Cyber-crime, Email security, Malware, Phishing, Security
August 27, 2019
Via: Threat PostResearchers have identified a never-before-seen threat group targeting Middle East critical infrastructure organizations with novel malware, sent via spearphishing emails. The threat group, LYCEUM, was observed in 2019 sending spear phishing emails harboring malicious Microsoft Excel attachments to oil and […]
Cyber-crime, Email security, Phishing, Security
August 16, 2019
Via: Threat PostA targeted spearphishing campaign has hit an organization in the energy sector – after using a savvy trick to get around the company’s Microsoft email security stack. According to Aaron Riley, a researcher from Cofense, the campaign impersonated the CEO […]
August 1, 2019
Via: Hot for SecurityMoney intended for the construction of a brand new high school was instead placed in a bank account controlled by scammers by officials of a North Carolina county. Cabarrus County in North Carolina, home to NASCAR races at the Charlotte […]
July 18, 2019
Via: TechRadarMicrosoft has shown off the first voting system to make use of its ElectionGuard technology, which is designed to prevent tampering with elections, while revealing some alarming statistics about how many normal people – not just business customers – have […]
June 18, 2019
Via: Threat PostOregon State University announced Friday that hackers potentially made off with 636 student records and family records of students containing personally identifiable information (PII), after a successful email attack in early May. This comes on the heels of email-based breaches […]
Email security, Mobile, Privacy protection, Security
June 13, 2019
Via: Dark ReadingWhether it’s from Apple fans, embedded marketing people, or actual developers, applause is an oft-heard feature of any keynote at Apple’s Worldwide Developers Conference. Yet the loudest applause at this year’s conference came not for some shiny feature, but for […]
Email security, Hacker, Security, Threats & Malware
June 12, 2019
Via: Hot for SecurityLake City has warned citizens that administrative systems, including email and credit card systems, are down following a ransomware attack on the Florida municipality. The attack, called “Triple Threat” in a press release issued by the city, reportedly combined three […]
Cyber-crime, Email security, Malware, Security, Vulnerabilities
June 11, 2019
Via: Threat PostMicrosoft is warning of a fresh email campaign that distributes malicious RTF files boobytrapped with an exploit dating back to a 2017 vulnerability, CVE-2017-11882. The exploit allows attackers to automatically run malicious code without requiring user interaction. “The CVE-2017-11882 vulnerability […]
Cyber-crime, Email security, Identity theft, Security
June 11, 2019
Via: Dark ReadingThis wasn’t the first time the chief financial officer of email security vendor Agari had been targeted in a business email compromise (BEC) scam. As with the first incident in August 2018, three months later Agari’s software tool flagged a […]
Email security, Security, Threats & Malware, Vulnerabilities
June 10, 2019
Via: Dark ReadingSecurity researchers at Qualys Common discovered a remote command execution vulnerability in older versions of mail transfer agent (MTA) Exim — a critical, open source piece of the email infrastructure in many organizations. An MTA functions much like a router […]
Cyber-crime, Email security, Phishing, Security
May 21, 2019
Via: Help Net SecurityDespite implementation bugs that might affect the security of physical security keys, they are the strongest protection against phishing currently available, Google maintains. On-device prompts and SMS codes are also extremely successful at blocking account hijacking attacks effected via automated […]
Mobile security, Network security
May 21, 2019
Via: Security IntelligenceI travel frequently for business — to industry conferences such as RSA Conference and Black Hat and meeting with clients. Whenever I travel, I bring my work laptop, my personal cellphone enabled with work email and calendar, and, of course, […]
Email security, Malware, Phishing
May 14, 2019
Via: Help Net SecurityAlthough phishing has been around in various forms since the 1990s, recent news has shown that it continues to evolve – and remains a major threat. These days, phishing tactics are so sophisticated it can be difficult to spot a […]
Cyber-crime, Email security, Phishing, Security
April 24, 2019
Via: Help Net SecurityWorkers in R&D/Engineering are the most heavily targeted group of employees within organizations, a new Proofpoint report says, and lower-level employees are at a higher risk of email-borne cyber threats than higher-level management roles and executives. Who is being attacked? […]
Email security, Network security, Security
April 15, 2019
Via: Hot for SecurityOver the weekend Microsoft confirmed that a “limited” number of Outlook.com webmail accounts had been compromised, allowing hackers to access users’ email addresses, folder names, subject lines, and the names of other email addresses with whom they corresponded. The tech […]
April 5, 2019
Via: Dark ReadingSpearphishing campaigns from new and established business email compromise (BEC) gangs are stealing from companies using multiple tactics. A wave of business email compromise (BEC) campaigns targeting direct-deposit payroll information demonstrate once again that sophisticated technical skills aren’t necessary when […]
February 22, 2019
Via: Dark ReadingIt’s like polymorphic behavior – only the changes are in the email lures themselves, with randomized changes to headers, subject lines, and body content. A new email Trojan campaign spotted by security researchers has added another twist in evasive attacker […]
February 20, 2019
Via: Help Net SecurityPhishers have come up with another trick to make Office documents carrying malicious links undetectable by many e-mail security services: they delete the links from the document’s relationship file (xml.rels). The trick has been spotted being used in a email […]
February 7, 2019
Via: Dark ReadingTensorflow, Google’s open-source machine learning framework, has been used to block 100 million spam messages. Google reports Gmail is blocking 100 million extra spam emails per day following the implementation of Tensorflow, its open source, machine-learning framework, to supplement existing […]
Email security, Identity theft, Network security
February 6, 2019
Via: Dark ReadingCriminals are taking advantage of Gmail’s ‘dots don’t matter’ feature to set up multiple fraudulent accounts on websites, using variations of the same email address, Agari says. Some cybercriminals are taking advantage of a long-standing feature in Google Gmail designed […]