Are Corporate Emails MORE secure than Personal Emails?

Key insights from our BEC (Business Email Compromise) Study using 50K emails counterchecked with HaveIbeenPwned.com.     Key Insights based on the chart above Business Emails are relatively safer Majority (20,924) are not compromised (Null) Still, 16,689 appear in external breaches and 5,856 in personal exposures. This suggests that while many business emails remain safe, …

Quantifying the cybersecurity risk from BEC (Business email compromise)

Understanding the source of Business email compromise is only the first step. The next challenge is quantifying the risk to an enterprise when employee email accounts appear in one, two, or even multiple breaches. A single exposure might reveal basic credentials, but repeated compromises across different platforms often provide attackers with a fuller picture—combining passwords, …

Why Business Emails Get Compromised—Even Without Phishing Clicks or Malware

A common question in cybersecurity circles is: How can business email accounts be compromised even when the user never clicks a phishing link or downloads malware? To explore this, we analyzed 50,000 email addresses from across Asia Pacific, New Zealand, and Australia. Each address was checked against HaveIBeenPwned.com to determine whether it had been exposed, …

DarkCloud Stealer: Inside a Sophisticated Malware Campaign Using AutoIt

Introduction Unit 42 researchers have recently uncovered an advanced phishing campaign leveraging DarkCloud Stealer, an information-stealing malware active since 2022. This malware uses complex evasion techniques, including AutoIt scripting, to bypass security mechanisms and extract sensitive user data. Here’s a breakdown of how this stealthy malware operates and what you can do to protect your …

Achieving (Cyber) Herd Immunity

In the realm of public health, herd immunity is a powerful concept where a significant portion of a community becomes immune to a disease, thereby protecting those who are not immunized. This principle can be applied to cybersecurity, where widespread adoption of robust security measures can create a similar protective effect. By encouraging industry peers …