News & Press

Researchers have identified a new business email compromise (BEC) group that has been impersonating legitimate attorneys, law firms and debt recovery services in order to trick accounting employees into paying fake invoices.

Big Law firms including Kirkland & Ellis, Dentons, and Clifford Chance among others have been targeted by a business email phishing group that uses a sophisticated typosquatting approach to trick recipients. Scammers in the group, named “Crimson Kingsnake,” impersonate lawyers from prominent law firms in emails with invoices for overdue payment of services, a report says. Abnormal Security said it has identified 92 domains linked to the threat actor, all similar to genuine law firm sites.

The identity of 19 law firms and debt collection agencies, including BigLaw outfits like Hogan Lovells and White & Case, have been used in a business email compromise scam identified.

A business email compromise (BEC) group dubbed 'Crimson Kingsnake' has recently been spotted impersonating well-known international law firms to trick recipients into approving overdue invoice payments.

A new threat group called Crimson Kingsnake is impersonating real law companies and debt recovery services to intimidate businessess into paying bogus overdue invoices.

A business email compromise (BEC) group named 'Crimson Kingsnake' has emerged, impersonating well-known international law firms to trick recipients into approving overdue invoice payments.

Prominent venture capital firm Madrona Venture Group today released the latest edition of its IA40 list, an annually published list of 40 promising intelligent application startups.

Now that the hybrid and remote working models have forever changed IT environments for security teams, it’s become more challenging than ever for security pros to determine what passes for normal behavior.

The system says it is working with law enforcement and cybersecurity experts. Some hospitals have rescheduled patient appointments and some systems are offline.

Criminals have found a novel way to intercept wire transfers for down payments. Can a small team of Secret Service agents prevent your worst real estate nightmare?

A new and particularly sneaky business email compromise (BEC) campaign has been spotted that sees victims forwarded an email chain, seemingly coming from their boss, instructing them to send on funds.

Turkey-based threat group Cobalt Terrapin has been deploying a more sophisticated business email compromise campaign involving both vendor and executive impersonation since July, ZDNET reports.

Business email compromise scammers are getting savvier with their lures - and new attack groups are emerging.

A strategy to prevent data breaches and minimize damages from compromised systems is not only essential but also in need of continual updating. Attacker techniques, and the tools that are available to thwart them, are always evolving. Here are 10 of the innovators who are working to shape the future of breach prevention.

While ransomware seems stalled, business email compromise (BEC) attacks continue to make profits from the ProxyShell and Log4j vulnerabilities, nearly doubling in the latest quarter.

John Scrimsher, Chief Information Security Officer (CISO) at Kontoor Brands, shares how he built and developed the company’s cybersecurity program

After suffering a breach earlier this month, the ride-share platform Uber said last week that it believes the infamous hacking group Lapsus$ was behind the attack.

The APWG’s Phishing Activity Trends Report reveals that in the second quarter of 2022, the APWG observed 1,097,811 total phishing attacks — the worst quarter for phishing that APWG has ever observed

Nicole Jiang, director of product and design at email security company Abormal Security, said when she joined the company in 2018, she was the eighth employee and many of the people didn’t really have experience in cybersecurity.

The partnership follows the recent appointments of new regional leaders within Abnormal Security, with Maiwand Youssofzay named as country manager for ASEAN and Matt Campbell as head of Partners and Alliances across Asia Pacific.

Facebook lead-generation forms are being repurposed to collect passwords and credit card information from unsuspecting Facebook advertisers.

Plex issued password reset notices after detecting a data breach after an unauthorized party accessed a user account information database and accessed a limited subset of data.

As it continues on its digital transformation journey, Belron’s Anthony Foust explains how the company’s cyber capabilities are leading the way.

About $4 million in federal funding intended for housing assistance in Kentucky was stolen after someone directed that money to a private bank account, officials of the City of Lexington said.