Tag: email
-
Proofpoint buying Hornetsecurity in a play to expand email security scope
One of many big purchases in the industry: While the terms are confidential, sources have reported the price of the Hornetsecurity purchase, which is expected to close in the second half of 2025, to be well over $1 billion. This would make it Proofpoint’s largest acquisition, and also one of the biggest cybersecurity deals in…
-
After helping Russia on the ground North Korea targets Ukraine with cyberespionage
Tags: credentials, cyber, cyberespionage, email, government, hacker, identity, intelligence, korea, microsoft, north-korea, phishing, resilience, risk, russia, ukraineCredential harvesting: Before the phishing emails, the same Ukrainian government entities were targeted with email alerts impersonating Microsoft and claiming unusual sign-in activity was detected on their accounts. The victims were asked to perform identity verification by clicking on a button, which took them to credential harvesting pages.The Proofpoint researchers didn’t manage to obtain any…
-
Government webmail hacked via XSS bugs in global spy campaign
Hackers are running a worldwide cyberespionage campaign dubbed ‘RoundPress,’ leveraging zero-day and n-day flaws in webmail servers to steal email from high-value government organizations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/government-webmail-hacked-via-xss-bugs-in-global-spy-campaign/
-
CISA Alerts on Active Exploitation of Zero-Day Vulnerability in Multiple Fortinet Products
Tags: cisa, communications, cve, cyber, cybersecurity, detection, email, exploit, fortinet, infrastructure, network, vulnerability, zero-dayThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding five zero-day vulnerabilities affecting multiple Fortinet products, after evidence emerged of active exploitation in the wild. The vulnerabilities, tracked as CVE-2025-32756, impact Fortinet’s FortiVoice, FortiMail, FortiNDR, FortiRecorder, and FortiCamera platforms, widely used in enterprise environments for unified communications, email, network detection,…
-
Largest US crypto exchange says cost of recent cyber-attack could reach $400m
Hackers paid overseas Coinbase employees for account data; company is offering $20m reward for informationThe biggest cryptocurrency exchange in the US forecast that a cyber-attack that breached account data of a “small subset” of its customers would cost it between $180m and $400m. Coinbase said that price tag would not include the $20m ransom demanded…
-
Microsoft Outlook Down Millions of Business Personal Users Worldwide Impacted
A major outage hit Microsoft Outlook and other Microsoft 365 services on Thursday, May 15, 2025, leaving millions of users around the globe unable to access their email, calendars, and other essential productivity tools. The disruption began in the evening IST, with users quickly taking to social media and outage-tracking platforms to report widespread connectivity…
-
Largest US crypto exchange hit by cyber-attack with costs expected of up to $400m
Hackers paid overseas Coinbase employees for account data; company is offering $20m reward for informationThe biggest cryptocurrency exchange in the US forecast that a cyber-attack that breached account data of a “small subset” of its customers would cost it between $180m and $400m. Coinbase said that price tag would not include the $20m ransom demanded…
-
Russian Hackers Exploit XSS Vulnerabilities to Inject Malicious Code into Email Servers
Tags: blizzard, cyber, cyberespionage, cybersecurity, email, exploit, group, hacker, malicious, russia, vulnerability, xssA sophisticated cyberespionage campaign, dubbed Operation RoundPress, has been uncovered by cybersecurity researchers at ESET. Attributed with medium confidence to the Russian-linked Sednit group-also known as APT28, Fancy Bear, and Forest Blizzard-this operation targets high-value webmail servers using cross-site scripting (XSS) vulnerabilities. Active since at least 2004, Sednit has a notorious history, including alleged involvement…
-
Stealth RAT uses a PowerShell loader for fileless attacks
Threat actors have been spotted using a PowerShell-based shellcode loader to stealthily deploy Remcos RAT, a popular espionage-ready tool in line with a broader shift toward fileless techniques.As discovered by Qualys, the campaign executes a number of steps to phish an obfuscated .HTA (HTML Application) file that runs layered PowerShell scripts entirely in memory.”The attackers…
-
Spies hack high-value mail servers using an exploit from yesteryear
Attacks spilled contacts and emails from targeted accounts. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/05/spies-hack-high-value-mail-servers-using-an-exploit-from-yesteryear/
-
Why Cloud Phone Systems are The Future of Business Communication
Over the years, many different technologies have transitioned to Cloud-based solutions, including ERP systems and email management platforms…. First seen on hackread.com Jump to article: hackread.com/why-cloud-phone-systems-business-communication-future/
-
Mail relays Part 1 – Authenticate your outgoing mail!
Email authentication used to be something only big players worried about. Not anymore. While small senders may not feel the heat yet, it’s only a matter of time before it reaches them. In this blog, we explore how authentication can be implemented at the relay level to improve deliverability, prevent abuse, and get ahead. Let’s…
-
Focused Phishing: Attack Targets Victims With Trusted Sites and Live Validation
New phishing tactics are abusing trusted domains, real CAPTCHAs, and server-side email validation to selectively target victims with customized fake login pages. Keep Aware’s latest research breaks down the full attack chain and how these zero-day phish operate. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/focused-phishing-attack-targets-victims-with-trusted-sites-and-live-validation/
-
Threat Actors Leverage Weaponized HTML Files to Deliver Horabot Malware
A recent discovery by FortiGuard Labs has unveiled a cunning phishing campaign orchestrated by threat actors deploying Horabot malware, predominantly targeting Spanish-speaking users in Latin America. This high-severity threat, detailed in the 2025 Global Threat Landscape Report, exploits malicious HTML files embedded in phishing emails to steal sensitive information, including email credentials and banking data,…
-
Critical Microsoft Outlook Flaw Enables Remote Execution of Arbitrary Code
Newly disclosed vulnerability in Microsoft Outlook (CVE-2025-32705) permits attackers to execute arbitrary code on compromised systems through a memory corruption flaw. Rated 7.8 (CVSS v3.1) and classified as Important by Microsoft, this out-of-bounds read vulnerability (CWE-125) exposes email clients to localized attacks requiring minimal user interaction. With over 400 million enterprise users relying on Outlook…
-
Horabot Malware Targets 6 Latin American Nations Using Invoice-Themed Phishing Emails
Cybersecurity researchers have discovered a new phishing campaign that’s being used to distribute malware called Horabot targeting Windows users in Latin American countries like Mexico, Guatemala, Colombia, Peru, Chile, and Argentina.The campaign is “using crafted emails that impersonate invoices or financial documents to trick victims into opening malicious attachments and can steal email First seen…
-
North Korean IT Workers Are Being Exposed on a Massive Scale
Security researchers are publishing 1,000 email addresses they claim are linked to North Korean IT worker scams that infiltrated Western companies”, along with photos of men allegedly involved in the schemes. First seen on wired.com Jump to article: www.wired.com/story/north-korean-it-worker-scams-exposed/
-
CISA shifts advisory dissemination to social media, email
First seen on scworld.com Jump to article: www.scworld.com/brief/cisa-shifts-advisory-dissemination-to-social-media-email
-
GovDelivery, an email alert system used by governments, abused to send scam messages
The state of Indiana attributed the scam emails to a compromised contractor’s account. First seen on techcrunch.com Jump to article: techcrunch.com/2025/05/13/government-email-alert-system-govdelivery-used-to-send-scam-messages/
-
Government email alert system GovDelivery used to send scam messages
The state of Indiana attributed the scam emails to a compromised contractor’s account. First seen on techcrunch.com Jump to article: techcrunch.com/2025/05/13/government-email-alert-system-govdelivery-used-to-send-scam-messages/
-
CISA Shifts Alert Distribution Strategy to Email, Social Media
CISA won’t post standard cybersecurity updates on its website, shifting to email and social media First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisa-alert-strategy-email-social/
-
CISA’s alert pivot reflects a new era of decentralized cyber threat communication
Tags: access, cisa, ciso, communications, cyber, cybersecurity, email, exploit, incident response, intelligence, kev, monitoring, risk, strategy, threat, tool, update, vulnerabilityFrom centralized alerts to multi-channel intelligence: CISA’s shift means enterprises must now adopt a more proactive approach to gathering threat intelligence. While the agency isn’t reducing the volume of information shared, the distribution model now demands a more decentralized, digitally savvy strategy from recipients.This change empowers organizations to refine how they consume alerts, Varkey said.…
-
Phishing Campaign Uses Blob URLs to Bypass Email Security and Avoid Detection
Cybersecurity researchers at Cofense Intelligence have identified a sophisticated phishing tactic leveraging Blob URIs (Uniform Resource Identifiers) to deliver credential phishing pages directly to users’ inboxes while evading traditional email security measures. Blob URIs, typically used by browsers to handle temporary data like images, audio, or video files, are now being weaponized by threat actors…
-
Security Affairs newsletter Round 523 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Ascension reveals personal data of 437,329 patients exposed in cyberattack Operation Moonlander dismantled the botnet behind Anyproxy and…
-
New KnowBe4 CEO Bryan Palma Combats Human Risk Via AI Agents
Strategic Plan Includes Human Risk Management Platform Expansion, IPO Preparation. Bryan Palma outlines his vision to grow KnowBe4 beyond security awareness training by investing in agentic AI, expanding email and behavioral tools and positioning the company for IPO readiness. He highlights Vista Equity’s support and platform depth as key assets. First seen on govinfosecurity.com Jump…
-
Recipient Address Rejected: Access Denied Causes Fixes (SMTP 550 5.7.1)
Struggling with “recipient address rejected: access denied”? Understand SMTP 550 5.7.1 errors and how to fix this email bounce issue step by step. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/recipient-address-rejected-access-denied-causes-fixes-smtp-550-5-7-1/