New data shows just how frequently remote users are accessing risky web content that would normally be blocked by firewalls and other network monitoring solutions.
Criminals are abusing SurveyMonkey to host redirect links to an Office 365 phishing page, researchers at Abnormal Security have found. The emails contain links to a real SurveyMonkey ...
On July 3rd just before the holiday weekend, Mount Auburn Hospital's IT team identified suspicious activity. Alarmed, they quickly took steps to disconnect the Cambridge hospital's ...
In a letter to customers, EDP Renewables North America CEO acknowledges the attack occurred back in April of this year, but claims “no evidence” of data theft exists.
Recent updates to the well-known Ransomware-as-a-Service – including the addition of RIPlace – make Thanos a formidable challenge for even well-secured organizations.
While not a new tactic, vishing presents cybercriminals with an attack method that’s perfectly aligned with the pandemic shifts to remote workforces.
New data shows just how much major industries are paying out to remediate successful ransomware attacks, despite guidance to never pay the ransom.
Microsoft Office 365 users are targeted by a new phishing campaign using fake Zoom notifications to warn those who work in corporate environments that their Zoom accounts have been ...
40% of the top twenty universities in the US aren’t using DMARC to mitigate phishing attacks that impersonate the universities’ domains, according to researchers at Tessian. Additionally, ...
Months of quarantine, transitioning to work from home, economic uncertainty, social and political turmoil… it’s easy to see why your employees are amped up, tense and distracted. And the ...
Researchers at Digital Shadows warn that there are more than 15 billion leaked login credentials for sale in online criminal marketplaces. This number is up 300% since 2018, and the ...
California's new AB 375 privacy law is not as bad as GDPR, but the details are still in flux. CCPA does not have some of GDPR's most scary requirements like the very short 72-hour window ...
Gartner observed: "Rapid responses to the coronavirus pandemic leave organizations vulnerable to security breaches. Security and risk teams must remain vigilant and focus on strategic ...
Microsoft announced that the US District Court for the Eastern District of Virginia has ruled that the company can seize six domains that were being used in a widespread phishing ...
“This is a historic shift to the global email threat landscape and portends new and sophisticated social engineering attacks that CISOs around the world must brace for now,” according to ...
Researchers at Cybereason are tracking a sophisticated malware campaign targeting Android devices around the world. The campaign involves a new version of the FakeSpy information-stealing ...
BleepingComputer warns that cybercriminals are using calendar invites to send phishing links to Wells Fargo customers. Researchers at Abnormal Security discovered this phishing campaign ...
Using an old (but supported) Excel filetype, attackers can bypass both Exchange Online Protection and Advanced Threat Protection to run malicious macros.
Larry Abrams at Bleepingcomputer correctly observed: "Corporate victims are finally starting to realize that ransomware attacks are data breaches and have begun to notify employees and ...
