ISACA's recently published Privacy in Practice 2023 survey report shares new research related to the privacy workforce, privacy skills, privacy by design and the future of privacy. Expert Safia Kazi shares ways organizations can align privacy goals with business objectives.
Cloud email security: It involves new strategies and tools to defend against a new wave of attacks. Arun Singh of Abnormal Security discusses the latest flavor of email attacks and the new Knowledge Bases created to help enterprises increase their education and defensive capabilities.
The losses from phishing and other forms of sophisticated email fraud in 2021 alone totaled over $44 million, and the volume of phishing and email spoofing attacks doubled in 2021. Many malicious data breaches are caused by stolen credentials rather than the installation of malware. In fact, IBM found that in 2021,...
The email attack vector. It may not earn much discussion, but the adversaries take full advantage of it with phishing, BEC and now email platform attacks. Mike Britton, CISO of Abnormal Security, talks about the latest threat trends and how to detect and defend against them.
A hacker selling a data set purportedly containing emails stripped from the FBI's InfraGard public-private cybersecurity forum obtained access by sending an application, which the bureau approved, reports independent cybersecurity journalist Brian Krebs.
What really makes a “strong” password? And why are you and your end-users continually tortured by them? How do hackers crack your passwords with ease? And what can/should you do to improve your organization’s authentication methods?
Password complexity, length, and rotation requirements are the bane of IT...
The 2019 seizure by U.S. law enforcement of online criminal marketplace xDedic is paying dividends for lawyers unrolling prosecutions of accused fraudsters who allegedly obtained compromised credentials from the site. The FBI and IRS estimate that xDedic facilitated more than $68 million in fraud.
Synthetic identity fraud is the fastest-growing financial crime in the country. By combining real and fabricated personal information, a synthetic identity is specifically designed to look and act like a valid identity - until it doesn’t, leaving financial losses and criminal activity in its wake.
The Abnormal Security team just launched a new threat intel site named Abnormal Intelligence. Crane Hassold shares resources available, including an attack library, semi-annual threat intel reports, a glossary and exclusive insights from the Abnormal team.
In this ebook with Information Security Media Group,...
In the latest weekly update, ISMG editors discuss the implications of the former Uber CSO's guilty verdict for the rest of the industry, the growing problem of keyless car theft, and the latest progress toward a passwordless future revealed at the annual FIDO Alliance conference.
Organizations can improve security with modern authentication protocols, but the big message to the marketplace is that FIDO Passkeys give customers more convenience and deliver a consistent user experience, according to panelists on the final day of FIDO Alliance's Authenticate 2022 Conference.
Fraudsters are using tried-and-true tactics such as check washing as well as Zelle scams and a host of insider threats to scam banks and their customers. Frank McKenna, chief fraud strategist at Point Predictive and author, explains why fraud is on the rise and the steps banks can take to stop it.
Multifactor authentication needs to move away from one-time passwords sent via text message and embrace modern standards that prevent man-in-the-middle attacks. Plus, excessive identity challenges online lead to 20% of e-commerce transactions being abandoned, say experts at Authenticate 2022.
Since credential leaks are so common in cybersecurity incidents and breaches, how is it even possible to protect identities? Corey Nachreiner of WatchGuard Technologies shares strategies for how enterprises can upgrade their approach to identity security.