News & Press

While the administration may look to strengthen security against cyberattackers for cloud providers, like Amazon, Microsoft and Google, experts say the onus is on the customer.

Despite sophisticating email threats, many organizations still rely on traditional methods of email security, primarily secure email gateway (SEG) solutions that have failed to keep up with cyber criminals as they have evolved their tactics. While traditional controls are still effective at blocking commodity types of attacks, they simply cannot detect and block the sophisticated and modern attacks that were seeing more of today.

It was shortly after the pandemic struck in March 2020 when Alamada-Contra Costa Transit District realized they had a problem. This is how it happened, said Tas Jalali, AC Transits head of cybersecurity, in an interview with Industry Insider California. I was hired in late 2019, early 2020 to build the cybersecurity practice. At that point, AC Transit was running a traditional security email gateway. I do not want to mention the vendor, but it was not effective; there were a lot of challenges with it.

Pig butchering is a repulsively named, rising investment scam that uses a potent mix of the promise of romance and the lure of making easy cryptocurrency millions against its unsuspecting targets.

More than half of the startups named on Forbes' newest 500-company list of the "Best Startup Employers" in America, including Abnormal Security, are based in the Bay Area.

Women make up about 24% of the cybersecurity workforce. While the disparity between the number men and women in our industry is shrinking in quantity, it is not in terms of equity. The theme of 2023's International Women's Day is #EmbraceEquity "For International Women's Day and beyond, let's all fully #EmbraceEquity.

Americas Best Startup Employers 2023 was compiled by evaluating 2,600 U.S.-based businesses with at least 50 employees based on three criteria: employer reputation, employee satisfaction and growth. The final list ranks 500 employers.

From high-profile leaders such as OpenAI, DeepMind, and Nvidia to specialists like Signifyd and Voxel, these companies are applying AIs transformative power to an array of tasks.

In this Help Net Security video, Crane Hassold, Director of Threat Intelligence at Abnormal Security, provides insight into the impact of multilingual BEC attacks. They significantly impact global companies that operate in multiple regions and communicate with partners, suppliers, and customers in different languages.

Recommendations include using AI-based email security solutions that can detect communication patterns and conversational-style anomalies.

Email security is often overlooked on a macro level, even as business email compromise (BEC) attacks continue to pose a critical threat to business operations. Reports from Abnormal Security and At-Bay revealed the extent of the riskAbnormals report revealed the median open rate for text-based BEC attacks was nearly 28%.

Mike Britton, CISO for Abnormal Security, brings guest customer Joel Godbout, Cybersecurity Manager at PCL Construction, to discuss Securing Your Cloud Email Platform from Socially-Engineered Attacks.

BEC gangs Midnight Hedgehog and Mandarin Capybara show how online marketing and translation tools are making it easy for these threat groups to scale internationally.

While attacking targets using multiple languages is not new, in the past, these attacks were perpetrated mainly by sophisticated organizations with big budgets and more advanced resources, however a lower barrier to entry now allows threat actors to use Google Translate to instantly translate their malicious emails.

Two business email compromise (BEC) groups have been observed using executive impersonation to conduct attacks on companies worldwide. The findings come from security researchers at Abnormal Security, who have dubbed the threat actors "Midnight Hedgehog," specializing in payment fraud, and "Mandarin Capybara," who is focused on executing payroll diversion attacks.

Abnormal Security today detailed insights into multilingual business email compromise (BEC) attacks in a report, and insights into two actors; Midnight Hedgehog and Mandarin Capybara, who launch these campaigns in multiple languages concurrently.

The threat actors extensively research their target’s responsibilities and relationship with the CEO and create spoofed email accounts that look like real ones.

Business email compromise attacks are effective and costly - and by using translation tools, attackers are going after a wider range of potential victims.

Researchers reported that they’ve identified two groups using executive impersonation to launch business email compromise (BEC) attacks in at least 13 different languages.

Business email compromise (BEC) attacks are a major issue and are reckoned to have accounted for over a third of all financial losses from cyberattacks in 2021.

The latest figures from the FBI Internet Crime Complaint Center (IC3) paint a gloomy picture of the rising volume, intensity, and success of email attacks. Every critical infrastructure sector has become vulnerable, and with $43 billion in exposed losses over the past few years, the threat is more prevalent than ever.

Business email compromise (BEC) attacks have increased by 81% in 2022 and 175% over the past two years, while 98% of employees failed to report the threat, according to Abnormal Security.

Between July–December 2022, the median open rate for text-based business email compromise (BEC) attacks was nearly 28%, according to Abnormal Security.

Cyber attackers are increasingly using social engineering tactics to lure employees into opening malicious emails and being tricked into providing login credentials, updating bank account information and paying fraudulent invoices, Abnormal Security, an email security provider, said in a new study.