News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Targeted email attacks on energy and utilities sectors
Targeted email attacks on energy and utilities sector - Image by Sergio Cerrato - Italia on Pixabay

Successful attacks on energy and utility companies such as Colonial Pipeline or Ukrainian Energy Utilities show how far-reaching an attack can be. In many cases, the first steps of the attack take place via sophisticated email attacks. Energy and utility companies are increasingly using digital technologies to manage and integrate complex distributed operations and remote locations such as wind farms, power plants and grids. Successful attacks on energy and utility companies show how far-reaching their impact can be. One example is the May 2021 ransomware attack on Colonial Pipeline, the largest fuel pipeline in the United States. This resulted in a ransom payment of...

Read more

Email vulnerability: BSI warns of SMTP smuggling

Using smuggling, an email can be split and the fake senders bypass authentication mechanisms such as SPF, DKIM and DMARC. While large companies and email service providers Microsoft, GMX and Ionos immediately stopped smuggling, Cisco continues to consider the danger to be a great function, according to the BSI. On December 18, cybersecurity firm SEC Consult released information about a new attack technique using “Simple Mail Transfer Protocol (SMTP) Smuggling.” With SMTP smuggling, attackers take advantage of the fact that different SMTP implementations interpret the marking of the end of an email message differently. SPF, DKIM and DMARC undermined you...

Read more

Increased QR code attacks via email
Increased QR code attacks via email

Check Point security researchers are observing a new type of phishing attack that uses a dangerous QR code. The new “quishing” is becoming more and more prevalent as many users scan the codes without hesitation. The new variant of phishing with QR codes is becoming increasingly popular: quishing or QR code phishing. The actually harmless QR codes are ideal for disguising malicious intentions. A common QR code image can hide a malicious link, which is hardly visible. Since users are used to QR codes, such a code in an email is often not recognized as a threat. Out of…

Read more

QR Codes and Phishing: Quishing Attacks
B2B Cyber ​​Security ShortNews

How cybercriminals abuse QR codes for phishing. The use of technology is constantly evolving to make personal and professional lives more convenient, as evidenced by the quick response code. For example, this two-dimensional barcode allows users to quickly and easily share website URLs and contact information or make payments. However, this technology has also opened up new opportunities for cybercriminals. QR code phishing attacks, also known as quishing, are on the rise and pose a significant threat to users and businesses alike. QR codes for email attacks Hackers are using QR codes in email attacks, to trick recipients into visiting malicious websites…

Read more

Phishing Report Q3: Dangerous personnel emails in trend 
Phishing Report Q3: Dangerous personnel emails in trend

KnowBe3's Q2023 4 global phishing report finds that HR-related email topics continue to be used as a phishing strategy, accounting for more than 50 percent of top email topics. The report shows clear. dangerous trends. The results of KnowBe2023's third quarter 4 phishing report show clear attack trends. They include the most clicked email topics in phishing tests and reflect the use of business-related HR messages as well as popular seasonal messages that can pique employees' interest and influence their workday. Phishing emails – old but dangerous Phishing emails are still one of the…

Read more

DACH: 55 percent victims of spear phishing
DACH: 55 percent victims of spear phishing

In the DACH region, 55 percent of companies have been victims of a spear phishing attack in the last 12 months, according to the new Barracuda Networks Spear Phishing Trends Report 2023. DACH was thus slightly above the average in an international comparison (50 percent). In addition, 24 percent of all companies had at least one email account affected by an account takeover. Cyber ​​criminals send an average of 370 malicious emails from each compromised account. The report includes Barracuda spear phishing data and analysis based on a dataset covering 50 billion emails across 3,5 million mailboxes, including nearly 30 million spear phishing emails. In addition…

Read more

The most dangerous attack method: social engineering
The most dangerous attack method: social engineering

According to Verizon's Data Breach Investigations Report, 74% of security breaches are the result of successful social engineering attacks, bugs, abuse, and other human weaknesses. Also in many companies. A little good news: In the previous year, 82 percent of security breaches were recorded. But 74 percent remain social engineering attacks, according to Verizon's Data Breach Investigations report. The most successful attack method with 50 percent is pretexting, i.e. a social engineering activity with a specific pretext as the trigger. This is a double increase compared to last year. Phishing, phishing, phishing pretexting is...

Read more

E-mail attacks: HTML attachments most dangerous
E-mail attacks: HTML attachments most dangerous

HTML attachments are still the most dangerous file type in email attacks. As a result, attackers are relying more on HTML attachments: their share has doubled in a year, according to Barracuda Networks. Hypertext Markup Language – HTML for short – is used to create and structure content presented online. This often happens in e-mail communication as well. But one can assume that practical, well thought-out technologies are usually also very popular with criminals. And in fact, HTML is an overly welcome attack tool in phishing, for example to disguise the theft of login data. Even more:…

Read more

New AI/ML powered threat protection platform
New AI/ML powered threat protection platform

Proofpoint is bringing a number of new capabilities to its Aegis Threat Protection, Identity Threat Defense, and Sigma Information Protection platforms. These enable organizations to stop malicious email attacks, detect and prevent identity-based threats, and protect sensitive data from theft, loss, and insider threats. The new innovations from Proofpoint also complement the range of the newly founded Identity Threat Defense (formerly Illusive) business unit, in order to flexibly complement and protect productivity solutions such as Microsoft 365 in particular. Aegis Threat Protection Platform The Proofpoint Aegis Threat Protection Platform is an AI/ML-powered threat protection platform that combines modern...

Read more

AI is changing everything we know about email cyberattacks
AI is changing everything we know about email cyberattacks

Generative AI changes attacks and makes them significantly more sophisticated than in the past. It requires a new defense strategy - preferably with a self-learning AI that also recognizes, learns and immediately implements completely new behavioral patterns. A survey by Darktrace of 6.700 employees on how they deal with email in companies. The most recent case shows what a generative AI can do – the collapse of the Silicon Valley Bank (SVB) and the resulting banking crisis. The attackers immediately used the situation to forge highly sensitive communications. To do this, they intercepted legitimate communications in which the…

Read more