Majority of Microsoft 365 Admins Don't Enable MFA

Beyond admins, researchers say that 97 percent of all total Microsoft 365 users do not use multi-factor authentication. Over and above admins, researchers say that 97 % of all full Microsoft 365 users do not use multi-factor authentication. Up to 78 percent of Microsoft 365 ...

Microsoft is the Most-Imitated Brand for Phishing Emails

In a recent study into the brands most frequently spoofed by cyber-attackers to steal personal information, Microsoft came out on top with 19% of all brand phishing attempts - 10 percentage points above the next closest brand.

Phishers Capitalize on Headlines with Breakneck Speed

Marking a pivot from COVID-19 scams, researchers track a single threat actor through the evolution from the pandemic to PayPal, and on to more timely voter scams — all with the same infrastructure.

BEC Attacks: Nigeria No Longer the Epicenter as Losses Top $26B

BEC fraudsters now have bases of operation across at least 39 counties and are responsible for $26 billion in losses annually — and growing.

Account Takeover Fraud Losses Total Billions Across Online Retailers

Account takeover (ATO) attacks are on the rise, and in fact have become a go-to attack of choice cybercriminals of all stripes. In fact, in 2019 alone, ATO attacks cost consumers and e-commerce retailers a whopping $16.9 billion in losses.

Fileless Malware Tops Critical Endpoint Threats for 1H 2020

When it comes to endpoint security, a handful of threats make up the bulk of the most serious attack tools and tactics.

Google Cloud Buckets Exposed in Rampant Misconfiguration

A too-large percentage of cloud databases containing highly sensitive information are publicly available, an analysis shows.

SecOps Teams Wrestle with Manual Processes, HR Gaps

Enterprise security teams are "drowning in alerts." Only about half of enterprises are satisfied with their ability to detect cybersecurity threats, according to a survey from Forrester Consulting – with respondents painting a picture of major resource and technology gaps hamstringing their efforts to block cyberattacks.

QR Codes Serve Up a Menu of Security Concerns

QR code usage is soaring in the pandemic — but malicious versions aren't something that most people think about.

Large Orgs Plagued with Bugs, Face Giant Patch Backlogs

Vulnerability management continues to challenge businesses, as they face tens of thousands of bugs with every scan.

DDoS Attacks Cresting Amid Pandemic

Attacks were way up year-over-year in the second quarter as people continue to work from home.

Sharp Spike in Ransomware in U.S. as Pandemic Inspires Attackers

COVID-19 has changed the face of cybercrime, as the latest malware statistics show.

Apple Knocked Off Perch as Most Imitated Brand for Phishing Attacks

COVID-19 pandemic spurs spoofing preference changes, plus a surge in email-based attacks.

DMARC Adoption Spikes, Higher Ed Remains Behind

As colleges and universities prepare for the fall semester, email protections against surging threats like BEC and phishing are lagging.

70 Percent of Mobile, Desktop Apps Contain Open-Source Bugs

70 Percent of Mobile, Desktop Apps Contain Open-Source Bugs - A lack of awareness about where and how open-source libraries are being used is problematic, researchers say.