courts to take down domains used by the North Korea-backed hacking group, Thallium (APT37). After securing the court order from the U.S. District Court for the Eastern District of Virginia, 50 that were being used by the hacking group to attack the United States have now been seized. Microsoft’s Digital Crimes Unit (DCU) and Threat Intelligence Center (MSTIC) have been tracking the activity of the...

Read More
SpamTitan Scores Big on Business Review Websites
Dec16

SpamTitan Scores Big on Business Review Websites

TitanHQ is the leading provider of cloud-based email security to Managed Service Providers (MSPs) serving the SMB market and its email security solution, SpamTitan, is well loved by SMBs and MSPs alike. SpamTitan is consistently rated highly by end users on the leading business software review sites and is routinely awarded scores in excess of 4.5 out of 5 by end users, with a high percentage giving top marks across all rating...

Read More
Microsoft Issues Warning About Spear Phishing Attacks
Dec03

Microsoft Issues Warning About Spear Phishing Attacks

Phishing attacks have been increasing steadily throughout 2019. Most of the phishing emails being sent are part of large campaigns sent randomly using huge lists of email addresses, but not all. Some of the campaigns are far more targeted and are sent to only a handful of individuals – To individuals in a specific department in a company, for instance. Some of the attacks are even more targeted and are just sent one person. These...

Read More
Google Sent 12,000 Warnings About State-Sponsored Phishing and Hacking Campaigns in Q3, 2019
Nov29

Google Sent 12,000 Warnings About State-Sponsored Phishing and Hacking Campaigns in Q3, 2019

A recent report from Google’s Threat Analysis Group (TAG) has shed light on the extent to which government-sponsored hacking and phishing campaigns are being conducted. In Q3, 2019, Google sent more than 12,000 warnings to users about state-sponsored phishing campaigns. These hacking, phishing, and disinformation campaigns have remained steady over the past two years, with a similar number of warnings issued in the corresponding...

Read More
Phishing Attacks at Highest Level Since 2016
Nov20

Phishing Attacks at Highest Level Since 2016

A new report from the Anti-Phishing Working Group (APWG) shows phishing attacks are occurring at levels not seen since 2016. The quarterly phishing reports from APWG are compiled from data supplied by APWG members such as Agari, MarkMonitor, RIskIQ, and PhishLabs. The reports provide insights into the methods used by phishers and the extent to which businesses and consumers are being attacked. In Q3, 2019, more than 86,000 unique...

Read More
New Phishing Campaign Detected Targeting Office 365 Administrators
Nov19

New Phishing Campaign Detected Targeting Office 365 Administrators

PhishLabs has identified an ongoing phishing campaign targeting Office 365 administrators. The aim of the campaign is to obtain Office 365 admin credentials. Phishers face several challenges. Their own domains are likely to have a low trust score, which makes it easy for antispam solutions to identify their messages as malicious. To get around this issue, they need to obtain the credentials for a legitimate email account on a clean...

Read More
CISA Issues Warning About Holiday Season Scams
Nov12

CISA Issues Warning About Holiday Season Scams

‘Tis the season to be jolly, especially if you are a scammer. In the run up to holiday season, cybercriminals go into overdrive and are ready and waiting to take advantage of the millions of online shoppers looking to secure a bargain. Holiday season scams are plentiful, highly varied, convincing, and often successful. This year, the U.S. government is warning consumers to be on high alert for holiday season scams that aim to obtain...

Read More
Ministry of Justice Phishing Scam Uses Subpoena Notification as Lure
Nov07

Ministry of Justice Phishing Scam Uses Subpoena Notification as Lure

A new phishing campaign has been detected that uses subpoenas from the UK Ministry of Justice as a lure to get users to click a link that triggers the download of a malicious Word document that installs the Predator the Thief information stealer. As with countless other phishing campaigns, the emails use fear and urgency to get users to take action. The emails appear to have been sent from a Ministry of Justice email account, include...

Read More
Office 365 Phishing Scam Uses Offer of a Pay Rise as a Lure
Nov05

Office 365 Phishing Scam Uses Offer of a Pay Rise as a Lure

A new phishing scam has been detected targeting Office 365 users which attempts to convince employees to visit a website hosting a phishing form using an offer of a pay rise as a lure. According to Cofense, the emails used in the campaign spoof a company’s HR department and appear to have been sent internally. This is achieved through the manipulation of the nickname that is displayed by the mail client. The emails contain a link to a...

Read More
Proofpoint Acquires ObserveIT in $225 Million Deal
Nov05

Proofpoint Acquires ObserveIT in $225 Million Deal

The Sunnydale, CA-based cybersecurity firm Proofpoint has announced it has entered into a definitive agreement to acquire the data loss prevention (DLP) and insider threat management firm ObserveIT for $225 million. For several months there has been speculation that Proofpoint will be moving into DLP to better protect its clients from sophisticated cyberattacks and insider threats. The announcement has confirmed that that those...

Read More
Office 365 Users Targeted with Phishing Emails Containing Incomplete Voicemail Messages
Oct31

Office 365 Users Targeted with Phishing Emails Containing Incomplete Voicemail Messages

A phishing campaign has been identified targeting Office 365 users that includes an incomplete voicemail message as a lure to get them to visit a malicious website and enter their Office 365 credentials. The emails have been crafted to appear as automated messages from Microsoft that require “immediate attention.” The messages include a summary of the call and voicemail message, such as the telephone number, the date the message was...

Read More
Phishing Campaign Identified Targeting NGOs and United Nations
Oct29

Phishing Campaign Identified Targeting NGOs and United Nations

A sophisticated spear phishing campaign has been identified by security researchers at Lookout Inc. that is targeting the United Nations and nongovernment organizations (NGOs). The spear phishing campaign has targeted United Nations officials, the Red Cross, Red Crescent societies the Heritage Foundation and other NGOs. It is not known who is behind the campaign, but the malicious sites are hosted in Malaysia on IPs that have...

Read More
7.5 Million Adobe Creative Cloud Users Warned of Data Breach
Oct28

7.5 Million Adobe Creative Cloud Users Warned of Data Breach

Adobe has announced that a vulnerability has exposed the private information of approximately 7.5 million Adobe Creative Cloud users. The information was contained in an Elasticsearch database, which could be accessed by anyone via a web browser without any authentication required. Fortunately, only basic customer information was exposed. No financial information or passwords were stored in the database, only basic information about...

Read More
145 Month Jail Term for U.S. Superior Court Hacker Who Used LASC System to Send Phishing Emails
Oct24

145 Month Jail Term for U.S. Superior Court Hacker Who Used LASC System to Send Phishing Emails

In July 2017, Oriyomi Sadiq Aloba, 33, of Katy, TX, hacked into the computer system of the Los Angeles Superior Court (LASC). Aloba conducted a phishing attack and compromised the email account of a LASC worker. That individual’s email account was then used to send spear phishing emails to other Superior Court employees. The phishing emails included a link to a shared file on Dropbox. Instead, the link directed employees to a website...

Read More
Gartner Peer Insights Customers’ Choice for Email Security for 2019
Oct23

Gartner Peer Insights Customers’ Choice for Email Security for 2019

The Lexington, MA-based email security company Mimecast has been named a Gartner Peer Insights Customers’ Choice for Email Security for 2019. Gartner Peer Insights is a review platform for IT products and services where users of software and services can submit reviews of their experiences with the solutions. The platform includes more than 215,000 verified customer reviews in 340 markets. When sufficient numbers of reviews are...

Read More
Research Universities Targeted by ‘Silent Librarian’ Hacking Group
Oct16

Research Universities Targeted by ‘Silent Librarian’ Hacking Group

The start of the academic year has seen the Silent Librarian (TA407) hacking group launch new phishing campaigns targeting research universities. The hacking group is believed to be backed by the Iranian government and is highly active at the start and end of an academic year. The campaigns were detected by security researchers at Proofpoint and Secureworks, who intercepted several emails containing hyperlinks to malicious websites...

Read More
Business Email Compromise Attacks Increased by 269% in Q2, 2019
Oct09

Business Email Compromise Attacks Increased by 269% in Q2, 2019

Figures from Mimecast show there has been a sharp rise in business email compromise (BEC) attacks in Q2, 2019. Compared to Q1, 2019, BEC attacks increased by 269% in Q2. Business email compromise attacks involve the use of a compromised business email account to conduct attacks on employees within the organization or their customers. The latter are now much more common than CEO fraud attacks, which involve impersonating the CEO and...

Read More
SpamTitan Named Leader in G2 Crowd 2019 Summer Grid Report for Cloud Email Security
Sep19

SpamTitan Named Leader in G2 Crowd 2019 Summer Grid Report for Cloud Email Security

The independent business software review platform, G2 Crowd, has named SpamTitan leader in cloud email security in its Grid Summer 2019 Report. This is the third consecutive quarter where SpamTitan has been named leader in cloud-based email security, and this quarter is joined by Proofpoint Email Security Protection and Barracuda Email Security Gateway. The G2 Crowd Grid reports rate companies based on market presence and customer...

Read More
New IRS Tax Refund Phishing Campaign Distributes Amadey Botnet
Sep19

New IRS Tax Refund Phishing Campaign Distributes Amadey Botnet

A new phishing campaign has been detected targeting U.S. taxpayers offering fake tax refunds. The emails spoof the Internal Revenue Service (IRS) and claim that the recipient is entitled to claim a tax refund. The emails include a “Login Right here” button for users to click to arrange their tax refund together with a one-time password. If the button is clicked, the user will be directed to a spoofed IRS login page where the password...

Read More
Don’t Neglect the Human Factor – Employee Security Awareness Training is Essential
Sep13

Don’t Neglect the Human Factor – Employee Security Awareness Training is Essential

Cybercriminals are attacking businesses by exploiting the weakest link in the security chain – Employees. Attacks exploiting the human factor are far easier to pull off that attempting to find remote code execution vulnerabilities. They are also much quicker and less resource-heavy than brute force attacks. A single phishing email can be all it takes for malware to be installed on a network or for account credentials and sensitive...

Read More
Two Thirds of UK Employees Do Not Receive Regular Email Security Training
Sep10

Two Thirds of UK Employees Do Not Receive Regular Email Security Training

A recent study by cybersecurity firm Tessian suggests two thirds of UK employees do not receive regular email security training in the workplace. Consequently, UK firms face a high risk of experiencing a costly phishing attack or malware/ransomware infection. For the study, Tessian conducted a survey on 1,000 UK workers at firms with more than 100 employees. Only a third of respondents said their employer provided regular security...

Read More
Proofpoint Partners with CrowdStrike to Better Protect Endpoints and Email Systems from Cyberattacks
Sep05

Proofpoint Partners with CrowdStrike to Better Protect Endpoints and Email Systems from Cyberattacks

Proofpoint has announced it has formed a strategic partnership with CrowdStrike to help joint customers improve endpoint security and defend against email -based cyberattacks. CrowdStrike is a leading provider of cloud-delivered endpoint security and Proofpoint has developed a suite of solutions that provide protection from advanced threats and helps identify and address compliance risks. The partnership will initially see...

Read More
43% of UK SMEs Have Experienced an Email Impersonation Attack in the Past 12 Months
Sep04

43% of UK SMEs Have Experienced an Email Impersonation Attack in the Past 12 Months

43% of UK small and medium-sized enterprises (SMEs) in the United Kingdom have experienced a business email compromise (BEC) or email impersonation attack in the past 12 months, according to a new study by data analytics firm, CybSafe. For the study, CybSafe surveyed 250 IT decision makers from SMEs in the United Kingdom and asked about the cybersecurity incidents they had experienced and the measures they have put in place to thwart...

Read More
Google Docs Phishing Campaign Bypasses Email Security Solutions to Deliver TrickBot Trojan
Sep03

Google Docs Phishing Campaign Bypasses Email Security Solutions to Deliver TrickBot Trojan

A phishing campaign has been detected that uses Google Docs to bypass email security solutions and ensure the emails are delivered to end users’ inboxes. The campaign was detected by security researchers at Cofense, who found the emails were bypassing Proofpoint’s email security gateway solution and were not identified as malicious. The scammers use a legitimate Google account to send emails that link to a document on Google Docs. The...

Read More
Digital Extortion and Fileless Malware Attacks Have Soared in 1H, 2019
Sep02

Digital Extortion and Fileless Malware Attacks Have Soared in 1H, 2019

The first 6 months of 2019 have seen significant increases in business email compromise (BEC) attacks, ransomware attacks, and other forms of cyber extortion, according to a mid-year cybersecurity roundup from Trend Micro. The report, titled Evasive Threats, Pervasive Effects, provides insights into the current threat landscape and the main threats currently faced by businesses. Ransomware attacks have increased significantly, but the...

Read More
Phishing Campaign Uses Fake Resumes Used to Deliver Quasar RAT
Aug29

Phishing Campaign Uses Fake Resumes Used to Deliver Quasar RAT

Fake resumes are being used in a phishing campaign targeting HR departments which delivers Word documents containing a malicious macro that downloads the Quasar Remote Access Trojan (RAT), according to Cofense researchers. The Quasar RAT is an open source malware available on GitHub. The malware is used by many APT groups for espionage, network exploitation, logging keystrokes, stealing passwords, recording webcam footage, and taking...

Read More
Multi-Factor Authentication Stops 99.9% of Automated Cyberattacks
Aug28

Multi-Factor Authentication Stops 99.9% of Automated Cyberattacks

A new report from Microsoft suggests 99.9% of all automated cyberattacks on Microsoft platforms and other online services are blocked by multi-factor authentication, highlighting the importance of this security measure for stopping data breaches. Microsoft says that there are more than 300 million fraudulent sign-in attempts to Microsoft cloud services every day and that figure is steadily growing. There are also around 167 million...

Read More
IRS Warns of Phishing Scam Targeting Taxpayers and Tax Professionals
Aug27

IRS Warns of Phishing Scam Targeting Taxpayers and Tax Professionals

The Internal Revenue Service (IRS) has issued a warning to U.S. taxpayers and tax professionals about a new nationwide phishing campaign that is spreading keylogging malware. The emails appear to have been sent by the IRS and alerts taxpayers and tax professionals to an issue with their electronic tax returns. Users are required to click the link in the email to access information about their tax refund. The emails include a hyperlink...

Read More
Researchers Provide Insights into Motivations Behind Healthcare Cyberattacks
Aug22

Researchers Provide Insights into Motivations Behind Healthcare Cyberattacks

A new report from FireEye provides insights into the motivations behind cyberattacks on U.S. healthcare organizations. The report shows patient information is not the only type of sensitive data being sought. There has been a marked increase in cyberattacks on cancer research institutes and medical institutions for the research data they hold. The attacks are being conducted by Advanced Persistent Threat (APT) groups affiliated to...

Read More
Study Highlights Risk of Lateral Phishing Attacks
Aug21

Study Highlights Risk of Lateral Phishing Attacks

Phishing is the use of impersonation to trick another person into disclosing sensitive information. Phishing can take place over the Internet, telephone, or via text message, but email is the most common attack vector. There are many reasons for compromising email accounts and a variety of tactics are used depending on the end goal. With Business Email Compromise (BEC) the aim is to gain access to the CEO’s email account and use it to...

Read More
Custom 404 Pages Used to Serve Fake Microsoft Office 365 Login Forms
Aug19

Custom 404 Pages Used to Serve Fake Microsoft Office 365 Login Forms

A new phishing campaign has been detected by security researchers at Microsoft that uses custom 404 pages to display a fake Office 365 login form. A single domain is used in this campaign and a custom 404 page is created that displays the fake Office 365 login form. The custom 404 page is displayed when any visitor to the website attempts to visit a non-existent web page. Since any URL could be entered to generate the 404 page, the...

Read More
New Threat Intelligence Report Provides Insights into Email-Based Malware Attacks
Aug08

New Threat Intelligence Report Provides Insights into Email-Based Malware Attacks

A new report has been released that contains an analysis of the most common malware threats that are delivered via email, the most targeted industry sectors, and some of the tactics and techniques cybercriminals are using to infiltrate business networks. For its Threat Intelligence Report: Black Hat Edition 2019, Mimecast analyzed more than 67 billion emails that its email security solution rejected from more than 160 billion messages...

Read More
Massive 540+ Website Spoofing Campaign Identified
Aug07

Massive 540+ Website Spoofing Campaign Identified

A massive spoofing campaign has been detected targeting customers of Walmart and other well-known brand which attempts to get them to part with sensitive personal information. The campaign was detected by DomainTools, which identified more than 540 malicious domains that had been set up by the same threat actor. The websites included job sites, online dating sites, movie download sites, and numerous sites targeting fortune 500 brands...

Read More
TitanHQ Partners with Leading UK MSP, OneStopIT
Aug05

TitanHQ Partners with Leading UK MSP, OneStopIT

TitanHQ has announced it has partnered with one of the leading managed service providers in the UK, OneStopIT. Edinburgh-based OneStopIT was formed in 2003 to help small- and medium-sized businesses implement enterprise-grade IT solutions and best practices at an affordable price. Under the new partnership, OneStopIT will be offering its customers protection from email threats with SpamTitan Email Security, web-based threat protection...

Read More
U.S. Utilities Targeted in Phishing Campaign Spreading New RAT
Aug05

U.S. Utilities Targeted in Phishing Campaign Spreading New RAT

U.S. utilities are being targeted in a phishing campaign distributing a new malware variant called LookBack. The spear phishing campaign impersonates a U.S. engineering licensing board and lures recipients into opening an attached Word document. The emails impersonate the U.S. National Council of Examiners for Engineering and Surveying (NCEES) and claim that the recipient has failed an NCEES examination. Further information about the...

Read More
Mid-Year Threat Report Shows Rise in Ransomware-as-a-Service and IoT Malware Threats
Jul28

Mid-Year Threat Report Shows Rise in Ransomware-as-a-Service and IoT Malware Threats

SonicWall’s 2019 Cyber Threat Report shows a there has been a 20% fall in malware attacks in the first half of 2019, but there have been increases in IoT malware, ransomware, cryptojacking, and encrypted threats. Globally, ransomware attacks have increased by 15% in the first 6 months of 2019, with the United Kingdom being increasingly targeted. Ransomware attacks in the UK are up 195% in 2019. The rise in attacks is largely due to...

Read More
Vade Secure Adds Auto-Remediate Feature to its Office 365 Email Security Solution
Jul26

Vade Secure Adds Auto-Remediate Feature to its Office 365 Email Security Solution

Vade Secure has announced it has launched a new email security feature for Managed Service providers (MSPs) to allow them to better protect their clients’ Office 365 environments with minimal management overhead. The new feature – Auto-Remediate for Vade Secure for Office 365 – provides a layer of continuous, automated protection for Office 365 through the use of artificial intelligence and machine learning. Vade Secure uses...

Read More
Phishing Campaign Targets Administrator Credentials with Office Alerts
Jul22

Phishing Campaign Targets Administrator Credentials with Office Alerts

A new phishing campaign has been identified which uses Office 365 admin alerts as a lure to get administrators to click and disclose their login credentials. A hacker can use phishing emails to obtain Office 365 credentials and gain access to an employee’s email account. That account can be used to send further phishing emails to contacts and colleagues. The hacker also has access to sensitive data in emails and email attachments. If...

Read More
Phishing Campaign Uses Fake Office 365 Site to Download Trickbot Trojan
Jul19

Phishing Campaign Uses Fake Office 365 Site to Download Trickbot Trojan

The Trickbot Trojan is being distributed via a new fake Office 365 phishing website. The website is virtually identical to official Microsoft Office 365 site, complete with a realistic looking URL – get-office365[.]live. Nothing appears untoward on the site. Even all the URLs point to webpages on Microsoft domains. However, a few seconds after landing on the site a popup warning will appear from either the Chrome Update Center...

Read More
Phishing Campaign Uses SHTML Files to Redirect Users to Malicious Websites
Jul19

Phishing Campaign Uses SHTML Files to Redirect Users to Malicious Websites

A novel new phishing campaign has been detected that uses an unusual method of directing users to malicious websites that harvest credentials. Phishing campaigns typically use embedded hyperlinks in the message body. Advanced email security solutions can detect and assess the URLs to determine whether they are malicious. To get around this, hyperlinks are often hidden in documents or macros or scripts are hidden in other types of...

Read More
$301 Million Lost to BEC Scams Every Month
Jul18

$301 Million Lost to BEC Scams Every Month

The number of successful Business Email Compromise (BEC) scams has increased significantly over the past two years, according to a new financial trend analysis report from FinCEN. BEC scams involve gaining access to a business email account and using that account to send a request to the payroll or accounts department requesting a wire transfer be made. In order for the scam to work, the compromised account must belong to someone who...

Read More
2019 Beyond the Phish Report Reveals Employees Have Significant Cybersecurity Knowledge Gaps
Jul12

2019 Beyond the Phish Report Reveals Employees Have Significant Cybersecurity Knowledge Gaps

A survey conducted by the Sunnyvale, CA-based cybersecurity company Proofpoint has revealed end users are unsure how to protect sensitive data and lack the skills to identify phishing threats. For the latest Beyond the Phish report, Proofpoint analyzed the responses to almost 130 million cybersecurity questions in 14 categories. The survey was conducted on employees in 16 industries across 20 different department classifications. The...

Read More
City of Griffin Wires $800,000 to BEC Scammers
Jul10

City of Griffin Wires $800,000 to BEC Scammers

A business email compromise attack on the city of Griffin, GA, has resulted in two payments totaling $800,000 being made to accounts controlled by the scammers. Business email compromise (BEC) attacks are scams in which the email account of a company is compromised and used to send a request to the finance department or a third party to make a fraudulent wire transfer payment. Access to the email is usually gained with a spear...

Read More
Phishing-as-a-Service Helping to Fuel Increase in Phishing Attacks
Jul02

Phishing-as-a-Service Helping to Fuel Increase in Phishing Attacks

If a task is time consuming or difficult, there is usually someone willing to offer it as a service. That can now be said of phishing. There are a growing number of criminals offering phishing-as-a-service to help wanna-be criminals conduct phishing campaigns. At the basic level, phishing is a relatively straightforward way of attacking an organization. It is also low cost and requires little in the way of hacking skill. That said,...

Read More
QR Code Phishing Scam Targets Cofense Customers
Jun28

QR Code Phishing Scam Targets Cofense Customers

A new phishing campaign has been detected that uses QR codes to hide the hyperlink to a phishing webpage. Not only does this tactic bypass security solutions that search for potentially malicious URLs, by using a QR code the recipient must switch from the business network to their mobile phone to view the document. The corporate network may have a web filter, sandboxes, and other cybersecurity protections to prevent users from...

Read More
General Catalyst Enters into €70 Million Finance Agreement with Vade Secure
Jun16

General Catalyst Enters into €70 Million Finance Agreement with Vade Secure

Vade Secure has announced it has secured €70 million in funding from General Catalyst. The money will be invested in machine learning technology for its predictive email security solution to improve its threat detection capabilities and for improvements to its email security solution for Office 365. Vade Secure is also planning a major global expansion and part of the finance will be used to expand its global footprint and accelerate...

Read More
Emotet was the Biggest Email Threat in Q1
May31

Emotet was the Biggest Email Threat in Q1

A new report from Proofpoint has confirmed Emotet was the biggest email-based threat in the first quarter of 2019. The popularity of the malware is not surprising. While Emotet was once just a banking Trojan, it can now be used to deliver other malware variants and can even distribute itself automatically by sending copies of itself via spam email on a compromised device. Emotet is now classed as a botnet, as it is being used to...

Read More
TrickBot Trojan Now Using URL Redirects to Fool End Users and Cybersecurity Solutions
May21

TrickBot Trojan Now Using URL Redirects to Fool End Users and Cybersecurity Solutions

The Trickbot banking Trojan is one of the biggest cyber threats faced by businesses. Trickbot is primarily a banking Trojan that is used to obtain login credentials to online bank accounts. The malware can also steal from Bitcoin wallets and harvest email credentials and steal other sensitive data. The malware is one of the most active banking Trojans in use, second only to Emotet. The malware is primarily distributed via spam and...

Read More
International Law Enforcement Operation Shuts Down Goznym Malware Gang
May17

International Law Enforcement Operation Shuts Down Goznym Malware Gang

The international criminal gang behind the infamous Goznym malware has been disbanded following a complex law enforcement investigation in Bulgaria, Germany, Georgia, Moldova, Ukraine, and the United States. The investigation has resulted in indictments for ten defendants, five of whom have been apprehended: Two in Germany, one in Bulgaria, one in Moldova, and the alleged leader of the gang in Georgia. Five Russian nationals involved...

Read More
DHS Cybersecurity and Infrastructure Security Agency Issues Guidelines for O365 Migrations
May14

DHS Cybersecurity and Infrastructure Security Agency Issues Guidelines for O365 Migrations

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued a set of guidelines and best practices to help organizations migrate to Microsoft Office 365 and avoid introducing vulnerabilities that could make it easier for cybercriminals to conduct attacks and gain access to Office 365 accounts. There has been a major increase in the number of organizations that have transitioned to...

Read More
Antivirus Tool Used by Dharma Ransomware to Hide Malicious Activity
May10

Antivirus Tool Used by Dharma Ransomware to Hide Malicious Activity

Security researchers at Trend Micro have discovered the threat actors behind Dharma ransomware are using a legitimate AV tool to hide the malicious activities of their ransomware. Dharma ransomware first surfaced in 2016 and has since been used in many attacks on businesses, in particular attacks on healthcare organizations in the United States. The ransomware variant is distributed via spam email which contains a link to a web page...

Read More
Chinese Nationals Charged over 78.8 Million-Record Anthem Inc Hack
May10

Chinese Nationals Charged over 78.8 Million-Record Anthem Inc Hack

The U.S. Department of Justice has announced that two Chinese nationals have been charged over the 2015 hacking of Anthem Inc., and three other cyberattacks on U.S. businesses. In February 2015, Anthem Inc., discovered its systems had been infiltrated. Further investigation revealed the records of 78.8 million plan members had been stolen in what was, and still is, the largest healthcare data breach ever to be discovered. On Thursday,...

Read More
Verizon 2019 Data Breach Investigations Report Reveals Latest Cyberattack Trends
May08

Verizon 2019 Data Breach Investigations Report Reveals Latest Cyberattack Trends

Verizon has released its 2019 Data Breach Investigations Report. The annual report provides an in-depth analysis of global data breaches, new cyberattack trends, and an overview of the current threat landscape. This is the 12th consecutive year that Verizon has produced the report and this year’s instalment is most extensive DBIR report released to date.  Verizon now collects data from 73 sources and included 41,686 reported security...

Read More
Popular Mail Clients Vulnerable to Digital Signature Spoofing Attacks
May01

Popular Mail Clients Vulnerable to Digital Signature Spoofing Attacks

Digital signatures confirm the sender of an email is genuine, that an email is authentic, and has not been intercepted and altered in transit. However, vulnerabilities have been identified in the implementation of digital signature technology in several popular email clients which could be exploited in digital signature spoofing attacks. Were that to happen, the recipient of an email would likely believe the communication is genuine...

Read More
Biggest Malware Threats in Healthcare Revealed
Apr30

Biggest Malware Threats in Healthcare Revealed

A recent report from Malwarebytes has revealed Trojans are the biggest malware threat. Trojans account for 79% of all malware detected on healthcare systems by Malwarebytes. The Emotet Trojan is the leading malware variant, accounting for 37% of all detected Trojans. While the Emotet Trojan was once just a banking Trojan concerned with obtaining credentials to online bank accounts, it has since evolved to include a wide range of...

Read More
Latest Phishing Attack Trends Revealed
Apr26

Latest Phishing Attack Trends Revealed

Proofpoint has released its Q4 2018 quarterly threat analysis which reveals the latest phishing attack trends and provides an insight into the types of individuals being targeted in email attacks. Email attacks on businesses are conducted for a variety of reasons, most commonly to fool employees into installing malware or ransomware, to obtain login credentials, or convince employees to make fraudulent wire transfers or divulge...

Read More
FBI’S 2018 Internet Crime Report Shows Massive Increase in BEC Attack Losses
Apr24

FBI’S 2018 Internet Crime Report Shows Massive Increase in BEC Attack Losses

The Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3) has released its 2018 Internet Crime Report which shows there was a dramatic rise in losses due to cybercrime in 2018. In 2018, IC3 received 351,936 complaints involving more than $2.7 billion in losses. That represents an increase in losses of more than 92% compared to 2017. 2018 accounted for 36% of all losses from the past five years and complaints about...

Read More
Security Researcher Who Thwarted WannaCry Ransomware Pleads Guilty to Malware Development and Distribution
Apr23

Security Researcher Who Thwarted WannaCry Ransomware Pleads Guilty to Malware Development and Distribution

The security researcher who identified and activated the kill switch in WannaCry ransomware in 2017 and played a critical role in stopping the global attacks has pleaded guilty to helping to develop and distribute banking Trojans. Marcus Hutchins (aka MalwareTech) was initially called a hero for his role in blocking the WannaCry attacks in May 2017; however, in August of the same year, he was arrested by the FBI in the United States...

Read More
Google to Start Blocking Logins from Embedded Browsers to Help Combat MitM Attacks
Apr23

Google to Start Blocking Logins from Embedded Browsers to Help Combat MitM Attacks

Sign-ins to Google from embedded browser frameworks will soon be blocked. Google announced on Thursday, April 18 that the change is being made to improve protections against man-in-the-middle (MitM) attacks. Embedded browser frameworks are often used in phishing attacks to automate user activity. If a user visits a phishing website that spoofs the Google login page and is requested to enter their Google credentials, the attacker could...

Read More
Phishing Attacks Increased by 40.9% in 2018
Apr17

Phishing Attacks Increased by 40.9% in 2018

The 2019 Phishing Trends and Intelligence Report from PhishLabs shows there was a 40.9% increase in phishing attacks in 2018. Attacks increased steadily during Q1 and continued at a high level in Q2 and Q3, with a decline in attacks in Q4. The analysis of attacks shows the tactics used by cybercriminals are constantly changing. New types of attacks were detected in 2018 which exploited changes in the digital landscape. Targets also...

Read More
DHS and FBI Issue Warning About New North Korean Hoplight Trojan
Apr16

DHS and FBI Issue Warning About New North Korean Hoplight Trojan

The U.S Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have both issued advisories about a new Trojan called Hoplight which is being used by the Lazarus APT group. Lazarus is a North Korea-backed hacking group, also known as Hidden Cobra, Zinc, and Nickel Academy. The hacking group primarily uses spear phishing to install malware on high value targets. The group is primarily concerned with...

Read More
A Quarter of Phishing Emails Bypass Office 365 Anti-Phishing Defenses
Apr12

A Quarter of Phishing Emails Bypass Office 365 Anti-Phishing Defenses

Microsoft Office 365 default anti-phishing defenses are bypassed by a quarter of all phishing emails, according to new research from cybersecurity firm Avanan. Avanan conducted a study of 52 million emails which had been assessed by Office 365 Exchange Online Protection (EOP). 25% of phishing emails were determined to be non-malicious and were delivered to inboxes. In addition, a further 5.3% of emails were delivered as they had been...

Read More
Tech Companies Still Not Implementing DMARC to Block Phishing Attacks
Apr01

Tech Companies Still Not Implementing DMARC to Block Phishing Attacks

A recent study by Valimail has revealed only 10.5% of large tech companies have correctly implemented the DMARC email authentication protocol to block phishing attacks that spoof email domains. There are several frameworks and protocols that can be adopted to help prevent domain spoofing and authenticate emails. These are Domain-based Message Authentication, Reporting, and Conformance (DMARC), Sender Policy Framework (SPF),...

Read More
Europol Meets with Industry Leaders to Discuss Ways to Combat Phishing
Apr01

Europol Meets with Industry Leaders to Discuss Ways to Combat Phishing

Europol has hosted a meeting with 70 industry experts to discuss ways to tackle the growing problem of phishing and business email compromise attacks. According to the 2018 Verizon Data Breach Investigations Report, a single spear phishing attack costs a business an average of $1.6 million to resolve. The FBI reports that business email compromise attacks have resulted in losses of more than $12.5 billion since October 2013. To tackle...

Read More
Webinar: New DMARC and Sandboxing Features of SpamTitan Email Security Solution Explained
Mar28

Webinar: New DMARC and Sandboxing Features of SpamTitan Email Security Solution Explained

Cybercriminals are launching ever more sophisticated attacks on businesses, which require more powerful cybersecurity solutions to protect against attacks. One of the most common methods of attack is email and this is an area where security defenses often fall short. Even with robust perimeter defenses, cybercriminals can gain access to business networks by targeting the weakest link: Employees. Phishing attacks are becoming more...

Read More
New Report Identifies Latest Spear Phishing Trends
Mar21

New Report Identifies Latest Spear Phishing Trends

Researchers at email security firm Barracuda have conducted a study to identify current spear phishing trends and the tactics most commonly used to attack businesses and obtain sensitive information. Spear phishing is a highly targeted form of phishing. Campaigns tend to involve low numbers of emails that have been carefully crafted for attacks on a particular industry, company, or individual. Targets are usually researched, and...

Read More
MFA Bypassed in IMAP-Based Attacks on Office 365 and G Suite Accounts
Mar15

MFA Bypassed in IMAP-Based Attacks on Office 365 and G Suite Accounts

Multi-factor authentication can prevent accounts from being accessed if passwords are stolen or obtained using brute force tactics; however, Proofpoint has discovered that multi-factor authentication is being bypassed on Office 365 and G Suite accounts using the legacy IMAP protocol. The IMAP authentication protocol bypasses MFA and attackers are able to avoid being locked out of accounts. The methods used made failed login attempts...

Read More
Healthcare Employees Vulnerable to Phishing Attacks
Mar14

Healthcare Employees Vulnerable to Phishing Attacks

The healthcare industry appears to have more than its fair share of phishing attacks. Barely a week goes by without a major phishing attack being reported by a healthcare provider in the United States. Healthcare organizations are targeted by cybercriminals as they hold valuable data. Healthcare records contain information that can be used for multiple types of fraud and the records sell for big bucks on darknet marketplaces....

Read More
SpamTitan Email Security Solution Now Incorporates Sandboxing and DMARC Authentication
Mar13

SpamTitan Email Security Solution Now Incorporates Sandboxing and DMARC Authentication

SMB and MSP email security solution provider TitanHQ has announced a major update of its SpamTitan email security solution. New features have been added to the solution to provide even greater protection against sophisticated phishing attacks and new malware threats. The new layers of security were applied to the solution this week and are now available to customers at no extra cost. The past few years have seen a major increase in...

Read More
1 in 61 Delivered Emails Contains a Malicious URL
Mar08

1 in 61 Delivered Emails Contains a Malicious URL

A new report from Mimecast has revealed cybercriminals are increasingly using malicious URLs in phishing emails to obtain credentials and deliver malware. Mimecast’s figures show there has been a 126% increase in delivered emails that contain malicious URLs between August 2018 and February 2019. The company has analyzed more than 28.4 million emails that had been determined to be safe by email security solutions and were delivered to...

Read More
New Microsoft Report Details 2018 Phishing Trends
Mar06

New Microsoft Report Details 2018 Phishing Trends

Microsoft’s latest Security Intelligence Report provides information on 2018 phishing trends, the changing tactics of cybercriminals, and ransomware, cryptojacking and malware attack statistics. 2018 Ransomware Trends 2017 saw ransomware attacks dominated the threat landscape; however, as the year progressed ransomware started to fall out of favor with cybercriminals and that trend continued throughout 2018. While ransomware attacks...

Read More
IRS Launches 2019 Campaign to Raise Awareness of Tax Scams with Phishing Warning
Mar05

IRS Launches 2019 Campaign to Raise Awareness of Tax Scams with Phishing Warning

The IRS has launched its annual campaign to raise awareness of tax scams that are highly prevalent during tax season. The Dirty Dozen campaign details 12 common tax scams that taxpayers, tax professionals and businesses need to be aware of and take steps to avoid. In the run up to the deadline for submitting 2018 tax returns, cybercriminals increase their efforts to obtain the personal information of taxpayers. The information can be...

Read More
UConn Health Phishing Attack Impacts 326K Patients
Feb25

UConn Health Phishing Attack Impacts 326K Patients

A UConn Health phishing attack in December has potentially allowed an unauthorized individual to gain access to the health information of hundreds of thousands of patients. The attack was detected on December 24, 2018, and all email accounts were secured to prevent further unauthorized access. It is unclear for how long the attacker had control of the accounts. The breach may have dated back months. During the time that accounts could...

Read More
Businesses Targeted in Ongoing Credential-Stealing Separ Malware Phishing Attack
Feb21

Businesses Targeted in Ongoing Credential-Stealing Separ Malware Phishing Attack

An ongoing phishing campaign is targeting businesses and distributing the information-stealing Separ malware. The campaign has mostly concentrated on businesses in South East Asia and the Middle East, although some businesses in North America have also been attacked. The Separ information stealer has been in use since September 2017, with earlier versions of the info-stealer dating back to 2013. The latest campaign, which uses an...

Read More
Trickbot Trojan Updated to Obtain VNC, PuTTY, and RDP Credentials
Feb19

Trickbot Trojan Updated to Obtain VNC, PuTTY, and RDP Credentials

The Trickbot banking Trojan has been updated with a new module which is capable of obtaining VNC, PuTTY, and remote desktop credentials. The latest variant of Trickbot is being distributed in a tax season-themed phishing campaign involving emails that offer help with recent changes to the U.S. tax code to reduce tax bills. The emails appear to have been sent by the accounting organization Deloitte and have a tax incentive-related...

Read More
FINRA Issues Phishing Warning to Brokerage Firms
Feb19

FINRA Issues Phishing Warning to Brokerage Firms

The Financial Industry Regulatory Authority (FINRA) has issued a warning to brokerage firms about a new phishing campaign. The scam involves spam emails which appear to have been sent from a credit union alerting the brokerage firm to potential money laundering by one of their clients. The email messages appear to have been sent by a BSA-AML compliance officer at a legitimate Indiana-based credit union and contain details of the...

Read More
Phishing Campaign Leverages Google Translate to Steal Google and Facebook Credentials
Feb11

Phishing Campaign Leverages Google Translate to Steal Google and Facebook Credentials

A phishing campaign has been detected that abuses Google Translate to make the phishing webpage appear to be an official login page for Google. The phishing emails in the campaign are similar to many other campaigns that have been run in the past. The messages have the subject “Security Alert” with a message body virtually identical to the messages sent by Google when a user’s Google account has been accessed from an unfamiliar device...

Read More
New BEC Campaign Targets Executives
Feb06

New BEC Campaign Targets Executives

Business email compromise attacks involve the impersonation of a high-level executive, often the CEO or CFO. The attacks often start with a spear phishing email to obtain the credentials of the CEO/CFO. If the credentials are obtained, the email account is used to send requests to employees. During tax season, W-2 Form data for all employees is often requested or requests are sent to the finance department to make wire transfers to...

Read More
Office 365 Phishing Campaign Uses SharePoint Collaboration Request as Lure
Feb06

Office 365 Phishing Campaign Uses SharePoint Collaboration Request as Lure

A single Office 365 username/password combination can give a hacker access to a vast quantity of sensitive information. Information detailed in emails can be of great value to competitors, identity thieves, and other fraudsters. Office 365 credentials also give hackers access to cloud storage repositories that can contain highly sensitive business information and compromised accounts can be used to distribute malware and conduct...

Read More
2019 State of the Phish Report Reveals Increase in Successful Phishing Attacks
Jan29

2019 State of the Phish Report Reveals Increase in Successful Phishing Attacks

The Proofpoint 2019 State of the Phish Report has revealed that while phishing is still used to infect users with malware, 70% of phishing attacks are concerned with obtaining credentials. In the past 12 months there has been a major increase in phishing attacks. The last time the report was produced in 2017, 38% of InfoSec professionals reported having experienced at least one account compromise as a result of a phishing attack in...

Read More
Fake Google Update Installer Used to Install AZORult Trojan
Jan28

Fake Google Update Installer Used to Install AZORult Trojan

Researchers at Minerva Labs have identified a new AZORult Trojan campaign that installs the malware through a fake Google update installer. The AZORult Trojan is an information stealer that can obtain system information, cookies, passwords stored in browsers, browser histories, information from saved files, banking credentials, and cryptocurrency wallets. The malware is also used as a downloader of other malware variants and is...

Read More
Cofense Launches New Managed Security Service Provider Anti-Phishing Program
Jan19

Cofense Launches New Managed Security Service Provider Anti-Phishing Program

A new Managed Security Service Provider (MSSP) program has been launched by Cofense to help MSSPs deliver advanced anti-phishing solutions to their SMB clients to improve protection against sophisticated phishing attacks. Phishing is now the number one cybersecurity threat faced by SMBs. Phishing serves as an easy attack vector for cybercriminals and is one that is often used to gain access to business networks. Phishing is used to...

Read More