In yet another example of a phishing campaign impersonating Microsoft’s voicemail notification, we see an HTML attachment that leads to a credential-harvesting URL. ...
In yet another example of a phishing campaign impersonating Microsoft’s voicemail notification, we see an HTML attachment that leads to a credential-harvesting URL. ...
Regardless of their age, role, or security competency, employees must follow basic practices to protect organization and its data. Training doesn’t have to come in t...
Hackers are using Microsoft Azure Blob Storage to specifically attack Office 365 admins to take over the Office 365 environment. Although windows.net phishing attack...
When 2-factor authentication (2FA) is combined with password managers like 1Password and LastPass, it can help people securely access their personal and work account...
The average person interacts with HTML every day while surfing the internet. Unless they are a UX developer or designer, however, they probably shouldn’t expect to r...
See why phishing has became one of cyber security's most common threats, and what can be done about it. Lots of numbers, percentages, and costs are associated with p...
Microsoft Office 365 is the most popular target and vector for email phishing attacks. Office 365 Security is Microsoft’s best — especially compared to its 30-year c...
Recently, I talked about an unexplored, but potentially devastating issue in InfoSecurity magazine: default Software-as-a-Service (SaaS) configurations. Sure, they'r...
Recently, I analyzed the inboxes of a company representing a typical enterprise account of more than 10,000 email users. I found something alarming. Because of Allow...
Why does conventional email security fail to catch some sophisticated impersonation, spear phishing, credential harvesting, and malware? The rapid adoption of the cl...