Security News

UC San Diego Health, the academic health system of the University of California, San Diego, has disclosed a data breach after the compromise of some employees' email accounts. UC San Diego Health is one of the nation's best hospitals, being repeatedly ranked as the best health care system in San Diego, according to the 2021-2022 U.S. News & World Report survey.

Microsoft has extended Defender for Office 365 Safe Links protection to Microsoft Teams to safeguard users from malicious URL-based phishing attacks. "With today's announcement, organizations with Microsoft Defender for Office 365 can further protect Microsoft Teams users from malicious phishing attacks that are often orchestrated using weaponized URLs," Microsoft said.

Nearly three-quarters of respondents said their organizations have fallen victim to a phishing attack in the last year, with 40% confirming they have experienced one in the last month. The annualized risk of a data breach resulting from mobile phishing attacks has a median value of about $1.7M, and a long tail of value of about $90M. Hackers are exploiting enterprise security gaps in the Everywhere Workplace, in which remote workers are using mobile devices more than ever before to access corporate data.

Vade released its Phishers' Favorites report for H1 2021, which revealed that there has been a major jump in phishing attacks since the start of the year with a 281 percent spike in May and another 284 percent increase in June, for a total of 4.2 billion phishing emails detected by Vade for June alone. In Q2 2021, Crédit Agricole phishing URLs increased 296 percent, while La Banque Postale URLs increased 831 percent, pushing them up 18 spots to #5 on the list.

Google Chrome now comes with up to 50 times faster phishing detection starting with the latest released version 92, promoted to the stable channel on Tuesday. The phishing site detection speed-up stems from improvements to the Chrome image processing tech used to compare the color profiles of visited websites with collections of signals associated with phishing landing pages.

Automation company Ivanti has surveyed more than 1,000 IT professionals on the effects of phishing at their organizations, and what it has found is grim security news: 74% of companies have fallen prey to phishing in the past year, and 40% became victims in the last month alone. In particular, Ivanti cites the COVID-19 induced shift to remote work as a major reason for increased "Onslaught, sophistication and impact of phishing attacks."

Cofense launched Cofense Protect MSP, a phishing protection solution that's designed for managed services providers tasked with protecting small and medium businesses against phishing attacks. With 96% of all cyberattacks starting with phishing, and 1.5 million phishing websites created every month, MSPs need a solution that is easy to deploy, requires no ongoing maintenance, offers monthly billing, offers a single interface for training and protection technology, and is designed with multi-tenancy functionality - that's Cofense Protect MSP. Cofense Protect MSP pairs Computer Vision that simulates how humans see, with Cofense PhishMe's real-world simulation training.

Half of US organizations are not effective at countering phishing and ransomware threats, Osterman Research research reveals. The study asked respondents to rate their effectiveness in 17 key best practice areas related to ransomware and phishing, ranging from protecting endpoints from malware infection to ensuring prompt patching of all systems.

Coinbase is the largest exchange in the U.S., and researchers have detected numerous phishing campaigns against Coinbase users. Researchers at anti-phishing firm INKY have discovered dozens of current phishing campaigns targeting Coinbase users.

Mimecast announced the Mimecast CyberGraph solution, a new add-on for Mimecast Secure Email Gateway that is engineered to use Artificial Intelligence to help detect sophisticated phishing and impersonation attacks. "Phishing and impersonation attacks are getting more sophisticated, personalized and harder to stop. If not prevented, these attacks can have devastating results for an enterprise organization," said Josh Douglas, VP, Product Management for Threat Intelligence at Mimecast.