Business email compromise continues to be a significant threat and is one of the most financially damaging online crimes. Attackers continue to innovate and grow in sophistication, which means defenders need to leverage new technology, warned Mike Britton, CISO of Abnormal Security.
As the digital landscape evolves, security teams need skills and training platforms that can provide the right resources for an organization "by showing what someone has got in terms of skills, without necessarily fully relying on their CVs," said Jess Burn, senior analyst at Forrester.
The cyber insurance landscape has evolved significantly over the last 10 to 15 years. Initially, renewals were relatively straightforward, but with the rise of cyberthreats such as ransomware, the market has shifted dramatically to reduce risk exposure.
Belarus state-linked hackers are targeting government and military entities in both Ukraine and Poland with spear-phishing campaigns that deliver remote access Trojans. Ukrainian authorities say the adversary is focusing on information stealing and remote control of targeted systems.
Security experts say China-based hackers are "leading their peers in the deployment of zero-days" in the wake of another wide-ranging attack that abused a flaw in Microsoft Outlook and used forged authentication tokens to access email accounts of governments in the United States and Western Europe.
Over five dozen British academics joined a widening group of technology firms and privacy groups in criticizing a U.K. government bill aimed at protecting children from online harassments by weakening encryption. In an open letter, they said the bill is "doomed to fail."
Cloudflare and Check Point joined Proofpoint and Microsoft atop Forrester's email security rankings, while Trend Micro, Barracuda Networks and Mimecast tumbled from the leaders category. A number of security vendors have gotten into email protection in recent years by acquiring CAPES startups.
Cisco plans to make its third tuck-in cybersecurity acquisition of 2023 to protect email, cloud office applications and enterprise communications through natural language understanding. Cisco will take advantage of Armorblox's predictive and generative AI to help customers bolster their security.
Cisco Security Executive Vice President and General Manager Jeetu Patel said the industry struggles to address multifaceted attacks that originate in email and include bad links, malware downloads to a device and more. Cyber defenders need correlated data from multiple sources of telemetry, he said.
Expel, CrowdStrike and Red Canary held steady atop Forrester's MDR rankings, while Secureworks and Binary Defense tumbled from the leaders category. Providers have turned their attention from maximizing their efficacy at detecting ransomware to finding faster and better ways to respond to attacks.
Data443 has bought Cyren's threat intelligence, URL categorization and email security technology out of bankruptcy for up to $3.5 million. Buying Cyren's anti-spam, virus outbreak detection, IP reputation, URL filtering and Threat InDepth data feeds will boost Data443's existing product portfolio.
Business email compromise, end-user education, forensic archiving and recovery can be confounding to SMBs that lack the resources for a traditional secure email gateway. The rise of cloud-based email offerings means that SMBs can now get the same level of email protection without using a gateway.
Check Point's product sales have taken their biggest nosedive since 2018 as customers extend sales cycles and postpone projects while prospects decline to buy new products. The company said businesses have increasingly delayed product refresh projects since November in an effort to tighten budgets.
Threat actors are exploiting the ongoing economic downturn by using job-themed phishing and malware campaigns to target job seekers and employers to steal sensitive information and hack company recruiters. Researchers advise companies to be wary of attachments and URLs.
The Royal ransomware group targeting critical infrastructure in the United States and other countries is made up of experienced ransomware attackers and has strong similarities to Conti, the infamous Russia-linked hacking group, according to a new alert issued by U.S. authorities.