Tag: email

August 27, 2019

Researchers have identified a never-before-seen threat group targeting Middle East critical infrastructure organizations with novel malware, sent via spearphishing emails. The threat group, LYCEUM, was observed in 2019 sending spear phishing emails harboring malicious Microsoft Excel attachments to oil and […]

August 16, 2019

A targeted spearphishing campaign has hit an organization in the energy sector – after using a savvy trick to get around the company’s Microsoft email security stack. According to Aaron Riley, a researcher from Cofense, the campaign impersonated the CEO […]

August 1, 2019

Money intended for the construction of a brand new high school was instead placed in a bank account controlled by scammers by officials of a North Carolina county. Cabarrus County in North Carolina, home to NASCAR races at the Charlotte […]

July 18, 2019

Microsoft has shown off the first voting system to make use of its ElectionGuard technology, which is designed to prevent tampering with elections, while revealing some alarming statistics about how many normal people – not just business customers – have […]

June 18, 2019

Oregon State University announced Friday that hackers potentially made off with 636 student records and family records of students containing personally identifiable information (PII), after a successful email attack in early May. This comes on the heels of email-based breaches […]

June 13, 2019

Whether it’s from Apple fans, embedded marketing people, or actual developers, applause is an oft-heard feature of any keynote at Apple’s Worldwide Developers Conference. Yet the loudest applause at this year’s conference came not for some shiny feature, but for […]

June 12, 2019

Lake City has warned citizens that administrative systems, including email and credit card systems, are down following a ransomware attack on the Florida municipality. The attack, called “Triple Threat” in a press release issued by the city, reportedly combined three […]

June 11, 2019

Microsoft is warning of a fresh email campaign that distributes malicious RTF files boobytrapped with an exploit dating back to a 2017 vulnerability, CVE-2017-11882. The exploit allows attackers to automatically run malicious code without requiring user interaction. “The CVE-2017-11882 vulnerability […]

June 11, 2019

This wasn’t the first time the chief financial officer of email security vendor Agari had been targeted in a business email compromise (BEC) scam. As with the first incident in August 2018, three months later Agari’s software tool flagged a […]

June 10, 2019

Security researchers at Qualys Common discovered a remote command execution vulnerability in older versions of mail transfer agent (MTA) Exim — a critical, open source piece of the email infrastructure in many organizations. An MTA functions much like a router […]

May 21, 2019

Despite implementation bugs that might affect the security of physical security keys, they are the strongest protection against phishing currently available, Google maintains. On-device prompts and SMS codes are also extremely successful at blocking account hijacking attacks effected via automated […]

May 21, 2019

I travel frequently for business — to industry conferences such as RSA Conference and Black Hat and meeting with clients. Whenever I travel, I bring my work laptop, my personal cellphone enabled with work email and calendar, and, of course, […]

May 14, 2019

Although phishing has been around in various forms since the 1990s, recent news has shown that it continues to evolve – and remains a major threat. These days, phishing tactics are so sophisticated it can be difficult to spot a […]

April 24, 2019

Workers in R&D/Engineering are the most heavily targeted group of employees within organizations, a new Proofpoint report says, and lower-level employees are at a higher risk of email-borne cyber threats than higher-level management roles and executives. Who is being attacked? […]

April 15, 2019

Over the weekend Microsoft confirmed that a “limited” number of Outlook.com webmail accounts had been compromised, allowing hackers to access users’ email addresses, folder names, subject lines, and the names of other email addresses with whom they corresponded. The tech […]

April 5, 2019

Spearphishing campaigns from new and established business email compromise (BEC) gangs are stealing from companies using multiple tactics. A wave of business email compromise (BEC) campaigns targeting direct-deposit payroll information demonstrate once again that sophisticated technical skills aren’t necessary when […]

February 22, 2019

It’s like polymorphic behavior – only the changes are in the email lures themselves, with randomized changes to headers, subject lines, and body content. A new email Trojan campaign spotted by security researchers has added another twist in evasive attacker […]

February 20, 2019

Phishers have come up with another trick to make Office documents carrying malicious links undetectable by many e-mail security services: they delete the links from the document’s relationship file (xml.rels). The trick has been spotted being used in a email […]

February 7, 2019

Tensorflow, Google’s open-source machine learning framework, has been used to block 100 million spam messages. Google reports Gmail is blocking 100 million extra spam emails per day following the implementation of Tensorflow, its open source, machine-learning framework, to supplement existing […]

February 6, 2019

Criminals are taking advantage of Gmail’s ‘dots don’t matter’ feature to set up multiple fraudulent accounts on websites, using variations of the same email address, Agari says. Some cybercriminals are taking advantage of a long-standing feature in Google Gmail designed […]