The Payment Card Industry Data Security Standard (PCI-DSS) is a globally recognized framework for securing cardholder data managed by merchants and service providers. It outlines rigorous security measures to protect payment card information during storage, processing, and transmission, reducing risks of data breaches and unauthorized access. In its latest update, the PCI Security Standards Council…Continue Reading: PCI-DSS takes aim at phishing attacks
Phishing
BreakSPF: How to mitigate the attack
BreakSPF is a newly identified attack framework that exploits misconfigurations in the Sender Policy Framework (SPF) a widely used email authentication protocol. A common misconfiguration involves overly permissive IP ranges, where SPF records allow large blocks of IP addresses to send emails on behalf of a domain. These ranges often include shared infrastructures like cloud…Continue Reading: BreakSPF: How to mitigate the attack
Boosting email security amid recent Coinbase phishing attempts
In recent weeks, there have been reports of sophisticated phishing attacks disguised as official communication from the cryptocurrency platform, Coinbase. These phishing emails closely mimic Coinbase’s branding and language to build recipient trust and prompt clicks on malicious links. The subject lines of these emails generally follow a format: the sender’s address starts with either…Continue Reading: Boosting email security amid recent Coinbase phishing attempts
Strengthening U.S. political campaigns against cyber threats: The urgent need for DMARC implementation
Securing political campaigns from cyber threats has never been more urgent. It is critical to secure communications that handle sensitive exchanges with voters, contributors, donations and coordinate complex operations. Campaigns make exceptionally rich targets for cyber espionage and exploitation, with our open-source research, demonstrating nearly 75% of US Senate campaign websites having not achieved Domain-based…Continue Reading: Strengthening U.S. political campaigns against cyber threats: The urgent need for DMARC implementation
Behind the Screens: North Korea’s Focus on DMARC in Email Espionage
If you missed our recent virtual fireside chat “Behind the Screens: North Korea’s Focus on DMARC in Email Espionage,” or couldn’t attend due to geographical restrictions, we’ve got you covered. Joined by cybersecurity experts from the Federal Bureau of Investigation (FBI) and Stanford University, together with Red Sift, the session explored how the North Korean…Continue Reading: Behind the Screens: North Korea’s Focus on DMARC in Email Espionage
How to Protect Against Identity-Based Attacks?
As the digital world becomes more reliant on identity-based authorization for users, applications, and devices, it opens up the scope for identity-based attacks. This primarily targets the vulnerabilities in identity systems, aiming to exploit or manipulate them for malicious purposes. …Continue Reading: How to Protect Against Identity-Based Attacks?
