As the global pandemic enters its second year, IT and infosec teams continue to face challenges on all sides. On top of “ordinary” cybersecurity issues, they're dealing with an explosion of pandemic-themed phishing scams and a continued surge in ransomware attacks—all while attempting to transition many users to...
Multi-Factor Authentication (MFA) can be a highly effective way to safeguard your organization’s data, but that doesn’t mean it’s unhackable. And nobody knows that better than award-winning author and Data-Driven Defense Evangelist at KnowBe4, Roger Grimes. While researching his most recent book Hacking...
Criminals love to amass and sell vast quantities of user data, but not all data leaks necessarily pose a risk to users. Even so, the ease with which would-be attackers can amass user data is a reminder to organizations to lock down inappropriate access as much as possible.
Email security provider Cofense and data security firm StrikeForce Technologies both have announced acquisitions. Meanwhile, data protection firm OneTrust received additional funding.
The Ponemon Institute found that today 75 percent of all organizations in the United States are not prepared to respond to an attack. Is yours among them? Maybe.
By leveraging a highly effective combination of human and machine power, SOAR stacks can improve the efficiency of your incident response activities,...
There is a reason more than half of today’s ransomware victims end up paying the ransom. Cyber-criminals have become thoughtful; taking time to maximize your organisation’s potential damage and their payoff. After achieving root access, the bad guys explore your network reading email, finding data troves and once...
Threat actors are masquerading as business tools and communication platforms to slip past perimeter controls that are programmed to block known threats. Once they make it through, human detection and threat analysis become an integral part of the process to thwart an attack.
When technologies aren’t programmed to...
Venture capital firm Sequoia Capital confirmed it was recently involved in a "cybersecurity incident," but offered no details on exactly what may have transpired. Cybersecurity teams and law enforcement agencies have been notified.
Since SEGs are missing so many phish, there’s a good chance other technologies - firewalls, anti-virus, and EDR - also aren’t spotting these threats. Such gaps can leave you vulnerable for hours or even days.
Bottom line: you can’t rely on SEGs alone. They’re the first line of defense, not the last...
Why are polymorphic attacks more successful? A campaign that lacks uniformity doesn’t look like a campaign and makes it difficult for security operators to keep rules up to date at the gateway. For many cybersecurity teams who lack bandwidth, finding the full scope of a polymorphic attack to quarantine is...
What really makes a "strong" password? And why are your end-users tortured with them in the first place? How do hackers crack your passwords with ease? And what can/should you do about your authentication methods?
For decades, end-users have borne the brunt of the password tyranny, a result of the IT industries'...
A recent phishing campaign tied to an Iranian hacking group known as "Charming Kitten" used SMS and email messages to spread malicious links in an attempt to steal email credentials in the U.S., Europe and the Persian Gulf region, security firm Certfa Lab reports.
Ransomware gangs entered 2020 with a full and dangerous set of weapons at their disposal and then rolled out additional tools such as extortion and new distribution methods, a trend that is expected to continue into 2021.
Email is still the #1 attack vector the bad guys use. A whopping 91% of cyberattacks start with a phishing email, but email hacking is much more than phishing and launching malware!
Join us as we explore 10 ways hackers use social engineering to trick your users into revealing sensitive data or enabling malicious...
An ongoing spear-phishing campaign is spoofing the official Microsoft.com domain name and targeting users of the company's Office 365 suite, according to security firm Ironscales. Fraudsters are likely using these attacks to harvest credentials.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
