Collaborate Disseminate
Microsoft says a Chinese cyberespionage group tracked as Storm-0558 has used forged authentication tokens to access government emails.
The post Chinese Cyberspies Used Forged Authentication Tokens to Hack Government Emails appeared first on SecurityWeek.
Continue reading Chinese Cyberspies Used Forged Authentication Tokens to Hack Government Emails
Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of July 3, 2023.
The post In Other News: Healthcare Product Flaws, Free Email Security Testing, New Attack Techniques a… Continue reading In Other News: Healthcare Product Flaws, Free Email Security Testing, New Attack Techniques
Only 3.54% of of insurance companies have correctly implemented basic phishing and spoofing protection, according to EasyDMARC. DMARC standard adoption Insurers operate using highly sensitive, private information that they’ve been trusted by clients an… Continue reading Insurance companies neglect basic email security
A Russian hacking group has been caught hacking into Roundcube servers to spy on government institutions and military entities in Ukraine.
The post Russian APT Group Caught Hacking Roundcube Email Servers appeared first on SecurityWeek.
Continue reading Russian APT Group Caught Hacking Roundcube Email Servers
The campaign is the latest case of business email compromise, which costs victims billions of dollars annually.
The post Researchers unpack massive email scam targeting dozens of companies appeared first on CyberScoop.
Continue reading Researchers unpack massive email scam targeting dozens of companies
Gmail is tightening its implementation of an email security protocol after a researcher discovered a flaw allowing brands to be impersonated.
The post Security professional’s tweet forces big change to Google email authentication appeared first on CyberScoop.
Continue reading Security professional’s tweet forces big change to Google email authentication
According to Egress, the evolving attack methodologies currently used by cybercriminals are designed to get through traditional perimeter security. “The evolution of phishing emails continues to pose a major threat to organizations, emphasizing the nee… Continue reading Cybercriminals use legitimate websites to obfuscate malicious payloads
Nearly every victim of a spear-phishing attack in the last 12 months saw impacts on their organization, including malware infections, stolen data, and reputational damage, according to Barracuda Networks. Barracuda Networks research finds 24% of organi… Continue reading Organizations spend 100 hours battling post-delivery email threats
Cybercriminals are increasingly posing as multi-factor authentication vendors and small businesses are becoming more popular targets, according to VIPRE. Attachment-based malspam is on the rise Financial institutions (48%) are still the most targeted s… Continue reading Cybercriminals masquerading as MFA vendors
A vulnerability (CVE-2023-2868) in Barracuda Networks’ Email Security Gateway (ESG) appliances has been exploited by attackers, the company has warned. About CVE-2023-2868 CVE-2023-2868 is a critical remote command injection vulnerability affecti… Continue reading Barracuda email security appliances hacked via zero-day vulnerability (CVE-2023-2868)