Cybersecurity pros think the enemy is winning

Posted on 9th July 2019

Recent research from Malwarebytes, ISSA, and ESG find that security professionals have little confidence in their ability to prevent their organization from being breached. What’s behind this mindset? And how can we turn the tide to stay a step ahead of the criminals?

Security world

Tags: adminsCISOscybercriminalsdata breachesITsecurity professionalsskills shortage

(Read more…)

The post Cybersecurity pros think the enemy is winning appeared first on Malwarebytes Labs.

Read more

The Minefield of Corporate Email

Posted on 7th July 2019

Email security challenges CISOs as cybercriminals target corporate inboxes with malware, phishing attempts, and various forms of fraud.

Read more

The aftermath of a data breach: A personal story

Posted on 2nd July 2019

Criminals used my account to launder credit card transactions into cash, at least where the company transacted with was willing to refund

The post The aftermath of a data breach: A personal story appeared first on WeLiveSecurity

Read more

Impersonation Attacks Up 67% for Corporate Inboxes

Posted on 30th June 2019

Article by Kelly Sheridan, DarkReading Nearly three-quarters of organizations hit with impersonation attacks experienced direct losses of money, customers, and data. Email-based cyberattacks are going up, causing confidence in security defenses to fall as businesses grapple…

Read more

Microsoft Adds 2FA-Protected “Personal Vault” Within OneDrive Cloud Storage

Posted on 26th June 2019

Microsoft has introduced a new password-protected folder within its OneDrive online file storage service that will allow you to keep your sensitive and important files protected and secured with an extra layer of authentication.
Dubbed Personal Vault, the new OneDrive folder can only be accessed with an additional step of identity verification, such as your fingerprint, face, PIN, or a

Read more

First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records

Posted on 25th June 2019

The Web site for Fortune 500 real estate title insurance giant First American Financial Corp. [NYSE:FAF] leaked hundreds of millions of documents related to mortgage deals going back to 2003, until notified this week by KrebsOnSecurity. The digitized records — including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images — were available without authentication to anyone with a Web browser.

Read more

Legal Threats Make Powerful Phishing Lures

Posted on 23rd June 2019

Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Such scams typically notify the recipient that he/she is being sued, and instruct them to review the attached file and respond within a few days — or else. Here’s a look at a recent spam campaign that peppered more than 100,000 business email addresses with fake legal threats harboring malware.

Read more

‘Your account has been locked’ – 7 telltale signs of a phishing scam

Posted on 18th June 2019

According to study after study, phishing remains the most efficient attack vector for bad actors to steal your data. Even though attackers have plenty of options, they prefer phishing because it does one thing better than any other method: it tricks victims into partaking in their own attack. Some of the most lucrative phishing emails […]

Read more

Don’t have your account hijacked. Secure your online accounts with more than a password, says Google

Posted on 16th June 2019

Research published at the end of last week argues that the typical user can significantly harden the security of their online accounts by linking a recovery phone number that can send an alert if there is suspicious activity on the account. The research, conducted by a team from Google alongside researchers from New York University […]

Read more

Hackers Breach Stack Overflow Q&A Site, Some Users’ Data Exposed

Posted on 11th June 2019

Note: We have updated this story to reflect new information after Stack Overflow changed its original announcement and shared more details on the security incident.
Stack Overflow, one of the largest question and answer site for programmers, revealed today that unknown hackers managed to exploit a bug in its development tier and then almost a week after they gained unauthorized access to its

Read more

Join our Newsletter

Get updates and the latest scoop in your inbox