Tag: Email Security
-
Beware Of Callback Phishing Attacks Google Groups That Steal Login Details
Callback phishing is a two-step attack involving phishing emails and phone calls. Victims are lured into calling a bogus number in the …
-
Hackers Abuse HTML Smuggling Technique To Deliver Sophisticated Phishing Page
Phishing attackers employed an HTML smuggling technique to deliver a malicious payload, as the attack chain started with a phishing email …
-
Critical Infrastructure at Risk From Email Security Breaches
An overwhelming majority of the critical infrastructure (CI) sector has suffered an email-related security breach over the past 12 months. …
-
Beware Of New Phishing Attack That Mimics ScreenConnect And Zoom
Zoom is a widely used videotelephony software used for virtual meetings, and its wide audience base attracts the hackers most. Cyble …
-
0-Click Outlook RCE Vulnerability Triggered When Email is Clicked – Technical Analysis
NetSPI discovered that Microsoft Outlook is vulnerable to authenticated remote code execution (CVE-2024-21378) due to improper validation …
-
North Korean Kimusky Group Attacking University Professors
Kimsuky, a North Korean APT group, employs targeted phishing campaigns, leveraging DMARC exploitation to conceal social engineering, …
-
Microsoft 365 Vulnerability Let Hackers Bypass Anti-phishing Feature
A vulnerability in Microsoft 365 (formerly Office 365) has been found that allows malicious actors to bypass anti-phishing measures. One of …
-
New Poco RAT Weaponizing 7zip Files Using Google Drive
The hackers weaponize 7zip files to pass through security measures and deliver malware effectively. These archived files can hide malicious …
-
New ShadowRoot Ransomware Attacking Business Via Weaponized PDF’s
X-Labs identified basic ransomware targeting Turkish businesses, delivered via PDF attachments in suspicious emails from the internet[.]ru …
-
Mekotio Banking Trojan Attacking American Users To Steal Financial Data
Active since 2015, Mekotio is a Latin American banking trojan specifically designed to target financial data in regions like Brazil, Chile, …
-
Kimusk’s HappyDoor Executed Via regsvr32 File To Evade Detection
Kimsuky, also known as the Velvet Chollima, Black Banshee, THALLIUM, or Emerald Sleet, is a North Korean state-sponsored advanced cyber …
-
Hackers Abused Twilio API To Verify Phone Numbers used For MFA
An unauthenticated endpoint vulnerability allowed threat actors to identify phone numbers associated with Authy accounts, which was …
●●●