A large-scale phishing-as-a-service operation is shifting tactics to allow attackers to avoid anomaly detection by using localized IP addresses, warns Microsoft. The U.S. Secret Service has reported that BEC incidents cost global enterprises more than $43 billion in losses over a five-year span.
While security tools have become more adept at detecting payloads in emails, attacks that lack known indicators and rely instead on impersonation/social engineering tactics are successfully bypassing these traditional controls and reaching inboxes. If an organization’s email security controls are not effective...
While historically the origin of most business email compromise (BEC) attacks has been West Africa, residing in Nigeria certainly isn’t a requirement for BEC attackers. Indeed, the subject of this report is a sophisticated threat group based in Israel.
The group is unique in that they impersonate executives and...
Every year, threat actors look for new tactics to outwit victims and bypass defenses. And 2022 was no different. As businesses rolled out new security controls, cyber criminals found new, sophisticated ways to attack people.
In our ninth annual State of the Phish report, we dive deep into complex new techniques...
Email is your most essential business tool—and today’s top malware delivery vector. This vital communications channel has become fertile ground for today's most damaging cyber threats and all kinds of fraud. Because email threats inherently target people, an effective cybersecurity program focuses on people first....
Email platform attacks are a rising threat, accounting for more than $4 million in losses. There are three common types of attacks including, account takeover and MFA bypass, malicious app integration and over-permissioned apps, and privilege escalation and Insider threats.
Preventing these attacks requires a...
Over a five-year span, reported BEC incidents cost global enterprises more than $43 billion in losses. This trend has the attention of the U.S. Secret Service. Agents Kevin Cooke and Abigail Tyrrell discuss why law enforcement partnerships and speed of response are more critical than ever.
Watch this 45-minute webinar and listen to the conversation where we delve into current threat trends and provide real-world examples of these attacks, enabling you to better prepare for and safeguard your most valuable assets: your data and your people.
The scary fact is that human error is a contributing factor in more than 90% of breaches, and even the world’s most successful organizations have significant weaknesses in their cybersecurity defenses. With so many technical controls in place hackers are still getting through to your end users, making them your last...
A U.S. federal judge sentenced a Nigerian national to four years in prison for running several cyber-enabled schemes aimed at defrauding U.S. citizens out of more than $1 million. The men were arrested four years ago and extradited to Arizona in 2022 from Malaysia and the United Kingdom.
Stung by the FBI's infiltration and takedown of the Hive ransomware group, other ransomware operators have been retooling their approaches to make their attacks more effective and operations tougher to disrupt, says Yelisey Bohuslavskiy, chief research officer at threat intelligence firm Red Sense.
Cybercriminals have been launching attacks against our people, networks, and services for decades with varying success. So, the need to realign our defences to meet the demands of evolving threats is nothing new.
CISOs have faced a broad and varied set of challenges in recent years. Remote environments, increasingly sophisticated threats and expanding supply chains are just some of the many concerns keeping them up at night.
Few tools are as critical to modern business as Microsoft 365. Unfortunately, the platform’s ubiquity and central role in the workplace also make it a prime target for cyber attackers—and often, the primary vector for compromising their victims. It's no wonder experts such as Gartner and Forrester recommend more...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.
