News & Press
While the administration may look to strengthen security against cyberattackers for cloud providers, like Amazon, Microsoft and Google, experts say the onus is on the customer.
Despite sophisticating email threats, many organizations still rely on traditional methods of email security, primarily secure email gateway (SEG) solutions that have failed to keep up with cyber criminals as they have evolved their tactics. While traditional controls are still effective at blocking commodity types of attacks, they simply cannot detect and block the sophisticated and modern attacks that were seeing more of today.
It was shortly after the pandemic struck in March 2020 when Alamada-Contra Costa Transit District realized they had a problem. This is how it happened, said Tas Jalali, AC Transits head of cybersecurity, in an interview with Industry Insider California. I was hired in late 2019, early 2020 to build the cybersecurity practice. At that point, AC Transit was running a traditional security email gateway. I do not want to mention the vendor, but it was not effective; there were a lot of challenges with it.
Pig butchering is a repulsively named, rising investment scam that uses a potent mix of the promise of romance and the lure of making easy cryptocurrency millions against its unsuspecting targets.
Women make up about 24% of the cybersecurity workforce. While the disparity between the number men and women in our industry is shrinking in quantity, it is not in terms of equity. The theme of 2023's International Women's Day is #EmbraceEquity "For International Women's Day and beyond, let's all fully #EmbraceEquity.
More than half of the startups named on Forbes' newest 500-company list of the "Best Startup Employers" in America, including Abnormal Security, are based in the Bay Area.
From high-profile leaders such as OpenAI, DeepMind, and Nvidia to specialists like Signifyd and Voxel, these companies are applying AIs transformative power to an array of tasks.
In this Help Net Security video, Crane Hassold, Director of Threat Intelligence at Abnormal Security, provides insight into the impact of multilingual BEC attacks. They significantly impact global companies that operate in multiple regions and communicate with partners, suppliers, and customers in different languages.
Email security is often overlooked on a macro level, even as business email compromise (BEC) attacks continue to pose a critical threat to business operations. Reports from Abnormal Security and At-Bay revealed the extent of the riskAbnormals report revealed the median open rate for text-based BEC attacks was nearly 28%.
BEC gangs Midnight Hedgehog and Mandarin Capybara show how online marketing and translation tools are making it easy for these threat groups to scale internationally.
Business email compromise attacks are effective and costly - and by using translation tools, attackers are going after a wider range of potential victims.
The threat actors extensively research their target’s responsibilities and relationship with the CEO and create spoofed email accounts that look like real ones.
Abnormal Security today detailed insights into multilingual business email compromise (BEC) attacks in a report, and insights into two actors; Midnight Hedgehog and Mandarin Capybara, who launch these campaigns in multiple languages concurrently.
Researchers reported that they’ve identified two groups using executive impersonation to launch business email compromise (BEC) attacks in at least 13 different languages.
Two business email compromise (BEC) groups have been observed using executive impersonation to conduct attacks on companies worldwide. The findings come from security researchers at Abnormal Security, who have dubbed the threat actors "Midnight Hedgehog," specializing in payment fraud, and "Mandarin Capybara," who is focused on executing payroll diversion attacks.
Business email compromise (BEC) attacks are a major issue and are reckoned to have accounted for over a third of all financial losses from cyberattacks in 2021.
The latest figures from the FBI Internet Crime Complaint Center (IC3) paint a gloomy picture of the rising volume, intensity, and success of email attacks. Every critical infrastructure sector has become vulnerable, and with $43 billion in exposed losses over the past few years, the threat is more prevalent than ever.
Business email compromise (BEC) attacks have increased by 81% in 2022 and 175% over the past two years, while 98% of employees failed to report the threat, according to Abnormal Security.
Email is ubiquitous in the workplace, meaning that -- whether we like it or not -- it's still the key method of communication many of us use for getting things done. Unfortunately, cyber criminals and scammers are highly aware of this fact, and try to exploit our reliance on email by distributing business email compromise (BEC) and other phishing attacks.
Cyber attackers are increasingly using social engineering tactics to lure employees into opening malicious emails and being tricked into providing login credentials, updating bank account information and paying fraudulent invoices, Abnormal Security, an email security provider, said in a new study.
Between July–December 2022, the median open rate for text-based business email compromise (BEC) attacks was nearly 28%, according to Abnormal Security.
Recorded business email compromise (BEC) attacks increased by more than 81% during 2022 and by 175% over the past two years, with open rates on malicious emails also surging, according to Abnormal Security.
New research from NCC Group and Abnormal Security shows clouds and a bit of silver to line them: Ransomware attacks declined last year, but business email compromises increased — massively for smaller businesses — and a third of toxic emails got through their human gateways.
Abnormal Security describes a business email compromise (BEC) gang it calls “Firebrick Ostrich” that performs third-party reconnaissance attacks in the service of subsequent business email compromise (BEC) attacks. The