Phish Fryday – Pentesting and Phishing Defense

Organization seek out security through various means – risk analysis, regulatory compliance, alignment to security frameworks – but can never really be sure they are secure. That’s where pentesting comes in – evaluating security controls through an attack methodology. Given the prevalence of phishing in compromises and breaches, how does pentesting take advantage of this? Here to discuss pentesting and its importance in phishing defense is Soteria co-founder Paul Ihme.

Learn more

Soteria

Questions or comments? Reach us at phishfryday@cofense.com

Discover how cybersecurity awareness training can help your organization defend against changing phishing threats.

Phish Fryday – Beyond the Inbox

Even with users reporting phishing attacks and the best analysis and response tools, there’s a chance someone has already become a victim. Security teams must race the clock to find Indicators of Compromise to identify infected endpoints and spreading malware. In this episode, we’re joined by Alan Rainer, Senior Threat Analyst at Kivu Consulting to discuss how anti-phishing solutions can go beyond the inbox to find and neutralize threats.

Questions or comments? Reach us at phishfryday@cofense.com

Phish Fryday – Q1 2020 Phishing Review

Phishing emails remains one of the top threat vectors used by attackers to breach corporate defenses to inflict harm and make money. Each quarter, Cofense Intelligence analyzes vast quantities of phishing attacks both reported by customers and discovered in other proprietary sources. In this episode, we’re joined by Cofense Cyber Threat Intelligence Analyst and lead author of our Q1 2020 Phishing Review, Aaron Riley.

Resources:

Cofense Q1 2020 Phishing Review

Cofense Intelligence

Questions or comments? Reach us at phishfryday@cofense.com

Learn more about how phishing awareness training can help your organization defend against changing phishing threats.

Phish Fryday – Pragmatic Threat Intelligence

Cybersecurity professionals are noted for their suspicious nature. They have to have it. But, whereas we can imagine a million threat vectors, there’s only so much time in the day and we’re forced to prioritize where we spend our resources protecting our organization. That’s where phishing threat intelligence comes in. Active threats and tactics – seen in the wild – can be more important to your organization’s defense than all the 0-days your mind can imagine. To discuss the pragmatic application of threat intelligence is Cofense Manager of Intelligence Solutions Engineering, Wes Smiley.

Resources:

Cofense Intelligence

Questions or comments? Reach us at phishfryday@cofense.com

Discover how phishing awareness training can help your organization defend against changing phishing threats.

Phish Fryday – Phishing Defense

Phishing attacks are different than other attacks – they tend to be technology light and social manipulation heavy. Defending against these attacks requires a unique set of skills and tools. In this episode we speak with Cofense Director of Product Management Pete Smith to discuss the tools and skills needed for effective phishing defense.

Questions or comments? Reach us at phishfryday@cofense.com

Discover how cybersecurity awareness training can help your organization defend against changing phishing threats.

Phish Fryday – Remote Work Security

The current COVID-19 pandemic has organizations scrambling to setup remote work options for their employees. As technology is hastily rolled out and policies are updated, anxious users are looking for guidance and support. Threat actors, taking advantage of the situation, are using this gap in information to execute successful phishing campaigns. In this episode, we speak with Cofense Co-founder and CTO Aaron Higbee and Cofense Security Solutions Advisor Tonia Dudley to discuss attacks we’re seeing as well as some tips to protect your workforce.

Mentioned in this episode:

WebEx Phishing Campaign

Remote Work Infocenter

Questions or comments? Reach us at phishfryday@cofense.com

Discover how phishing awareness training can help your organization defend against changing phishing threats.

Phish Fryday – Phishing Trends from the Front Lines

Phishing threat actors constantly tweak and tune their attacks to evade secure email gateways to reach user inboxes. When that happens, your best users will report those attacks to security, giving you a jump on neutralizing the threat. In this episode, we speak with Ashley Tran, Threat Analyst in Cofense’s Phishing Defense Center, about the threats she and her team have been seeing lately as customers report the latest attacks.

Mentioned in this episode:

YouTube Phishing Redirects

Coronavirus Infocenter

Questions or comments? Reach us at phishfryday@cofense.com

Discover how cybersecurity awareness training can help your organization defend against changing phishing threats.

Phish Fryday – Threat Intelligence in Phishing Defense

Cyber defense goes beyond following a book of best practices. It requires awareness of current threats and how to defend against those threats, otherwise the amount of “what ifs” will overwhelm a security team. In this episode, we speak with Mollie MacDougall, Intelligence Product Manager at Cofense, about the role of threat intelligence in phishing defense.

Mentioned in this episode:

Cofense Intelligence

Questions or comments? Reach us at phishfryday@cofense.com

Discover how cybersecurity awareness training can help your organization defend against changing phishing threats.

Phish Fryday – Cyber Insurance and Risk Management

Risk management is more than just ensuring bad things don’t happen. There are some risks that can’t be adequately mitigated and organizations look to risk transference, such as insurance, to help protect them. In this episode, we speak with Darren Thomson, head of Cyber Security Strategy at CyberCube, to discuss the role of cyber insurance in cyber risk management.

Mentioned in this episode:

CyberCube

Questions or comments? Reach us at phishfryday@cofense.com

Discover how cybersecurity awareness training can help your organization defend against changing phishing threats.

Phish Fryday – Phishing and Ransomware in Healthcare

While phishing attacks and ransomware affect all industries, healthcare is particularly vulnerable. Medical equipment running outdated software, limited budgets, and a need to provide lifesaving actions without delay increase cyber risk beyond the confidentiality demands of HIPAA. In this episode, we speak with Gerald Auger, a Security Architect with the Medical University of South Carolina about the challenges the healthcare industry faces.

Mentioned in this episode:

Wood Ranch Medical closes due to ransomware attack

Health Industry Cybersecurity Practices

Questions or comments? Reach us at phishfryday@cofense.com

Discover how cybersecurity awareness training can help your organization defend against changing phishing threats.