Tag: email
-
Linux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detection
Cybersecurity researchers have shed light on a novel attack chain that employs phishing emails to deliver an open-source backdoor called VShell.The “Linux-specific malware infection chain that starts with a spam email with a malicious RAR archive file,” Trellix researcher Sagar Bade said in a technical write-up.”The payload isn’t hidden inside the file content or a…
-
Over 1,200 arrested in Africa-wide cybercrime crackdown, Interpol says
Authorities across Africa have dismantled large-scale cybercrime and fraud networks, arresting over three months more than 1,200 people suspected of carrying out ransomware attacks, online scams, and business email compromise schemes, Interpol said. First seen on therecord.media Jump to article: therecord.media/africa-interpol-cybercrime-crackdown
-
Microsoft to Restrict Use of OnMicrosoft Domains for Email Sending
Microsoft has announced significant restrictions on the use of default onmicrosoft.com domains for email communication, implementing new throttling measures to combat spam and improve email deliverability across its Microsoft 365 platform. Policy Changes Target Spam Prevention The technology giant will introduce throttling limits that restrict messages sent from onmicrosoft.com domains to just 100 external recipients…
-
Hackers Weaponize QR Codes With Malicious Links to Steal Sensitive Data
Quishing, a powerful form of phishing that uses malicious hyperlinks contained in QR codes to expose user credentials and sensitive data, has surfaced in the ever-changing field of cybersecurity threats. Unlike traditional phishing, which relies on clickable links or deceptive emails, quishing exploits the inherent opacity of QR codes, which are unreadable to the human…
-
Paper Werewolf Exploits WinRAR Zero-Day Vulnerability to Deliver Malware
Cyber spies associated with the threat actor group Paper Werewolf have demonstrated advanced capabilities in bypassing email security filters by delivering malware through seemingly legitimate archive files, a tactic that exploits the commonality of such attachments in business correspondence. Despite their sophistication, these attackers continue to rely on detectable tactics, techniques, and procedures (TTPs), underscoring…
-
7 Phishing Email Examples (And How To Spot Them)
Cybercriminals commonly target K-12 schools. To trick staff, students, and even parents into disclosing sensitive information, malicious attackers deploy phishing attacks. Training individuals on how to spot phishing emails is a key guardrail and can prevent significant financial, operational, and regulatory repercussions. Read on as we unpack seven common phishing email examples and the steps…
-
Malware Delivery Shifts: Malicious URLs Surpass Attachments as Top Threat Vector
Cyber attackers have changed their tactics. According to a recent ITPro report, malicious URLs are now four times more common than infected email attachments when it comes to delivering malware. This shift has serious implications for defenders, especially as phishing techniques evolve to exploit trust and emerging communication channels. The Rise of Link-Based Attacks In…
-
Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger
Cybersecurity researchers have disclosed details of a new malware loader called QuirkyLoader that’s being used to deliver via email spam campaigns an array of next-stage payloads ranging from information stealers to remote access trojans since November 2024.Some of the notable malware families distributed using QuirkyLoader include Agent Tesla, AsyncRAT, Formbook, Masslogger, Remcos RAT, First seen…
-
Phishing in 2025: Smarter Threats, Smarter Defense
ManagedMethods recently hosted a webinar on one of the most pressing issues in K12 cybersecurity: phishing. While schools have been targets for years, 2025 feels different. Attackers are evolving faster than ever, and traditional email security filters are falling behind. The upside? AI-powered defenses are emerging to give districts a fighting chance. Here’s a recap…
-
Hack of North Korean Spy’s Computer Exposes 8.9 GB of Espionage Operations
A North Korean spy’s computer was hacked, leaking phishing logs, stolen South Korean government email platform source code, and links to Chinese hackers. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-north-korea-spy-hack-espionage/
-
DPRK, China Suspected in South Korean Embassy Attacks
Detailed spear-phishing emails sent to European government entities in Seoul are being tied to North Korea, China, or both. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/china-dprk-south-korean-embassy-attacks
-
Cybercriminals Abuse Vibe Coding Service to Create Malicious Sites
Some LLM-created scripts and emails can lower the barrier of entry for low-skill attackers, who can use services like Lovable to create convincing, effective websites in minutes. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/cybercriminals-abuse-vibe-coding-service-malicious-sites
-
QuirkyLoader: A New Malware Loader Spreading Infostealers and Remote Access Trojans (RATs)
IBM X-Force has tracked QuirkyLoader, a sophisticated loader malware deployed by threat actors to distribute prominent families such as Agent Tesla, AsyncRAT, FormBook, MassLogger, Remcos, Rhadamanthys, and Snake Keylogger. This multi-stage threat initiates through spam emails from legitimate providers or self-hosted servers, attaching malicious archives containing a legitimate executable, an encrypted payload masquerading as a…
-
‘Limited’ data leak at Aussie telco turns out to be 280K customer details
iiNet breach blamed on single stolen login, with emails, phone numbers, and addresses exposed First seen on theregister.com Jump to article: www.theregister.com/2025/08/20/tpg_telecom_iinet_breach/
-
Why email security needs its EDR moment to move beyond prevention
Email security is stuck where antivirus was a decade ago”, focused only on prevention. Learn from Material Security why it’s time for an “EDR for email” mindset: visibility, post-compromise controls, and SaaS-wide protection. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/why-email-security-needs-its-edr-moment-to-move-beyond-prevention/
-
North Korea Uses GitHub in Diplomat Cyber Attacks as IT Worker Scheme Hits 320+ Firms
North Korean threat actors have been attributed to a coordinated cyber espionage campaign targeting diplomatic missions in their southern counterpart between March and July 2025.The activity manifested in the form of at least 19 spear-phishing emails that impersonated trusted diplomatic contacts with the goal of luring embassy staff and foreign ministry personnel with convincing meeting…
-
Surprise departure of Oracle security chief as company shifts focus to AI
Full disclosure: In fairness, Oracle was far from alone in being slow to adopt the idea that software vendors needed to turn patching into a core security function while acknowledging that vulnerability hunters were allies in disguise rather than enemies.Nevertheless, occasional missteps have continued up to the present, most recently in the evasive and confused…
-
Noodlophile Stealer evolution
Noodlophile malware spreads via copyright phishing, targeting firms in the U.S., Europe, Baltics & APAC with tailored spear-phishing lures. The Noodlophile malware campaign is expanding globally, using spear-phishing emails disguised as copyright notices. Threat actors tailor lures with details like Facebook Page IDs and company ownership data. Active for over a year, it now targets…
-
Australian ISP iiNet Reports Data Breach, Customer Accounts Stolen
Australian ISP iiNet confirms data breach as hackers stole 280,000 email accounts, phone numbers and user data using… First seen on hackread.com Jump to article: hackread.com/australia-isp-iinet-data-breach-customer-accounts-stolen/
-
Cofense Unveils Vision 3.0 with Sub-Minute Threat Containment Capabilities and Deeper Insights
Now supporting hybrid environments, Vision 3.0 introduces “Who Clicked” to track and identify user engagement with phishing emails for faster, more targeted response First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/cofense-unveils-vision-3-0-with-sub-minute-threat-containment-capabilities-and-deeper-insights/
-
Weaponized Copyright Documents Used by Threat Actors to Target Key Employees with Noodlophile Stealer
The Noodlophile Stealer malware, initially uncovered in campaigns leveraging fake AI video generation platforms, has evolved into a targeted spear-phishing operation that weaponizes copyright infringement notices to infiltrate enterprises with substantial Facebook presences. This updated variant, active for over a year, shifts from broad social media lures to highly personalized emails impersonating legal entities, incorporating…
-
Singapore issues critical alert on Dire Wolf ransomware targeting global tech and manufacturing firms
Tags: attack, authentication, backup, business, compliance, control, credentials, cyber, data, defense, email, endpoint, extortion, insurance, intelligence, leak, malicious, mfa, msp, network, phishing, ransom, ransomware, resilience, risk, supply-chain, threat, updateRipple effects on global enterprises: The global business fallout of Dire Wolf ransomware attacks is significant and poses a multi-layered, high-impact threat to global enterprises.”Its attacks directly disrupt operations and supply chains, particularly in manufacturing and tech, leading to production delays, revenue loss, and downstream customer impact,” said Manish Rawat, analyst at TechInsights. “Financial impact…
-
North Korean Kimsuky Hackers Use GitHub to Target Foreign Embassies with XenoRAT Malware
Tags: cyber, data-breach, email, espionage, github, group, hacker, malware, north-korea, password, phishing, spear-phishingThe Trellix Advanced Research Center exposed a DPRK-linked espionage operation attributed to the Kimsuky group (APT43), targeting diplomatic missions in South Korea. Between March and July, at least 19 spear-phishing emails impersonated trusted diplomatic contacts, delivering malware via password-protected ZIP archives hosted on Dropbox and Daum. These emails lured embassy staff with credible invitations to…
-
PyPI Blocks Expired Domain Access to Prevent Resurrection Attacks
The Python Package Index (PyPI) has implemented new security measures to protect against domain resurrection attacks, a sophisticated supply-chain threat where attackers purchase expired domains to hijack user accounts through password reset mechanisms. Since early June 2025, the platform has proactively unverified over 1,800 email addresses associated with domains entering expiration phases. Domain resurrection attacks…
-
Malicious npm Packages Target Crypto Developers to Steal Login Credentials
A sophisticated threat campaign dubbed >>Solana-Scan>cryptohan
-
Malicious npm Packages Target Crypto Developers to Steal Login Credentials
A sophisticated threat campaign dubbed >>Solana-Scan>cryptohan