The U.S. government on Thursday published a new cybersecurity advisory warning of North Korean threat actors’ attempts to send emails in a manner that makes them appear like they are from legitimate and trusted parties. The joint bulletin was published by the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Department […]
The Cyber Police of Ukraine has arrested three individuals on suspicion of hijacking more than 100 million emails and Instagram accounts from users across the world. The suspects, aged between 20 and 40, are said to be part of an organized criminal group living in different parts of the country. If convicted, they face up […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Roundcube email software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The issue, tracked as CVE-2023-43770 (CVSS score: 6.1), relates to a cross-site scripting (XSS) flaw that stems from the handling of linkrefs in […]
Varonis Threat Labs has uncovered a significant vulnerability in Microsoft Outlook (CVE-2023-35636) that allows attackers to access NTLM v2 hashed passwords. This discovery also includes vulnerabilities in Windows Performance Analyzer (WPA) and Windows File Explorer, posing serious security risks. What is CVE-2023-35636? CVE-2023-35636 is an exploit targeting the calendar sharing function in Microsoft Outlook. By […]
SMTP stands for Simple Mail Transfer Protocol. It’s a protocol used for sending emails across the Internet. SMTP operates on a push model, where the sending server pushes the email to a receiving server or an intermediary mail server. Here are some basic concepts associated with SMTP: Sending and Receiving Servers: SMTP involves at least […]
CVE-2023-35628 is a critical remote code execution (RCE) vulnerability affecting the Microsoft Windows MSHTML platform, with a Common Vulnerability Scoring System (CVSS) score of 8.1, indicating a high level of risk. This flaw is particularly concerning because it can be exploited without any interaction from the user. The vulnerability can be triggered when Microsoft Outlook […]
Delivery- and shipping-themed email messages are being used to deliver a sophisticated malware loader known as WailingCrab. “The malware itself is split into multiple components, including a loader, injector, downloader and backdoor, and successful requests to C2-controlled servers are often necessary to retrieve the next stage,” IBM X-Force researchers Charlotte Hammond, Ole Villadsen, and Kat […]
A new variant of the Agent Tesla malware has been observed delivered via a lure file with the ZPAQ compression format to harvest data from several email clients and nearly 40 web browsers. “ZPAQ is a file compression format that offers a better compression ratio and journaling function compared to widely used formats like ZIP […]
A zero-day flaw in the Zimbra Collaboration email software was exploited by four different groups in real-world attacks to pilfer email data, user credentials, and authentication tokens. “Most of this activity occurred after the initial fix became public on GitHub,” Google Threat Analysis Group (TAG) said in a report shared with The Hacker News. The […]
While intended for convenience and efficient communication, email auto-forwarding rules can inadvertently lead to the unauthorized dissemination of sensitive information to external entities, putting confidential data at risk of exposure to unauthorized parties. Wing Security (Wing), a SaaS security company, announced yesterday that their SaaS shadow IT discovery methods now include a solution that solves […]
Threat actors have begun utilizing an innovative approach to zero-point font obfuscation, a pre-existing technique, in an attempt to deceive users of Microsoft Outlook. They do so by creating an illusion that certain phishing emails have been thoroughly scanned and cleared by antivirus programs, thus increasing the chances of these deceptive emails bypassing security protocols. […]
A webmail service known for its emphasis on users’ privacy, Proton Mail, has serious code flaws that were discovered by a group of researchers. These vulnerabilities might have put the service’s users in danger. These vulnerabilities disclosed a possible weak link in the security chain, despite the fact that Proton Mail uses powerful end-to-end encryption […]
The U.S. Federal Bureau of Investigation (FBI) is warning that Barracuda Networks Email Security Gateway (ESG) appliances patched against a recently disclosed critical flaw continue to be at risk of potential compromise from suspected Chinese hacking groups. It also deemed the fixes as “ineffective” and that it “continues to observe active intrusions and considers all […]
Researchers have discovered that malicious actors have been utilizing the phishing toolkit EvilProxy to gain control of cloud-based Microsoft 365 accounts belonging to leaders at well-known firms. These accounts are used to access sensitive company data. According to a study on the events that was published on Wednesday by the cybersecurity company Proofpoint, the attacks […]
A sophisticated Facebook phishing campaign has been observed exploiting a zero-day flaw in Salesforce’s email services, allowing threat actors to craft targeted phishing messages using the company’s domain and infrastructure. “Those phishing campaigns cleverly evade conventional detection methods by chaining the Salesforce vulnerability and legacy quirks in Facebook’s Web Games platform,” Guardio Labs researchers Oleg […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday disclosed details of a “novel persistent backdoor” called SUBMARINE deployed by threat actors in connection with the hack on Barracuda Email Security Gateway (ESG) appliances. “SUBMARINE comprises multiple artifacts — including a SQL trigger, shell scripts, and a loaded library for a Linux daemon — […]
Zimbra has warned of a critical zero-day security flaw in its email software that has come under active exploitation in the wild. “A security vulnerability in Zimbra Collaboration Suite Version 8.8.15 that could potentially impact the confidentiality and integrity of your data has surfaced,” the company said in an advisory. It also said that the […]
Experts from Microsoft Defender discovered a multi-stage adversary-in-the-middle (AiTM) phishing and business email compromise (BEC) attack that targeted firms that provide banking and financial services. The attack began with the penetration of a reliable third-party vendor and progressed into a string of AiTM attacks as well as subsequent BEC activities that spread across many businesses. […]
The most people use Gmail, which has a total user base of a staggering 1.5 billion people. This represents 18.75% of the total population of the planet. The security mechanisms of Gmail are well-known for their effectiveness in preventing hackers from gaining control of user accounts. Gmail has included a new function that displays an […]
Enterprise security firm Barracuda on Tuesday disclosed that a recently patched zero-day flaw in its Email Security Gateway (ESG) appliances had been abused by threat actors since October 2022 to backdoor the devices. The latest findings show that the critical vulnerability, tracked as CVE-2023-2868 (CVSS score: N/A), has been actively exploited for at least seven […]
Email protection and network security services provider Barracuda is warning users about a zero-day flaw that it said has been exploited to breach the company’s Email Security Gateway (ESG) appliances. The zero-day is being tracked as CVE-2023-2868 and has been described as a remote code injection vulnerability affecting versions 5.1.3.001 through 9.2.0.006. The California-headquartered firm […]