Proofpoint and Facebook are in court fighting over how to handle the problem of domains that impersonate well-known brands, highlighting the difficulty in differentiating malicious activity and security awareness.
Criminals pay attention to user demographics to target specific types of users when crafting email-based attacks, a joint study from Google and Stanford found.
The Nigeria Police Force, in partnership with Interpol and Group-IB, has arrested three men suspected of being part of a cybercriminal gang that specialized in business-email-compromise scams.
Attackers are cross-checking stolen Office 365 credentials on Azure Active Directory in real-time after victims type them into a malicious phishing page, researchers from Armorblox said.
Google's Threat Analysis Group discovered one attacker exploiting five separate zero days in several applications last year, a highly unusual attack pattern.