Month: August 2024
What happened Proofpoint recently identified a cluster of activity conducting malicious email campaigns using piano-themed messages to lure people into advance fee fraud (AFF) scams. The campaigns have occurred since at least January 2024, and are ongoing. Most of the messages target students and faculty at colleges and universities in North America, however other targeting…
Read More
Background Last year, the Federal Trade Commission (FTC) received more than 330,000 reports of business impersonation scams and nearly 160,000 reports of government impersonation scams. This represents about half of all the fraud reported directly to the FTC. The financial losses due to email impersonation scams are staggering. They topped $1.1 billion in 2023, which…
Read More
The threat landscape moves fast. As new attack methods and social engineering techniques appear, organizations need to maintain security awareness programs that are relevant, agile and focused. Research from Proofpoint for the 2024 State of the Phish report found that most businesses used real-world threat intelligence to shape their security awareness programs in 2023. That…
Read More
When you hear the term “spoofed” email, does business email compromise (BEC) come to mind? It does for many people—especially security leaders. BEC is a form of email fraud, and it has been a top concern for chief information security officers for years. BEC scams are a costly problem. The latest Internet Crime Report from the FBI’s…
Read More
Google has confirmed plans to implement Web Monetization in Chrome, allowing website owners to receive micro-payments as tips or rewards for their content as an additional way to generate revenue. “Web Monetization is a web technology that enables website owners to receive micro payments from users as they interact with their content,” Google explained in…
Read More
Highway 9 Networks, Radical and Cape are among the companies aiming to change the networking game. A cloud-native platform purpose-built for enterprise mobile users and devices driven by artificial intelligence. Solar-powered, autonomous aircraft taking telecommunications to the stratosphere. And a private mobile carrier with nationwide 5G and 4G coverage that promises to block hackers and…
Read MoreApply the stable channel update provided by Mozilla to vulnerable systems immediately after appropriate testing. (M1051: Update Software)o Safeguard 7.1 : Establish and Maintain a Vulnerability Management Process: Establish and maintain a documented vulnerability management process for enterprise assets. Review and update documentation annually, or when significant enterprise changes occur that could impact this Safeguard.o…
Read More
A global stop-payment mechanism created by INTERPOL successfully recovered over $40 million stolen in a BEC attack on a company in Singapore. INTERPOL says this is the largest recovery of funds stolen through a business email compromise (BEC) scam. BEC scams are a type of cyberattack in which cybercriminals attempt to redirect legitimate corporate payments to an…
Read MoreToday, CISA and the Federal Bureau of Investigation (FBI) have released Secure by Demand Guide: How Software Customers Can Drive a Secure Technology Ecosystem to help organizations drive a secure technology ecosystem by ensuring their software manufacturers prioritize secure technology from the start. An organization’s acquisition staff often has a general understanding of the core…
Read More
Black Hat USA 2024 kicks off Aug. 3 at Mandalay Bay in Las Vegas with training sessions, followed by a series of summits on Aug. 6, including the CISO Summit, with sessions on quantifying the cost of cyber risk, navigating regulatory complexity, and rebuilding after a cyber crisis, among others. But the big show rolls…
Read More