LIVE · cybersecurity feed
email security

Webinar tomorrow: Why modern email attacks require a new approach to defense

zeroday.news·1d ago

A webinar scheduled for July 8th will address the evolving landscape of email-based cyber threats and the limitations of current defense strategies. The event, titled "Stop chasing alerts: Automating email security with behavioral AI," will feature insights from Dan Nickolaisen, Solutions Architect Manager at Abnormal AI, and Eric Danneker, Director of Cyber Vigilance and Defense at Novant Health.

Despite ongoing investments in secure email gateways, multi-factor authentication, and identity protection, organizations continue to grapple with persistent threats such as phishing, business email compromise (BEC), and account takeover (ATO) attacks. These attacks are increasingly sophisticated, leveraging trusted identities, legitimate services, and normal business communications to circumvent traditional security measures, rather than relying on overt malware or suspicious attachments.

Recent analysis has highlighted techniques like Device Code phishing, trusted sender impersonation, BEC, and ATO as common methods employed by attackers to bypass existing defenses. The shared characteristic of these attacks is their exploitation of established trust relationships and legitimate workflows, making them difficult for conventional security tools to detect. This often results in security teams dedicating significant manual effort to investigate suspicious emails and validate user activity, frequently after an attacker has already gained a foothold within an organization.

The webinar aims to explore how behavioral artificial intelligence (AI) can offer a more effective approach to combating these advanced threats. By analyzing communication patterns, behavioral AI can help identify anomalies that deviate from normal organizational activity, thereby enabling the automation of investigations and accelerating response times.

Attendees will gain practical knowledge from security professionals who have adopted behavioral AI solutions. The discussion will cover the operational challenges posed by alert fatigue and the inefficiencies of manual investigation processes. It will also delve into how behavioral AI can streamline detection, investigation, and remediation workflows, ultimately enhancing an organization's resilience against sophisticated email attacks.

The session will provide practical strategies for identifying these evolving threats earlier and reducing the workload on security personnel. Key topics to be covered include the specific ways modern phishing, BEC, and ATO attacks bypass traditional security controls, the continued success of methods like Device Code phishing and trusted sender impersonation, and the detrimental impact of alert fatigue. The webinar will also focus on the practical application of behavioral AI in automating security processes and improving response times.

email securityaiphishingbec
← Back to latest

More News

view all →
zeroday.news · 2h ago·high

China-Linked APT Expands Arsenal With New ‘Leash’ Backdoors

A China-linked advanced persistent threat (APT) group, identified as LapDogs, has reportedly enhanced its malicious toolkit. Security researchers have observed the deployment of three new backdoors: LongLeash, DogLeash, and JarLeash, which are designed to compromise small office/home office (SOHO) routers.

zeroday.news · 2h ago·high

RedWing Android Spyware Sold as a Service on Telegram

A new Android spyware called RedWing is being offered as a service on Telegram, allowing less sophisticated attackers to compromise phones and steal banking information. Researchers have identified it as a polished malware-as-a-service operation with extensive documentation and a subscription model, potentially linked to Russian threat actors. RedWing employs fake login overlays, SMS interception, call forwarding, and even screen control to harvest credentials and conduct further malicious activities.

zeroday.news · 3h ago·high

Operationalizing Day Minus Seven: The Cloud-Native ROC

The article introduces the concept of a Risk Operations Center (ROC) as a necessary evolution for cybersecurity teams facing AI-driven threats. It argues that traditional risk management models are insufficient due to the speed at which AI can discover and exploit vulnerabilities, especially in cloud environments. A ROC, powered by platforms like Qualys Enterprise TruRisk Management (ETM), aims to unify disparate security findings, hyper-prioritize risks based on exploitability and business impact, and enable autonomous remediation to keep pace with attackers.

zeroday.news · 3h ago·critical

Ubiquiti Patches Critical UniFi Flaws Across Connect, Talk, Access, Protect, and OS

Ubiquiti has released security updates to address several critical vulnerabilities affecting its UniFi product line, including UniFi Connect, Talk, Access, Protect, and OS. These flaws could allow attackers to escalate privileges or execute arbitrary commands on affected devices. While no active exploitation has been reported for these specific vulnerabilities, the company has previously seen its UniFi OS and Edge OS products targeted by threat actors.

zeroday.news · 3h ago·high

Armored Likho Hits Government, Energy Sectors With BusySnake Stealer

Cybersecurity researchers have identified a new threat actor, dubbed Armored Likho, targeting government and energy sectors in Russia, Kazakhstan, and Brazil with a sophisticated phishing campaign. The operation utilizes a custom-built Python infostealer named BusySnake, designed to steal credentials, sensitive documents, and other high-value data. The attackers employ AI-generated payloads to obscure their activities and maintain persistence through various methods, including reverse SSH tunneling.

zeroday.news · 3h ago·critical

Attackers using Langflow flaw for credential harvesting (CVE-2026-55255)

CISA has issued a warning regarding a critical vulnerability (CVE-2026-55255) in the Langflow AI framework, which is being actively exploited by attackers. The flaw allows authenticated users to execute arbitrary flows belonging to other users, potentially leading to the theft of sensitive credentials and data exposure, especially in multi-tenant environments. US federal agencies have been mandated to patch this vulnerability by July 10th.