
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
<p dir=\"ltr\">Despite having enterprise cybersecurity budgets, financial services organizations are, like all organizations, vulnerable to phishing attacks because no solution blocks 100% of phishing emails. The moment an email is blocked, a hacker is making adjustments to increase their chances of success on the next try.</p><p dir=\"ltr\">Sophisticated groups like EvilCorp know their targets, and they know what is protecting them: the security infrastructure that is in place, including email security. Many email security solutions are even visible in a simple MX query. This gives the hacker an advantage. When they know what they are up against, they can find a way to reverse engineer the solution and breakthrough.</p><p dir=\"ltr\">When an email does slip through, even a trained user can mistake a highly sophisticated phishing email for a legitimate email. The OneDrive and SharePoint links in the MirrorBlast campaign add an air of legitimacy to the emails, and the use of a redirect from a legitimate service confuses the email filter.</p><p dir=\"ltr\">It ultimately comes down to two things: invisibility and user training. Your security stack should not be visible to cybercriminals–they will learn how to exploit them, and your users must be trained on the latest threats–not once or twice a year but continually and particularly after they have made the mistake of engaging with a malicious email.</p>