Tag: email
-
Iran-Linked MuddyWater Deploys Phoenix v4 Backdoor via Compromised Emails and NordVPN Exit Node
The post Iran-Linked MuddyWater Deploys Phoenix v4 Backdoor via Compromised Emails and NordVPN Exit Node appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/iran-linked-muddywater-deploys-phoenix-v4-backdoor-via-compromised-emails-and-nordvpn-exit-node/
-
Click, Call, Compromise: Hackers Continue to Evolve Tactics
Microsoft Says Hackers Pivoting to Identity Compromise. Hackers are as likely to log in as break in, warns Microsoft in an annual assessment of cyberthreats. During the first half of 2025, identity-based attacks rose by 32% due to credentials stolen by infostealers or password and email combinations plucked from bulk data breaches. First seen on…
-
PhantomCaptcha targets Ukraine relief groups with WebSocket RAT in October 2025
PhantomCaptcha phishing campaign hit Ukraine relief groups with a WebSocket RAT on Oct 8, 2025, targeting Red Cross, UNICEF, and others. SentinelOne researchers uncovered PhantomCaptcha, a coordinated spear-phishing campaign on October 8, 2025, targeting Ukraine war relief groups, including Red Cross, UNICEF, NRC, and local administrations. Threat actors used fake emails to deploy a WebSocket-based…
-
Iran-Linked MuddyWater Targets 100+ Organisations in Global Espionage Campaign
The Iranian nation-state group known as MuddyWater has been attributed to a new campaign that has leveraged a compromised email account to distribute a backdoor called Phoenix to various organizations across the Middle East and North Africa (MENA) region, including over 100 government entities.The end goal of the campaign is to infiltrate high-value targets and…
-
What’s a Good Email Deliverability Rate in 2025?
Learn what a good email deliverability rate is, why it matters, and how to improve it. Explore benchmarks, tools, and strategies to boost your inbox placement. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/whats-a-good-email-deliverability-rate-in-2025/
-
How to detect disposable email domains without relying on 3rd party APIs and lists
To scale a fraud or bot attack, adversaries need more than just realistic automation. They need infrastructure. A convincing browser fingerprint and human-like interaction (mouse movements, keystrokes, etc.) are table stakes. But even with a clean setup, most attackers also need: Proxies to spread activity across thousands of IPs (ideally First seen on securityboulevard.com Jump…
-
MuddyWater Uses Compromised Mailboxes in Global Phishing Campaign
Group-IB has uncovered a phishing campaign by Iran-linked MuddyWater, exploiting compromised emails for foreign intelligence First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/muddywater-compromised-mailboxes/
-
Threat Actors Advancing Email Phishing Attacks to Bypass Security Filters
Cybercriminals continue to evolve their email phishing arsenals, reviving legacy tactics while layering on advanced evasions to slip past automated filters and human scrutiny. In 2025, attackers are noted tried-and-true approaches”, like password-protected attachments and calendar invites”, with new twists such as QR codes, multi-stage verification chains, and live API integrations. These refinements not only…
-
MuddyWater Targets 100+ Gov Entities in MEA with Phoenix Backdoor
The Iranian threat group is using a compromised mailbox accessed through NordVPN to send phishing emails that prompt recipients to enable macros. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/muddywater-100-gov-entites-mea-phoenix-backdoor
-
‘I am not a robot’: Russian hackers use fake CAPTCHA lures to deploy espionage tools
Tags: access, attack, authentication, awareness, captcha, ceo, communications, control, credentials, cyber, cybersecurity, data, defense, detection, edr, email, endpoint, espionage, exploit, group, hacker, incident response, least-privilege, login, malicious, malware, mfa, monitoring, network, phishing, powershell, russia, strategy, tactics, theft, threat, tool, training, update, vulnerability, vulnerability-management, zero-trustEvolving tactics and strategies: Analysts said ColdRiver, which for years focused on credential theft and email account compromise, is shifting toward multi-stage intrusions that rely on users to execute malicious code.By using ClickFix pages that mimic CAPTCHA verification screens, the group can bypass email security filters and deliver malware directly to victims’ devices, increasing the…
-
Hackers Exploit Microsoft 365 Direct Send to Evade Filters and Steal Data
Cybercriminals are increasingly exploiting a legitimate Microsoft 365 feature designed for enterprise convenience, turning Exchange Online’s Direct Send into a dangerous vector for phishing campaigns and business email compromise attacks. Security researchers across the industry are sounding the alarm as malicious actors leverage this trusted pathway to bypass authentication checks and deliver convincing internal-looking messages…
-
News Alert: Sendmarc taps veteran email security leader Dan Levinson to expand U.S. footprint
WILMINGTON, Del., Oct. 21, 2025, CyberNewswire, Sendmarc has announced the appointment of Dan Levinson as Customer Success Director North America, furthering the company’s regional expansion and commitment to providing expert, locally aligned support to organizations across the continent.”¦ (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/news-alert-sendmarc-taps-veteran-email-security-leader-dan-levinson-to-expand-u-s-footprint/
-
Sendmarc appoints Dan Levinson as Customer Success Director in North America
Wilmington, Delaware, October 21st, 2025, CyberNewsWire Sendmarc has announced the appointment of Dan Levinson as Customer Success Director North America, furthering the company’s regional expansion and commitment to providing expert, locally aligned support to organizations across the continent. Levinson will lead the development of customer success programs that help businesses strengthen their email security […]…
-
AI-enabled ransomware attacks: CISO’s top security concern, with good reason
Ransomware’s AI-powered future: Although CrowdStrike’s latest survey doesn’t provide a full picture of AI’s use by ransomware gangs, the fact that generative AI is proving highly effective in crafting phishing emails that lead to ransomware infections shows the tip of the iceberg CISOs face.CrowdStrike Field CTO Cristian Rodriguez tells CSO, “We’re seeing AI touch every…
-
Microsoft fixes bug preventing users from opening classic Outlook
Microsoft has fixed a major bug preventing Microsoft 365 users from launching the classic Outlook email client on Windows systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-fixes-bug-preventing-users-from-opening-classic-outlook/
-
John Bolton charged over classified emails after Iranian hack of his AOL account
Former US national security adviser John Bolton is the latest in a line of Donald Trump’s critics to find themselves on the sharp end of charges from the US Department of Justice. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/john-bolton-charged-over-classified-emails-after-iranian-hack-of-his-aol-account
-
Cybervorfälle: Nickelhütte Aue, F5-Hack, Folgen falscher CA-Settings bei BEC und mehr
Die Nickelhütte Aue ist Opfer eines aktuellen Cyberangriffs mit Ransomware geworden. Firewall-Hersteller F5 wurde 2023 gehackt, was erst im August 2024 auffiel. Ursache waren Fehler der Mitarbeiter. Beim sogenannten Business Email Compromise (BEC) sind es oft Fehlkonfigurierung des Conditional Access, … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/10/21/cybervorfaelle-nickelhuette-aue-f5-hack-folgen-falscher-ca-settings-bei-bec-und-mehr/
-
Cybervorfälle: Nickelhütte Aue, F5-Hack, Folgen falscher CA-Settings bei BEC und mehr
Die Nickelhütte Aue ist Opfer eines aktuellen Cyberangriffs mit Ransomware geworden. Firewall-Hersteller F5 wurde 2023 gehackt, was erst im August 2024 auffiel. Ursache waren Fehler der Mitarbeiter. Beim sogenannten Business Email Compromise (BEC) sind es oft Fehlkonfigurierung des Conditional Access, … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/10/21/cybervorfaelle-nickelhuette-aue-f5-hack-folgen-falscher-ca-settings-bei-bec-und-mehr/
-
Anti-fraud body leaks dozens of email addresses in invite mishap
Calendar cock-up exposed recipients’ details First seen on theregister.com Jump to article: www.theregister.com/2025/10/21/cifas_email_blunder/
-
Anti-fraud body leaks dozens of email addresses in invite mishap
Calendar cock-up exposed recipients’ details First seen on theregister.com Jump to article: www.theregister.com/2025/10/21/cifas_email_blunder/
-
New Phishing Emails Pretend to Offer Jobs to Steal Facebook Logins
Sublime Security warns of a massive credential phishing scam using fake job offers from brands like KFC and Red Bull to steal Facebook login details. Don’t fall for the trap. First seen on hackread.com Jump to article: hackread.com/phishing-emails-offer-jobs-steal-facebook-logins/
-
New Phishing Emails Pretend to Offer Jobs to Steal Facebook Logins
Sublime Security warns of a massive credential phishing scam using fake job offers from brands like KFC and Red Bull to steal Facebook login details. Don’t fall for the trap. First seen on hackread.com Jump to article: hackread.com/phishing-emails-offer-jobs-steal-facebook-logins/
-
Pakistani Cyber Actors Impersonating ‘NIC eEmail Services’ to Target Indian Government
Tags: attack, credentials, cyber, email, government, group, india, infrastructure, phishing, service, spear-phishing, threatPakistan-based advanced persistent threat group APT36, also known as TransparentTribe, is actively targeting Indian government entities with a sophisticated spear-phishing campaign using email lures themed as “NIC eEmail Services.” This campaign leverages lookalike domains and weaponized infrastructure to steal credentials and enable long-term espionage. The attack begins with email messages that convincingly mimic official notifications…
-
Pakistani Cyber Actors Impersonating ‘NIC eEmail Services’ to Target Indian Government
Tags: attack, credentials, cyber, email, government, group, india, infrastructure, phishing, service, spear-phishing, threatPakistan-based advanced persistent threat group APT36, also known as TransparentTribe, is actively targeting Indian government entities with a sophisticated spear-phishing campaign using email lures themed as “NIC eEmail Services.” This campaign leverages lookalike domains and weaponized infrastructure to steal credentials and enable long-term espionage. The attack begins with email messages that convincingly mimic official notifications…
-
Pakistani Cyber Actors Impersonating ‘NIC eEmail Services’ to Target Indian Government
Tags: attack, credentials, cyber, email, government, group, india, infrastructure, phishing, service, spear-phishing, threatPakistan-based advanced persistent threat group APT36, also known as TransparentTribe, is actively targeting Indian government entities with a sophisticated spear-phishing campaign using email lures themed as “NIC eEmail Services.” This campaign leverages lookalike domains and weaponized infrastructure to steal credentials and enable long-term espionage. The attack begins with email messages that convincingly mimic official notifications…