email security

Organizations spend 100 hours battling post-delivery email threats
Nearly every victim of a spear-phishing attack in the last 12 months saw impacts on their organization, including malware infections, stolen data, and reputational damage, …

Cybercriminals masquerading as MFA vendors
Cybercriminals are increasingly posing as multi-factor authentication vendors and small businesses are becoming more popular targets, according to VIPRE. Attachment-based …

Barracuda email security appliances hacked via zero-day vulnerability (CVE-2023-2868)
A vulnerability (CVE-2023-2868) in Barracuda Networks’ Email Security Gateway (ESG) appliances has been exploited by attackers, the company has warned. About …

Malicious links and misaddressed emails slip past security controls
The majority of organizations use six or more communication tools, across channels, with email remaining the channel seen as the most vulnerable to attacks (38%), according to …

Why organizations shouldn’t fold to cybercriminal requests
Organizations worldwide pay ransomware fees instead of implementing solutions to protect themselves. The ransom is just the tip of the iceberg regarding the damage a …

Organizations need to re-examine their approach to BEC protection
BEC attacks are growing year over year and are projected to be twice as high as the threat of phishing in general, according to IRONSCALES and Osterman Research. 93% of …

AI is taking phishing attacks to a whole new level of sophistication
92% of organizations have fallen victim to successful phishing attacks in the last 12 months, while 91% of organizations have admitted to experiencing email data loss, …

An email attack can end up costing you over $1 million
75% of the organizations had fallen victim to at least one successful email attack in the last 12 months, with those affected facing average potential costs of more than $1 …

Cybercriminals exploit volatile job market for targeted email attacks
Between July–December 2022, the median open rate for text-based business email compromise (BEC) attacks was nearly 28%, according to Abnormal Security. Business email and …

Attackers used malicious “verified” OAuth apps to infiltrate organizations’ O365 email accounts
Malicious third-party OAuth apps with an evident “Publisher identity verified” badge have been used by unknown attackers to target organizations in the UK and …

Why encrypting emails isn’t as simple as it sounds
The quality of protected communications matters – a lot. If the sent material is highly sensitive and the legislation and/or policy demands high security, opportunistic …

Rackspace ransomware attack was executed by using previously unknown security exploit
The MS Exchange exploit chain recently revealed by Crowdstrike researchers is how the Play ransomware gang breached the Rackspace Hosted Exchange email environment, the …
Featured news
Resources
Don't miss
- When ransomware strikes, what’s your move?
- SafeLine Bot Management: Self-hosted alternative to Cloudflare
- Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054)
- Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201)
- When AI agents go rogue, the fallout hits the enterprise