The FBI reported losses attributed to business email compromise (BEC) and Email Account Compromise (EAC) totalling over $26B between July 2016 and July 2019. While the scale of losses is staggering, how to best protect against these type of threats, which don’t normally include malware or detectable malicious intent,
Listen more closely and your network’s metadata will surrender insights the bad guys counted on keeping secret In the 1979 cult classic When a Stranger Calls, a babysitter receives numerous telephone calls from a strange man, only to discover the calls are coming from inside the house! Indeed, the notion of a stranger lurking inside
BEC attacks comprised nearly half of cybercrime losses last year, which totaled $3.5 billion overall as Internet-enabled crimes ramped up. Business email compromise (BEC) attacks cost organizations an estimated $1.77 billion in losses in 2019, reports the FBI, which received a total of 23,775 complaints related to this threat. The FBI’s Internet Crime Complaint Center
A new Mimecast report finds a significant uptick in BEC attacks, malware attachments, and spam landing in target inboxes. Business email compromise (BEC) ramped up 269% from last quarter to this quarter, according to Mimecast’s latest Email Security Risk Assessment (ESRA). This quarter showed a massive spike in emails containing dangerous file types, malware attachments,
A flaw in the OnApp cloud management platform could let an attacker compromise a private cloud with access to a single server. A newly disclosed critical vulnerability in the OnApp cloud orchestration platform could let an attacker compromise an entire private cloud with access to a single server, researchers report. The finding comes from researchers
As BEC continues to drive record-high losses, cybercriminals devise new tactics for swindling corporate targets out of millions. Business email compromise (BEC) continues to evolve as a prominent enterprise threat as cybercriminals adopt new tactics to manipulate employees into sending funds their way. They’ve learned from their mistakes to become more advanced and harder to
Researchers show how simply connecting to a rogue machine can silently compromise the host. Most security professionals know they can use Microsoft’s Remote Desktop Protocol (RDP) to connect to other machines but may not consider how merely using RDP could compromise one. A recently discovered RDP vulnerability could silently compromise a host when it connects
Investigation of the cybercrime group’s attack on an East European bank shows how some attackers require very little time to broaden their access and establish persistence on a network. A security vendor’s investigation of a May 2018 cyberattack on an East European bank has revealed the astonishing speed and sophistication with which some advanced threat
Financial services firms saw upticks in credential leaks and credit card compromise as cybercriminals go where the money is. More than one-quarter of all malware attacks target the financial services sector, which has seen dramatic spikes in credential theft, compromised credit cards, and malicious mobile apps as cybercriminals seek new ways to generate illicit profits.
ShadowHammer campaign latest to highlight dangers of supply chain attacks.
Taiwanese computer maker ASUS may have inadvertently distributed malware to over 1 million users of its systems worldwide after attackers compromised software update servers at the company last year, Kaspersky Lab said in a report Monday. Available telemetry shows the attackers planted the malware,