phishing
Assessing the email security controls used by 10,000 U.S. state and local election administrators
With fewer than 100 days left until Election Day, a new report from Area 1 Security reveals that states are still in widely varying stages of cybersecurity readiness. Key …
27% of consumers hit with pandemic-themed phishing scams
Phishing is the top digital fraud scheme worldwide related to the COVID-19 pandemic, TransUnion reveals. Among consumers reporting being targeted with digital COVID-19 schemes …
Human error: Understand the mistakes that weaken cybersecurity
43% of US and UK employees have made mistakes resulting in cybersecurity repercussions for themselves or their company, according to a Tessian report. With human error being a …
Cybersecurity teams are struggling with a lack of visibility into key security controls
89% of security professionals are most concerned about phishing, web and ransomware attacks. This is especially alarming, considering that only 48% confirm that they have …
How secure is your web browser?
NSS Labs released the results of its web browser security test after testing Google Chrome, Microsoft Edge, Mozilla Firefox, and Opera, for phishing protection and malware …
Fake “DNS Update” emails targeting site owners and admins
Attackers are trying to trick web administrators into sharing their admin account login credentials by urging them to activate DNSSEC for their domain. Scam emails lead to …
Remote employees encounter 59 risky URLs per week
Working remotely from home has become a reality for millions of people around the world, putting pressure on IT and security teams to ensure that remote employees not only …
Enterprise mobile phishing increased by 37% in Q1 2020
There was a 37 percent increase worldwide in enterprise mobile phishing encounter rate between the fourth quarter of 2019 and the first quarter of 2020, according to Lookout. …
Office 365 users: Beware of fake company emails delivering a new VPN configuration
Phishers are impersonating companies’ IT support team and sending fake VPN configuration change notifications in the hopes that remote employees may be tricked into …
StrandHogg 2.0: Critical Android flaw allows app hijacking, data theft
Google has released a patch for CVE-2020-0096, a critical escalation of privilege vulnerability in Android that allows attackers to hijack apps (tasks) on the victim’s …
Beware of phishing emails urging for a LogMeIn security update
LogMeIn users are being targeted with fake security update requests, which lead to a spoofed phishing page. “Should recipients fall victim to this attack, their login …
Phishers are trying to bypass Office 365 MFA via rogue apps
Phishers are trying to bypass the multi-factor authentication (MFA) protection on users’ Office 365 accounts by tricking them into granting permissions to a rogue …