September 21, 2018 - The Simple Authentication and Security Layer (SASL) is an essential element of online authentication. But are you aware of all the known vulnerabilities? And, more importantly, have you patched them?
September 20, 2018 - Thousands of WordPress sites have been injected with the same malicious redirection. We review the infection details and the malicious traffic leading to browser lockers.
September 20, 2018 - Beyond the medium used to reach you (which is most often email), what are some of the common signs and behaviors of phishing? Conversations that focus on the inbox only leave users with an inadequate understanding of how to protect against this ubiquitous threat.
September 19, 2018 - We've observed a low level spam campaign working its way through Twitter, with just under 2,000 posts visible on public search since September 1. What're they trying to sell this time? Some CBD oil!
September 17, 2018 - A roundup of the security news from September 10–16, including omnichannel fraud, ways to get back at scammers, the security of 2FA, and partnerstrokas.
September 14, 2018 - It isn't tax season for UK (or US) residents, but that hasn't deterred scammers from sending out an HMRC phish double whammy with a tight deadline attached.
September 14, 2018 - Two factor authentication (2fa) was introduced to enhance login security, but does it always work as advertised? Or can it be bypassed?
September 13, 2018 - Tech support scammers belonging to the Partnerstroka group are once again abusing browsers, this time with a new browlock feature to reel in more victims, in one of the biggest campaigns we've ever tracked.
September 12, 2018 - There's a new kind of fraud out there, and it's after organizations that have embraced omnichannel, a strategy that focuses on improved user experience. We take a look at what omnichannel is, the kinds of fraud that can affect businesses using this approach, and how they can protect themselves—and their clients.
September 11, 2018 - We take a look at some of the safe ways to waste a spammer's time, whether by email or telephone.