Social media threats targeting enterprises more than doubled last year. Attacks on the retail industry specifically have grown, as threat actors are targeting victims with impersonation and counterfeit ad campaigns. Purchasing behavior is increasingly influenced by social media, making it an attractive vector for these kinds of campaigns. The tendency of social media users to...

As the world becomes more and more dependent on online resources to complete daily tasks, such as work meetings, grocery shopping, and even exercising, the risk of cyber attacks, data breaches, and information stealing increases. If you’re not already protecting your personal information online, now is the perfect time to start, as Data Privacy Weeks kicks off today.Led by the...

Over the course of my technical career, I’ve always thought of Oauth2 to, frankly, be a bit of a pain. Oauth2 offers a mind boggling amount of possibilities and is the basis of many authorization workflows.However, I have found the documentation and supporting examples of how to integrate Oauth2 somewhat lacking. I hope that someone out in the ether will find this blog post and...

Office 365 phishing emails come in common patterns. I'll list them here and also cover Office 365 anti-phishing features for prevention, detection, and response. Today, the typical Office 365 phishing emails direct users to fake Office 365 Sign-in pages. The victim submits their credentials, effectively handing over their password. Fraudsters use that login to access the...

Amid a troubling rise in zero-day phishing attacks, recent research suggests that some companies may be making an ill-advised shift away from blocking advanced email threats to responding to them post-delivery. If true, the capitulation couldn't come at a worse time. Since January, cybercriminals taking advantage of the COVID-19 outbreak have been targeting businesses and...

You’ve heard the statistics…more than 70% of all business users will be provisioned with cloud office applications in the next two years, including email. It’s an overdue modernization that eliminates physical infrastructure to drive cost savings and integrate services for improved productivity Chasing this move, cybercriminals intent on account takeover are evolving their...

Editor's Note: This post originally appeared on the Microsoft Security blog and has been republished here.  You already know that email is the number one attack vector for cybercriminals. But what you might not know is that without a standard email security protocol called Domain Message Authentication, Reporting, and Conformance (DMARC), your organization is open to the...

Enterprise email architecture is evolving, which is good news for cybercriminals. Legacy secure email gateways (SEGs) simply don't provide full protection from today’s evolving and costly attacks, and cloud-based email requires a new security approach. In contrast, the next generation of email security—the AI-powered Secure Email Cloud—gives organizations more comprehensive...