Tag: email
-
WhatsApp accounts targeted in ‘GhostPairing’ attack
Defending WhatsApp: Users can check which devices are paired via WhatsApp via Settings > Linked Devices. A rogue device link will appear here. Despite having access to a user’s WhatsApp account, the attacker can’t revoke their device access, which must be initiated by the primary device. Another tip is to enable two-step PIN verification. This…
-
WhatsApp accounts targeted in ‘GhostPairing’ attack
Defending WhatsApp: Users can check which devices are paired via WhatsApp via Settings > Linked Devices. A rogue device link will appear here. Despite having access to a user’s WhatsApp account, the attacker can’t revoke their device access, which must be initiated by the primary device. Another tip is to enable two-step PIN verification. This…
-
Chinese attackers exploiting zero-day to target Cisco email security products
Chinese hackers have been exploiting a vulnerability in a popular Cisco email management tool since late November, the company said in an advisory. First seen on therecord.media Jump to article: therecord.media/chinese-attackers-zero-day
-
Impact of Poor PKI Management: Real-World Consequences and Solutions
Tags: emailIntroduction Safety protocols in the virtual domain are perhaps more important than ever in the current world. There can be no denying that PKI management is one of the most crucial aspects of protecting our increasingly digital world. It is the element of most, if not all, secure transfers such as emails and monetary transactions.Read…
-
Clipping Scripted Sparrow’s wings: Tracking a global phishing ring
Between June 2024 and December 2025, Fortra analysts tracked a persistent business email compromise (BEC) operation that we have now classified as Scripted Sparrow. The group … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/18/tracking-scripted-sparrow-phishing-campaigns/
-
Clipping Scripted Sparrow’s wings: Tracking a global phishing ring
Between June 2024 and December 2025, Fortra analysts tracked a persistent business email compromise (BEC) operation that we have now classified as Scripted Sparrow. The group … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/18/tracking-scripted-sparrow-phishing-campaigns/
-
The Biggest Cyber Stories of the Year: What 2025 Taught Us
Tags: access, attack, authentication, awareness, banking, breach, business, ciso, cloud, compliance, container, control, cyber, cyberattack, cybersecurity, data, data-breach, email, encryption, endpoint, exploit, government, healthcare, iam, identity, incident, incident response, Internet, law, metric, mfa, monitoring, network, privacy, regulation, resilience, risk, service, software, strategy, supply-chain, technology, threat, tool, vulnerability, vulnerability-management, zero-day, zero-trustThe Biggest Cyber Stories of the Year: What 2025 Taught Us madhav Thu, 12/18/2025 – 10:30 2025 didn’t just test cybersecurity; it redefined it. From supply chains and healthcare networks to manufacturing floors and data centers, the digital world was reminded of a simple truth: everything is connected, and everything is at risk. Data Security…
-
Cisco confirms zero-day exploitation of Secure Email products
Rebuild guidance and operational tradeoffs: Cisco has said that wiping and rebuilding appliances is currently required in cases where compromise has been confirmed.”From a security standpoint, it is indeed the right call,” Tyagi said. “When there’s a risk that attackers have embedded themselves deep in a system, patching alone won’t solve the issue. Rebuilding is…
-
Cisco confirms zero-day exploitation of Secure Email products
Rebuild guidance and operational tradeoffs: Cisco has said that wiping and rebuilding appliances is currently required in cases where compromise has been confirmed.”From a security standpoint, it is indeed the right call,” Tyagi said. “When there’s a risk that attackers have embedded themselves deep in a system, patching alone won’t solve the issue. Rebuilding is…
-
Chinese Hackers Breach Cisco’s Email Security Systems
The Chinese threat group, tracked as UAT-9686, has deployed a collection of custom-built hacking tools to maintain persistent access to compromised systems. The post Chinese Hackers Breach Cisco’s Email Security Systems appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-cisco-email-security-breach/
-
Chinese Hackers Breach Cisco’s Email Security Systems
The Chinese threat group, tracked as UAT-9686, has deployed a collection of custom-built hacking tools to maintain persistent access to compromised systems. The post Chinese Hackers Breach Cisco’s Email Security Systems appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-cisco-email-security-breach/
-
Cisco Warns of Active Cyberattack Exploiting Critical AsyncOS Vulnerability
Cisco has identified an ongoing cyberattack campaign exploiting vulnerabilities in a subset of its appliances running Cisco AsyncOS Software. The attack specifically affects Cisco Secure Email Gateway and Cisco Secure Email and Web Manager appliances, allowing threat actors to execute arbitrary commands with root privileges. This campaign has been tracked under CVE-2025-20393 and has been classified as critical with a CVSS 10.0 rating. First seen on thecyberexpress.com…
-
Cisco AsyncOS 0-Day Allows Remote Execution of System Commands
Cisco Talos has uncovered an active campaign exploiting a zero-day vulnerability in Cisco AsyncOS Software, affecting Cisco Secure Email Gateway and Cisco Secure Email and Web Manager. The security flaw enables attackers to execute system-level commands remotely and deploy sophisticated backdoors on compromised systems. The threat actor behind this campaign, tracked as UAT-9686, is assessed…
-
Cisco AsyncOS 0-Day Allows Remote Execution of System Commands
Cisco Talos has uncovered an active campaign exploiting a zero-day vulnerability in Cisco AsyncOS Software, affecting Cisco Secure Email Gateway and Cisco Secure Email and Web Manager. The security flaw enables attackers to execute system-level commands remotely and deploy sophisticated backdoors on compromised systems. The threat actor behind this campaign, tracked as UAT-9686, is assessed…
-
Cisco Warns of Active Attacks Exploiting Unpatched 0-Day in AsyncOS Email Security Appliances
Cisco has alerted users of a maximum-severity zero-day flaw in Cisco AsyncOS software that has been actively exploited by a China-nexus advanced persistent threat (APT) actor codenamed UAT-9686 in attacks targeting Cisco Secure Email Gateway and Cisco Secure Email and Web Manager.The networking equipment major said it became aware of the intrusion campaign on December…
-
Millions impacted by PornHub, SoundCloud data breaches
PornHub sent emails out to many users and published a statement warning that it was affected by a recent breach of data analytics service provider Mixpanel. First seen on therecord.media Jump to article: therecord.media/millions-impacted-pornhub-soundcloud-breaches
-
Millions impacted by PornHub, SoundCloud data breaches
PornHub sent emails out to many users and published a statement warning that it was affected by a recent breach of data analytics service provider Mixpanel. First seen on therecord.media Jump to article: therecord.media/millions-impacted-pornhub-soundcloud-breaches
-
Cisco email security appliances rooted and backdoored via still unpatched zero-day
A suspected Chinese-nexus threat group has been compromising Cisco email security devices and planting backdoors and log-purging tools on them since at least late November … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/17/cisco-secure-email-cve-2025-20393/
-
Cisco warns of unpatched AsyncOS zero-day exploited in attacks
Cisco warned customers today of an unpatched, maximum-severity Cisco AsyncOS zero-day actively exploited in attacks targeting Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) appliances. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-warns-of-unpatched-asyncos-zero-day-exploited-in-attacks/
-
UAT-9686 actively targets Cisco Secure Email Gateway and Secure Email and Web Manager
Cisco Talos is tracking the active targeting of Cisco AsyncOS Software for Cisco Secure Email Gateway, formerly known as Cisco Email Security Appliance (ESA), and Cisco Secure Email and Web Manager, formerly known as Cisco Content Security Management Appliance (SMA). First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/uat-9686/
-
New ForumTroll Phishing Attacks Target Russian Scholars Using Fake eLibrary Emails
The threat actor linked to Operation ForumTroll has been attributed to a fresh set of phishing attacks targeting individuals within Russia, according to Kaspersky.The Russian cybersecurity vendor said it detected the new activity in October 2025. The origins of the threat actor are presently unknown.”While the spring cyberattacks focused on organizations, the fall campaign honed…
-
The 12 Months of Innovation: How Salt Security Helped Rewrite API AI Security in 2025
Tags: access, ai, api, attack, automation, breach, business, ciso, cloud, compliance, control, crowdstrike, cyber, data, data-breach, defense, detection, email, exploit, github, governance, injection, insurance, intelligence, privacy, risk, risk-management, software, strategy, supply-chain, threat, tool, wafAs holiday lights go up and inboxes fill with year-in-review emails, it’s tempting to look back on 2025 as “the year of AI.” But for security teams, it was something more specific the year APIs, AI agents, and MCP servers collided across the API fabric, expanding the attack surface faster than most organizations could keep…
-
France investigates Interior Ministry email breach and access to confidential files
France’s Interior Ministry said it is investigating the “reality and scope” of a post on a cybercrime forum by a user claiming to have hacked the institution. First seen on therecord.media Jump to article: therecord.media/france-interior-ministry-email-breach-investigation
-
IP Blacklist Check: How to Recover and Prevent Blacklisted IP Addresses
Tags: emailOriginally published at IP Blacklist Check: How to Recover and Prevent Blacklisted IP Addresses by EasyDMARC. When your emails suddenly stop reaching inboxes, one … First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/ip-blacklist-check-how-to-recover-and-prevent-blacklisted-ip-addresses/
-
IP Blacklist Check: How to Recover and Prevent Blacklisted IP Addresses
Tags: emailOriginally published at IP Blacklist Check: How to Recover and Prevent Blacklisted IP Addresses by EasyDMARC. When your emails suddenly stop reaching inboxes, one … First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/ip-blacklist-check-how-to-recover-and-prevent-blacklisted-ip-addresses/
-
IP Blacklist Check: How to Recover and Prevent Blacklisted IP Addresses
Tags: emailOriginally published at IP Blacklist Check: How to Recover and Prevent Blacklisted IP Addresses by EasyDMARC. When your emails suddenly stop reaching inboxes, one … First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/ip-blacklist-check-how-to-recover-and-prevent-blacklisted-ip-addresses/
-
BlindEagle Targets Colombian Government Agency with Caminho and DCRAT
Tags: access, attack, authentication, cloud, communications, control, cybercrime, defense, detection, dkim, dmarc, dns, email, encryption, flaw, government, group, infrastructure, injection, Internet, malicious, malware, microsoft, open-source, phishing, powershell, rat, service, spear-phishing, startup, tactics, threat, tool, update, usa, windowsIntroductionIn early September 2025, Zscaler ThreatLabz discovered a new spear phishing campaign attributed to BlindEagle, a threat actor who operates in South America and targets users in Spanish-speaking countries, such as Colombia. In this campaign, BlindEagle targeted a government agency under the control of the Ministry of Commerce, Industry and Tourism (MCIT) in Colombia using…