The FBI believes that the massive Yahoo! breach started with either a social engineering or spear phishing attack on privileged users according to Ars Technica.

“Malcom Palmore, the FBI special agent in charge of the bureau’s Silicon Valley office, told Ars in an interview that the initial breach that led to the exposure of a half a billion Yahoo accounts likely started with the targeting of a ‘semi-privileged’ Yahoo employee and not top executives.

It’s tax season. That means cyber attacks are in high gear. A trend that started last year and has increased in frequency involves attacks focused on stealing employee W-2 information. The hackers then go on and submit false tax returns, open home equity lines of credit and commit other fraud.

People are your weakest link. That is what the data tell us about cybersecurity risk today. Every day there are more great tools to protect your network, endpoints and applications. Still others expose threat intelligence, more accurately report intrusion attempts and even identify nefarious behavior by insiders.

There are many differences between phishing, spear phishing and social engineering attacks, but they are often used interchangeably and incorrectly. That creates some confusion when people are describing attacks and planning for defense. Understanding these attack types is important.

BBC reported recently that Facebook and Google separately wired over $100 million to a single hacker in Lithuania. While these are global corporate giants, there are lessons for everyone about cybersecurity in 2017.

A lone hacker can cause a big financial loss
No matter how sophisticated your cybersecurity defense, you are at risk
Spear phishing and social engineering bypass network and endpoint security

Cyber Criminals Posing as a Supplier
Facebook and Google really aren’t that special in falling for this type of scam.

The New York Times reported last week that spear phishing attacks have escalated recently targeting nuclear power plants, utilities and manufacturers. The article focused specifically on the threat to nuclear facilities where “spear phishing” was the common cyber attack technique.

A new infographic from Crozdesk illustrates the negative impact a cyber security attack can have on a business. Cyber attacks are becoming more sophisticated and more frequent making companies even more vulnerable. And the consequences are becoming more severe.

Three years ago, Martin Engineering IT Manager Mike Komnick started to see a rise in spear phishing emails. They were supposedly from the CEO and sought to initiate wire transfers. One was even in process, but thankfully, canceled before completion.

Graphus®  is used by organizations of all sizes and various industries. Many of our customers that use Microsoft Office 365 also have implemented Microsoft’s Advanced Threat Protection (ATP) with the goal of protecting their organization from sophisticated cyber attacks.

In a recent DCInno article featuring Graphus, staff writer Samantha Sabin spoke with CEO and co-founder Manoj Srivastava on how the company has created a new email security solution to protect against phishing schemes. Most solutions rely on employee training, but Graphus automatically detects suspicious emails before they can even reach an employee's inbox.