Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Trustwave’s MailMarshal received a major update this month with the addition of PageML to the Blended Threat Module. The BTM enables the email security solution to conduct in-depth, real-time scans when a URL in an email is clicked to determine if the URL is malicious. PageML boosts the BTM’s ability to detect malicious URLs by one-third by applying machine learning techniques to page content in real time. The new scanning feature is named PageML, short for Page Machine Learning.

At the end of 2021 Cloudflare launched Security Center, a unified solution that brings together our suite of security products and unique Internet intelligence. It enables security teams to quickly identify potential security risks and threats to their organizations, map their attack surface and mitigate these risks with just a few clicks. While Security Center initially focused on application security, we are now adding crucial zero trust insights to further enhance its capabilities.

In recent years, phishing attacks have become increasingly sophisticated and are now being conducted through various messaging platforms such as Telegram. Telegram is a popular messaging app that allows users to send messages, photos, videos, and other files over the internet. It also provides APIs that allow developers to create custom bots and applications. Unfortunately, these same APIs can be used by malicious actors to exfiltrate credentials successfully phished from attacks.

On Friday, March 10, 2023, California state regulators took possession of Silicon Valley Bank (SVB) and appointed The Federal Deposit Insurance Corporation (FDIC) as receivers. SVB was a 40-year-old commercial bank that was an important lender for the tech and venture capital sector. It’s estimated that half of US venture-backed start-ups were customers of the bank.

Netskope Threat Labs is tracking a 17x increase in traffic to malicious web pages hosted on DigitalOcean in the last six months. This increase is attributed to new campaigns of a known tech support scam that mimics Windows Defender and tries to deceive users into believing that their computer is infected.

Overall, while API email security services can provide a valuable layer of protection against email-based threats, they are not foolproof and can have limitations and weaknesses. It is important to consider these weaknesses when selecting and configuring an API email security service.

Spam email is a type of email that is sent in bulk for commercial advertising or phishing. Email scams are also a spam email, where scammers try to trick you into revealing personal information or giving them money. It can be easy to identify spam and phishing scam emails if you know what to look for in fake emails.

Business email compromise (BEC) is a dangerous type of email spoofing that targets businesses, aiming to damage them in some way. Overall, BEC “is one of the most financially damaging online crimes,” according to a joint Cybersecurity Advisory by the Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the US Department of Agriculture (USDA).

Willie Sutton, the criminal who became legendary for stealing from banks during a forty year career, was once asked, "Why do you keep robbing banks?" His answer? "Because that's where the money is." However, today there's a better target for robbers today than banks, which are typically well-defended against theft... Cryptocurrency wallets.