Category: Email security

September 11, 2023

Sending an email with a forged address is easier than previously thought, due to flaws in the process that allows email forwarding, according to a research team led by computer scientists at the University of California San Diego. The issues […]

August 25, 2023

The U.S. Federal Bureau of Investigation (FBI) is warning that Barracuda Networks Email Security Gateway (ESG) appliances patched against a recently disclosed critical flaw continue to be at risk of potential compromise from suspected Chinese hacking groups. It also deemed […]

July 14, 2023

Zimbra has warned of a critical zero-day security flaw in its email software that has come under active exploitation in the wild. “A security vulnerability in Zimbra Collaboration Suite Version 8.8.15 that could potentially impact the confidentiality and integrity of […]

July 13, 2023

An unnamed Federal Civilian Executive Branch (FCEB) agency in the U.S. detected anomalous email activity in mid-June 2023, leading to Microsoft’s discovery of a new China-linked espionage campaign targeting two dozen organizations. The details come from a joint cybersecurity advisory […]

February 10, 2023

75% of the organizations had fallen victim to at least one successful email attack in the last 12 months, with those affected facing average potential costs of more than $1 million for their most expensive attack, according to a new […]

February 9, 2023

Between July–December 2022, the median open rate for text-based business email compromise (BEC) attacks was nearly 28%, according to Abnormal Security. Business email and supply chain compromise as attack strategies Additionally, of the malicious emails that were read, an average […]

January 26, 2023

PKWARE has released its newest data discovery and protection solution, PK Secure Email. This Microsoft Outlook add-in automatically discovers sensitive information in email message body, subject line, and attachment and prompts policy-driven protection actions upon sending. Email is a staple […]

January 12, 2023

Cloudflare announced several new zero trust email security solutions, compatible with any email provider, to protect employees from multichannel phishing attacks, prevent sensitive data being exfiltrated via email, and help businesses speed up and simplify deployments. Now, Cloudflare is providing […]

January 6, 2023

Rackspace has completed its forensic investigation into the Dec. 2 ransomware attack that took down its Hosted Exchange Email service and announced that it will discontinue that offering and transition it to cloud-based Microsoft 365. The company said it has […]

December 19, 2022

Google has become the latest company to roll out an encryption upgrade, revealing it Gmail email service is set to get full end-to-end encryption (E2EE) support, but not all users will be able to get it. In an update on […]

December 19, 2022

Armorblox announced the addition of Custom Role-Based Access Controls to its cloud-delivered email security platform to maintain data compliance and reduce data blindspots for individuals across the organization. Not all emails are created equal. On the inbound threat side, attackers […]

November 30, 2022

In 2012, the US Federal Bureau of Investigation (FBI) began investigating an influx of reported fraud incidents involving threat actors rerouting payments to attacker-controlled accounts. In these incidents, victims received seemingly legitimate emails containing requests to alter scheduled payments. The […]

November 16, 2022

Abnormal Security has released Security Posture Management, its newest addition to the product portfolio as the company progresses toward delivering the cloud email security. The latest innovation protects customers from emerging email platform attacks that are increasing in volume and […]

November 15, 2022

A research from Tessian, the State of Email Security Report, found that enterprise email is now the No. 1 threat vector for cyberattacks. According to the report, 94% of organizations experienced a spear phishing or impersonation attack, and 92% suffered […]

October 17, 2022

New research has disclosed what’s being called a security vulnerability in Microsoft 365 that could be exploited to infer message contents due to the use of a broken cryptographic algorithm. “The [Office 365 Message Encryption] messages are encrypted in insecure […]

October 14, 2022

Electronic Codebook encrypts repeated blocks of information with the same ciphertext – meaning that in the supposedly impenetrable gibberish encryption uses to protect information from prying eyes, patterns may emerge. “You can have the correct cipher, a really secure way […]

September 23, 2022

Most mass malicious mailing campaigns are very primitive and hardly diverse, with the content limited to several sentences offering the user to download archives that supposedly contain some urgent bills or unpaid fines. The email messages may contain no signatures […]

September 9, 2022

N-able has introduced Private Portal, an extra layer of email security to help protect critical business data, to N-able Mail Assure. Private Portal, included with Mail Assure free of charge, sends a notification to recipients when they receive an email […]

August 31, 2022

Ransomware gets the headlines, and phishing sets off the most alerts, but business email compromise costs enterprises the most – more than $43 billion since 2016. U.S. Secret Service agents Stephen Dougherty and Michael Johns discuss the criticality of rapid […]

August 24, 2022

While businesses are busy trying to protect themselves against ransomware attacks that spark headlines news, threat actors are sticking to one of the oldest and most effective hacking techniques—business email compromise (BEC). Enterprise security has skewed toward ransomware in recent […]