For organizations worried about phishing attacks and the prospect of losing control over their files the checklist from the Democratic National Committee is a good starting point to improve baseline security practices.
Mining Certificate Transparency logs can help uncover phishing sites using spoofed domain names, but it’s hard to do. Facebook has updated its Certificate Transparency Monitoring tool to notify website owners when their sites are being spoofed for malicious use.
Pawn Storm (aka Fancy Bear) has been attempting to phish webmail accounts for many years now, targeting U.S. senators and political organizations across the world, according to a recent Trend Micro report.
Malicious attacks against U.K. universities have doubled in the past year - find out how to protect against ransomware and phishing attacks that target research data.
A recently patched, high-severity Windows vulnerability, CVE-2017-0199, is being used in phishing attacks to deliver malware to users - hitting 1.5 million users in Q2 of this year.