Spear phishing is an email-spoofing attack that targets a specific organization or individual, seeking unauthorized access to sensitive information. Continued…
Quote of the Day
“The best way for IT to improve email phishing security is through comprehensive testing, which helps identify which users are susceptible and what type of fake email is most effective.” – Kevin Beaver
LifeLock vulnerability exposed user email addresses to public
A LifeLock vulnerability exposed millions of customers’ email address to anyone with a web browser, according to a report from Brian Krebs, and it jeopardized anyone using the identity theft protection service.
Physical security keys eliminate phishing at Google
Following a requirement for Google employees to use physical security keys, successful phishing attempts were completely eliminated, at least in part, because of the ease of U2F.
Russian intelligence officers indicted for DNC hack
As part of special counsel Robert Mueller’s investigation into Russian interference with the 2016 presidential campaign, a grand jury indicted 12 members of Russia’s GRU for the DNC hack, as well as other malicious activity.
Phishing threats still dwarf vulnerabilities, zero-days
Email security vendor Proofpoint released its Human Factor 2018 report, which details how phishing threats are evolving and still beating enterprise defenses.
Seven factors that make up an effective email phishing test
An effective phishing test should feature emails that include typical phishing indicators, such as misspelled company names. IT pros must have the support of management to effectively run a test, and they should include everyone in the company.
Exploit kits allow non-technical threat actors to do ____ of damage.
A. a lot