08 Apr 2019

Insights gained from working on more than 750 cybersecurity incidents

A new report by BakerHostetler provides information on various threats and security trends based on 750 potential security incidents that occurred in 2018. The study points to phishing as the most common cause for security incident, which is unsurprising. A more striking finding is that about one in four security

Read More
08 Apr 2019

Hackers beat university cyber-defences in two hours

New research shows that even though educational institutions are highly popular targets for cybercriminals and state-backed hackers alike, universities have very poor security in place. In a recent simulation, penetration testers with Jisc managed to get their hands on “high-value” data belonging to all of the over 50 UK universities

Read More
05 Apr 2019

Document-Based Malware on the Rise in 2019

New research by Barracuda Networks shows that cybercriminals are increasingly distributing malware in the form of malicious documents. In the first quarter of this year, malicious documents made up a whopping 59% of all malicious files detected by the firm. This was only 41% for Q1 of last year, while

Read More
01 Apr 2019

90% of large tech companies vulnerable to email spoofing

A new Valimail survey shows that the vast majority of organizations have not properly implemented open standards for email authentication, leaving 90% of firms vulnerable to spam and phishing attacks involving email spoofing. According to the survey, only 49% of companies keep Domain-based Message Reporting, Authentication & Conformance (DMARC) records,

Read More
29 Mar 2019

Hundreds of compromised WordPress and Joomla websites are serving up malware to visitors

Researchers with Zscaler warn that threat actors are increasingly trying to take advantage of flaws in the immensely popular content management systems (CMSs) WordPress and Joomla in order to get legitimate websites to target users with malicious payloads. In the past month, the researchers detected thousands of attacks, hundreds of

Read More
28 Mar 2019

Microsoft takes control of 99 domains operated by Iranian state hackers

Microsoft has confiscated 99 web domains that were used by Iran-linked hackers to launch global spear-phishing campaigns. The domain names resembled those of popular services offered by Microsoft, Yahoo and other companies and could therefore easily be mistaken for legitimate websites by victims of the campaign. The threat actor behind

Read More
21 Mar 2019

Latest tactics used by cybercriminals to bypass traditional email security

New research by Barracuda sheds light on the evolving strategies used by cybercriminals in email-based spear-phishing attacks. The report distinguishes between three types of spear phishing: brand impersonation attacks, business email compromise (BEC) and extortion. Brand impersonation is the most popular strategy by far, accounting for 83% of attacks. Extortion

Read More
20 Mar 2019

Microsoft Office Dominates Most Exploited List

Recorded Future has released the 2018 version of it’s annual top 10 list of most exploited vulnerabilities. The list contains 8 Microsoft Office vulnerabilities that are being exploited as part of phishing campaigns involving malicious Word and Excel documents. The other two flaws in the list are an Adobe Flash

Read More
18 Mar 2019

Email – The Often Overlooked Cybersecurity Risk

Are silly email mistakes putting your sensitive data and customer PII at risk or in violation of GDPR. Matt Devost breaks down four real life examples that highlight inadvertent email risks.

Read More
18 Mar 2019

Google Took Down 2.3 Billion Bad Ads in 2018

Figures released by Google last week highlight how widespread cybercrime has become. Last year, the company took down 2.3 billion bad ads, 58.8 million of which were phishing ads. 207,000 of the adds were for ticket resellers and over 531,000 for bail bonds. Google stepped up its efforts to fight

Read More