Tag: email
-
Court Finalizes HCA Data Breach Class Action Settlement
Multimillion Dollar Deal Resolves 27 Lawsuits After 2023 Email Storage Hack. A Tennessee federal court has approved a multimillion dollar settlement in consolidated class action litigation against HCA Healthcare in the wake of a 2023 email data theft hack that the publicly traded company reported as affecting nearly 11.3 million individuals. First seen on govinfosecurity.com…
-
‘We got hacked’ emails threaten to leak University of Pennsylvania data
The University of Pennsylvania suffered a cybersecurity incident on Friday, where students and alumni received a series of offensive emails from various University email addresses, claiming that data was stolen in a breach. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/offensive-we-got-hacked-emails-sent-in-penn-security-incident/
-
Hackers threaten to leak data after breaching University of Pennsylvania to send mass emails
The hackers sent out mass-emails using official University of Pennsylvania email accounts, and threatened to leak university data. First seen on techcrunch.com Jump to article: techcrunch.com/2025/10/31/hackers-threaten-to-leak-data-after-breaching-university-of-pennsylvania-to-send-mass-emails/
-
Sublime Secures $150M to Advance Agentic Email Protection
Series C Funding Fuels Autonomous Agents That Detect and Block Attacks in Real Time. Sublime Security closed a $150 million Series C round to expand its AI-driven agent platform. The Washington D.C.-based company aims to reduce cyber risk and manual workloads for defenders by adapting quickly to novel attacks, especially those using GenAI. First seen…
-
Old threats, new consequences: 90% of cyber claims stem from email and remote access
Tags: access, ai, attack, awareness, cisco, ciso, citrix, cloud, communications, control, credentials, cve, cyber, cybersecurity, data, defense, detection, email, encryption, finance, fraud, hacker, insurance, mail, malicious, microsoft, network, phishing, phone, ransomware, risk, sophos, tactics, threat, tool, update, vpn, vulnerability2025 InsurSec Rankings Report, email and remote access remain the most prominent cyber threat vectors, accounting for 90% of cyber insurance claims in 2024.And, no surprise, larger companies continue to get hit hardest. But, interestingly, the virtual private networks (VPNs) many rely on are anything but secure, despite assumptions to the contrary.”We know from our…
-
Varonis Lays Off 5% of Staff, Stock Plunges as Renewals Drop
2nd Round of Layoffs Since 2022 Comes 2 Months After $150M Email Security Purchase. Varonis cut 5% of its workforce and saw its stock price nosedive after disclosing a sharp drop in renewal rates for its on-premise subscription business. The underperformance of the federal vertical caused a notable headwind for Varonis despite it accounting for…
-
Email breaches are the silent killers of business growth
78% of organizations were hit by an email breach in the past 12 months, according to the Email Security Breach Report 2025 by Barracuda. Phishing, impersonation, and account … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/30/barracuda-report-email-breach-response/
-
Typo hackers sneak cross-platform credential stealer into 10 npm packages
Payload for IP fingerprinting and credential theft: Once the fake CAPTCHA interaction occurs, the installer sends the victim’s IP address to the attacker’s server, a step that allows tracking, geofencing, and exclusion of unwanted targets.It then downloads the payload from the same host, which is a 24 MB Pyinstaller-packed application that contains hundreds of thousands…
-
Survey Surfaces Rise in Email Security Incidents Tied to Ransomware
A survey of 2,000 senior security decision-makers published this week finds more than three quarters (78%) work for organizations that experienced an email security breach in the past 12 months. Conducted by the market research firm Vanson Bourne on behalf of Barracuda Networks, the survey also finds that on average the cost of recovering from..…
-
Survey Surfaces Rise in Email Security Incidents Tied to Ransomware
A survey of 2,000 senior security decision-makers published this week finds more than three quarters (78%) work for organizations that experienced an email security breach in the past 12 months. Conducted by the market research firm Vanson Bourne on behalf of Barracuda Networks, the survey also finds that on average the cost of recovering from..…
-
StrongestLayer Adds AI Reasoning Engine to Validate Emails
StrongestLayer has launched AI Advisor, an advanced email protection tool powered by large language models (LLMs) that evaluates message provenance in real time to detect phishing attacks. By triangulating sender legitimacy and assigning dynamic risk scores, AI Advisor cuts false positives to under 1% and saves security teams hundreds of analyst hours each quarter. First…
-
Marketing giant Dentsu warns staff after Merkle data raid
Emails confirm payroll and bank details lifted in cyberattack on US subsidiary First seen on theregister.com Jump to article: www.theregister.com/2025/10/29/dentsu_merkle_breach/
-
Marketing giant Dentsu warns staff after Merkle data raid
Emails confirm payroll and bank details lifted in cyberattack on US subsidiary First seen on theregister.com Jump to article: www.theregister.com/2025/10/29/dentsu_merkle_breach/
-
When 183 Million Passwords Leak: How One Breach Fuels a Global Threat Chain
When 183 million email addresses and passwords are made public online, it is more than a leak. It is an open invitation for attackers to exploit weak links across the digital ecosystem. The recent discovery of a massive database containing stolen credentials, many tied to Gmail and other major services, highlights how easily an endpoint…
-
Rethinking Identity Security in the Age of AI
Tags: access, ai, api, attack, authentication, automation, awareness, best-practice, breach, business, captcha, ceo, container, control, credentials, cyber, cybercrime, cybersecurity, data, deep-fake, defense, detection, email, endpoint, exploit, finance, fraud, Hardware, iam, identity, login, malware, mfa, monitoring, passkey, password, phishing, risk, risk-management, scam, threat, tool, vulnerabilityRethinking Identity Security in the Age of AI madhav Tue, 10/28/2025 – 06:35 Traditional identity protections were never designed for the age of AI. They can’t stop the lightning-fast, highly convincing identity attacks AI facilitates. There’s a reason that nearly 60% of businesses say compromised credentials are the leading cause of breaches. Data Security Marco…
-
Rethinking Identity Security in the Age of AI
Tags: access, ai, api, attack, authentication, automation, awareness, best-practice, breach, business, captcha, ceo, container, control, credentials, cyber, cybercrime, cybersecurity, data, deep-fake, defense, detection, email, endpoint, exploit, finance, fraud, Hardware, iam, identity, login, malware, mfa, monitoring, passkey, password, phishing, risk, risk-management, scam, threat, tool, vulnerabilityRethinking Identity Security in the Age of AI madhav Tue, 10/28/2025 – 06:35 Traditional identity protections were never designed for the age of AI. They can’t stop the lightning-fast, highly convincing identity attacks AI facilitates. There’s a reason that nearly 60% of businesses say compromised credentials are the leading cause of breaches. Data Security Marco…
-
Copilot diagrams could leak corporate emails via indirect prompt injection
The bigger threat of indirect prompt injection: The incident underscores that the risk goes beyond simple “prompt injection,” where a user types malicious instructions directly into an AI. Here, the attacker hides instructions inside document content that gets passed into the assistant without the user’s awareness. Logue described how the hidden instructions use progressive task…
-
Copilot diagrams could leak corporate emails via indirect prompt injection
The bigger threat of indirect prompt injection: The incident underscores that the risk goes beyond simple “prompt injection,” where a user types malicious instructions directly into an AI. Here, the attacker hides instructions inside document content that gets passed into the assistant without the user’s awareness. Logue described how the hidden instructions use progressive task…
-
New Phishing Attack Using Invisible Characters Hidden in Subject Line Using MIME Encoding
Security researchers have discovered a sophisticated phishing technique that weaponizes invisible Unicode characters embedded within email subject lines using MIME encoding”, a tactic that remains largely unknown among email security professionals. The discovery reveals how attackers are evolving their evasion methods to bypass automated filtering systems while maintaining complete readability to end users. During routine…
-
New Phishing Attack Using Invisible Characters Hidden in Subject Line Using MIME Encoding
Security researchers have discovered a sophisticated phishing technique that weaponizes invisible Unicode characters embedded within email subject lines using MIME encoding”, a tactic that remains largely unknown among email security professionals. The discovery reveals how attackers are evolving their evasion methods to bypass automated filtering systems while maintaining complete readability to end users. During routine…
-
IPFire 2.29 Released with Enhanced Intrusion Prevention System Reporting
The IPFire project has announced the release of version 2.29, Core Update 198, marking a significant milestone in the open-source firewall’s evolution. This update introduces transformative improvements to the Intrusion Prevention System, coupled with comprehensive reporting capabilities that fundamentally change how network administrators monitor and respond to security threats. New Features and Enhancements Real-Time Email…
-
IPFire 2.29 Released with Enhanced Intrusion Prevention System Reporting
The IPFire project has announced the release of version 2.29, Core Update 198, marking a significant milestone in the open-source firewall’s evolution. This update introduces transformative improvements to the Intrusion Prevention System, coupled with comprehensive reporting capabilities that fundamentally change how network administrators monitor and respond to security threats. New Features and Enhancements Real-Time Email…
-
The 10 biggest issues CISOs and cyber teams face today
Tags: ai, attack, awareness, breach, business, ceo, ciso, computing, crime, cyber, cyberattack, cybersecurity, data, deep-fake, defense, email, encryption, exploit, finance, fraud, governance, group, hacker, international, mitigation, organized, phishing, ransom, risk, scam, service, strategy, supply-chain, technology, threat, tool, training, usa, vulnerability2. Escalating, and accelerating, AI-enabled attacks: A 2025 survey from Boston Consulting Group found that 80% of CISOs worldwide cited AI-powered cyberattacks as their top concern, a 19-point increase from the previous year. A 2025 survey from Darktrace, a security technology firm, found that 78% of CISOs reported a significant impact from AI-driven threats, up…
-
Hidden in Plain Sight: How we followed one malicious extension to uncover a multi-extension”¦
Hidden in Plain Sight: How we followed one malicious extension to uncover a multi-extension campaign Short read for everyone: we found a malicious Chrome extension that stole login data from a crypto trading site. Tracing the domain it talked to uncovered a second malicious extension. That second extension’s public metadata contained the developer email, which…
-
Security Affairs newsletter Round 547 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Russian Rosselkhoznadzor hit by DDoS attack, food shipments across Russia delayed CVE-2025-59287: Microsoft fixes critical WSUS…
-
Cybersecurity Snapshot: Top Advice for Detecting and Preventing AI Attacks, and for Securing AI Systems
Tags: access, ai, attack, authentication, awareness, best-practice, breach, business, chatgpt, china, ciso, cloud, computing, container, control, credentials, crime, cve, cyber, cyberattack, cybersecurity, data, defense, detection, email, exploit, extortion, finance, flaw, framework, fraud, google, governance, government, group, guide, hacker, hacking, healthcare, iam, identity, incident response, intelligence, LLM, malicious, malware, mitigation, monitoring, network, open-source, openai, organized, phishing, ransom, risk, risk-management, russia, sans, scam, service, skills, soc, strategy, supply-chain, technology, theft, threat, tool, training, vulnerability, zero-trustAs organizations eagerly adopt AI, cybersecurity teams are racing to protect these new systems. In this special edition of the Cybersecurity Snapshot, we round up some of the best recent guidance on how to fend off AI attacks, and on how to safeguard your AI systems. Key takeaways Developers are getting new playbooks from groups…
-
Microsoft threatens to ram Copilot into Exchange Server on-prem
Survey probes interest in AI assistance for locally hosted email setups First seen on theregister.com Jump to article: www.theregister.com/2025/10/23/copilot_exchange_server/