Jamf plans to buy startup ZecOps to extend its ability to detect and respond to sophisticated threats across Mac, iOS and Android devices. Jamf's proposed acquisition will provide threat hunting tools to determine if any advanced attacks have compromised mobile devices.
Vista Equity Partners has joined Thoma Bravo in the take-private cybersecurity spree, offering to buy security awareness training behemoth KnowBe4 at a $4.22 billion valuation. KnowBe4 says it has received a nonbinding offer from Vista of $24 per share for the shares not currently owned by Vista.
Credential phishing attacks represent a huge threat to organizations as a well-crafted (or even somewhat realistic-looking) phishing email can trick an employee into providing login credentials.
In our threat report covering data from January-June 2022, Abnormal Security found a 48% increase in email attacks over...
The latest ISMG Security Report discusses a new phishing-as-a-service toolkit designed to bypass multifactor authentication, the decision by Lloyd's of London to exclude nation-state attacks from cyber insurance policies, and challenges at Okta after it acquired customer identity giant Auth0.
With attack surface sprawl and growing numbers of vulnerabilities to address, security and IT teams are increasingly challenged to meet remediation targets. To overcome this problem, teams need an automated way of identifying and correlating the highest risk vulnerabilities with the right remediation steps.
Cloud collaboration suites like Microsoft 365 are critical to business success, but have become significant entry points for potential exploitation. Just as your team relies on email and collaboration tools to accomplish their goals, so too do sophisticated threat actors. And while the built-in security of Microsoft...
Research by Dun & Bradstreet says business identity fraud jumped 254% in 2020. Tools can help prevent this fraud but may create greater friction, say Andrew La Marca, senior director at Dun & Bradstreet, and Ralph Gagliardi, agent in charge, High Tech Crimes Unit, Colorado Bureau of Investigation.
Signal says 1,900 of its customers have been affected by the recent phishing attack on its third-party vendor Twilio. Signal says phone numbers and SMS verification codes of 1,900 customers are compromised, potentially transferring access of these accounts to the attackers.
The average person believes using Multi-Factor Authentication (MFA) makes them significantly less likely to be hacked. That is simply not true! Hackers can bypass 90-95% of MFA solutions much easier than you would think. Using a regular looking phishing email, they can bypass MFA just as easily as if it were a simple...
It feels like we hear about a new devastating cyberattack in the news every day, and attack methods seem to be proliferating at an exponential rate. So, which tactics should you be aware of beyond standard “click and infect” attack vectors?
Join Roger A. Grimes, KnowBe4's Data-Driven Defense Evangelist and...
Twilio, which runs a customer engagement platform used by thousands of businesses, says that its employees were tricked via SMS phishing messages into giving attackers their login credentials, resulting in the theft of information on customers, as well as their customers and end users.
"Credential phishing is off the charts," says Tonia Dudley of Cofense. She discusses the challenge for organizations to strike a balance between having the right controls in place to block malicious emails and stopping the business from receiving legitimate emails.
Phishing is no longer restricted to just emails. As attackers broaden their arsenal, businesses today also need to be on the lookout for impersonation attempts via SMS text messages or voice calls, says Roger Grimes, a data-driven defense evangelist at KnowBe4.
If you think the only way your network and devices can be compromised via email is phishing, think again!
A majority of data breaches are caused by attacks on the human layer, but email hacking is much more than phishing and launching malware. From code execution and clickjacking to password theft and rogue forms,...
Police in Nigeria this week arrested a 37-year-old man who's been charged with masterminding "a criminal syndicate tied to massive business email compromise and phishing campaigns," Interpol says. But with known BEC losses last year exceeding $2.4 billion, will the arrest have a noticeable impact?