Acquiring Area 1 Security has allowed Cloudflare to extend its network protection capabilities from DDoS attacks to phishing emails, says co-founder and CEO Matthew Prince. Area 1's technology means customers will enjoy a better rate of detection with fewer false positives than legacy offerings.
Expel has released its latest quarterly threat report, which looks at continued identity-based attacks and the impact of MFA fatigue. Jon Hencinski shares insights on attack trends, gaps in compensating controls and what to look for in pre-ransomware activity.
Permira's $5.8 billion acquisition of Mimecast has allowed the email security vendor to make product and technology investments that don't provide an immediate financial return. Several buyers expressed interest in taking Mimecast private, and CEO Peter Bauer is glad the firm ended up with Permira.
Successful account takeovers are one of the most common ways that organizations end up with attackers in their systems. But strong authentication can thwart even the most clever phishing campaigns, says Brett Winterford, regional chief security officer for APJ at Okta.
Join us for an informative webinar session as we dive into the hard truth of phishing attacks. Phishing has evolved to be more precise and deceptive than ever before, with the influx of mobile devices, screen sizes and many other sophisticated schemes tricking users into divulging information that can compromise...
Emails encrypted through Microsoft Office are vulnerable to attacks that can reveal the original content of messages due to shortcomings in the protocol, says WithSecure security researcher Harry Sintonen. Microsoft says it may finally abandon its use of the Electronic Code Book algorithm.
A phishing and fraud prevention vendor has bought a startup founded by Qualys' longtime engineering leader to help organizations more effectively discover and monitor assets. Red Sift says its purchase of Hardenize will help customers assess the security of their digital asset inventory.
Hackers, possibly Chinese, are exploiting Microsoft Exchange zero-day vulnerabilities to apparently implant backdoors and steal credentials. The computing giant says it doesn't yet have a patch, telling systems administrators to instead implement workarounds.
Why is business identity theft increasing, and what are the latest tactics fraudsters are using to scam businesses and gig workers? Eva Velasquez, CEO at the Identity Theft Resource Center, shares her views on how business identity theft has evolved over the years and how to prevent it.
Insurance market giant Lloyd's of London says that starting next year, its cyber insurance policies will no longer cover state-sponsored cyberattacks. But with attribution being inherently tricky, expect this move to be tested in court, says Jonathan Armstrong, a partner at Cordery law firm.
Four ISMG editors discuss how security leaders determine the right level of security for the business, the growing risk of business ID theft to enterprises, and the arrest of a developer suspected of working for cryptocurrency mixing service Tornado Cash, for "facilitating money laundering."
Cloud collaboration suites like Microsoft 365 are critical to business success, but have become significant entry points for potential exploitation. Just as your team relies on email and collaboration tools to accomplish their goals, so too do sophisticated threat actors. And while the built-in security of Microsoft...
Attackers are attempting to reset the passwords of some DigitalOcean customers, the cloud infrastructure provider says. The email addresses of these customers were likely exposed in a data breach involving Mailchimp, which provided transactional email services for DigitalOcean.
Two recent data breach lawsuit settlements by healthcare organizations underscore mounting liability risk stemming from a growing number of lawsuits. Missouri-based BJC Healthcare has agreed to pay up to $2.7 million to settle while Indiana-based Methodist Hospitals is on the hook for $425,000.
The "deliberate actions" of a now-fired senior engineer at Customer.io put at risk email addresses of six client companies, including NFT marketplace OpenSea. The email delivery vendor did not specify how many individuals are now at elevated risk of phishing attacks.