Mimecast Report Reveals Nearly 60% of Companies in UAE and Saudi Arabia Need to Increase Cybersecurity Spending
The State of Email Security Report reveals cyber risk commands the C-suite's focus.
Stay secure with the latest email security updates, best practices, and threat alerts to protect your inbox and sensitive information.
Search across headline titles and summaries.
Background for this topic.
Email is a system for exchanging digital messages, typically using mail servers and clients over a network. In security, it includes both the messages and the accounts, servers, domains, and authentication mechanisms that handle them. Email commonly carries phishing links, malicious attachments, and fraudulent requests for payments or credentials; compromised accounts can also be used to impersonate trusted people and conduct further attacks.
Defenses include filtering and malware scanning, phishing-resistant multifactor authentication, careful handling of links and attachments, and monitoring for unusual login or sending activity. Domain controls such as SPF, DKIM, and DMARC help receiving systems detect messages that are forged or sent without authorization, while encryption protects message contents in transit or at rest when correctly implemented. Security teams should preserve relevant headers and mailbox activity so suspicious messages can be investigated, removed, and used to identify affected accounts and other recipients.
The State of Email Security Report reveals cyber risk commands the C-suite's focus.
The advanced persistent threat (APT) actor known as Winter Vivern is now targeting officials in Europe and the U.S. as part of an ongoing cyber espionage campaign
'Serious breach of trust' says ICO, 'stakes too high' for mistakes in cases like this In a classic email snafu NHS Highland sent messages to 37 patients infected with HIV and inadvertently used carbon copy (CC) instead of Blind Carbon Copy meaning the recipients could see each other’s email addresses.…
Malicious toolkit targets misconfigured hosts in AWS and Office 365 A fast-evolving toolkit that can be used to compromise email and web hosting services represents a disturbing evolution of attacks in the cloud, which for the most part have previously been confined to mining cryptocurrencies.…
Business email compromise scams are moving beyond just stealing cash, with some threat actors fooling companies into sending goods and materials on credit, and then skipping out on payment.
If you need extra time to dump RPS, OK, but email from unsupported Exchange servers is blocked till they’re up to date Some Exchange Online users who have the RPS feature turned off by Microsoft can now have it re-enabled – at least until September when the tool is retired.…
A new modular toolkit called 'AlienFox' allows threat actors to scan for misconfigured servers to steal authentication secrets and credentials for cloud-based email services. [...]
Securing your business against BEC Webinar Business email compromise (BEC) is possibly the worst of cybercrimes because it abuses trust. It feeds on relationships carefully nurtured over decades and erodes a confidence which is foundational to cooperation, and progress.…
The Federal Bureau of Investigation is warning companies in the U.S. of threat actors using tactics similar to business email compromise that allow less technical actors to steal various goods from vendors. [...]