Tag: email
-
Treasury’s OCC Says Hackers Had Access to 150,000 Emails
The Office of the Comptroller of the Currency (OCC) has disclosed an email security incident in which 100 accounts were compromised for over a year. The post Treasury’s OCC Says Hackers Had Access to 150,000 Emails appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/treasurys-occ-says-hackers-had-access-to-150000-emails/
-
Hackers Stole ‘Highly Sensitive’ US Banking Regulator Emails
Microsoft Reportedly Alerted Office of the Comptroller of the Currency to Breach. For nearly two years, hackers reportedly spied on 150,000 highly sensitive emails sent and received by America’s banking regulator, the Office of the Comptroller of the Currency. The OCC said it’s continuing to probe the major information security incident. First seen on govinfosecurity.com…
-
Phishing kits now vet victims in real-time before stealing credentials
Phishing actors are employing a new evasion tactic called ‘Precision-Validated Phishing’ that only shows fake login forms when a user enters an email address that the threat actors specifically targeted. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/phishing-kits-now-vet-victims-in-real-time-before-stealing-credentials/
-
New Double-Edged Email Attack Steals Office 365 Credentials and Delivers Malware
Cybersecurity experts have uncovered a sophisticated phishing campaign that employs a double-edged tactic to compromise Office 365 credentials and deliver malware, posing significant risks to organizations worldwide. The campaign, identified by the Cofense Phishing Defense Center (PDC), uses a file deletion reminder as a pretext to trick victims into engaging with what appears to be…
-
US banking regulator reports on ‘major’ cyber incident involving senior officials’ emails
The U.S. Office of the Comptroller of the Currency told Congress that a breach of its email systems reported in February involved “highly sensitive information” in the accounts of high-ranking officials. First seen on therecord.media Jump to article: therecord.media/office-comptroller-currency-email-hack-report
-
Germany links cyberattack on research group to Russian state-backed hackers
The German Association for Eastern European Studies (DGO) said the attack at the end of March targeted email systems, bypassing security measures put in place after another recent breach with suspected Russian links. First seen on therecord.media Jump to article: therecord.media/germany-links-cyberattack-russian-hackers
-
Gmail EndEnd Email Encryption Explained: A Guide for Enterprise Users
Google is rolling out end-to-end encrypted (E2EE) email for Gmail enterprise users using Client-Side Encryption (CSE). First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/gmail-end-to-end-email-encryption-explained-a-guide-for-enterprise-users/
-
ESystem einer US-Regulierungsbehörde gehackt
OCC Notifies Congress of Incident Involving Email System First seen on occ.gov Jump to article: occ.gov/news-issuances/news-releases/2025/nr-occ-2025-30.html
-
Pick your Poison A Double-Edged Email Attack
Pick your Poison – A Double-Edged Email Attack First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/pick-your-poison-a-double-edged-email-attack/
-
UK authority’s search for answers over deleted Julian Assange emails comes too late to retrieve data
The Crown Prosecution Service has finally searched for information about the destruction of emails from the WikiLeaks founder’s lawyer but too late to retrieve data about the deleted documents First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366622234/UK-authorities-search-for-answers-over-deleted-Julian-Assange-emails-comes-too-late-to-retrieve-data
-
Year in Review: Key vulnerabilities, tools, and shifts in attacker email tactics
From Talos’ 2024 Year in Review, here are some findings from the top targeted network device vulnerabilities. We also explore how threat actors are moving away from time sensitive lures in their emails. And finally we reveal the tools that adversaries most heavily utilized last year. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/year-in-review-key-vulnerabilities-tools-and-shifts-in-attacker-email-tactics/
-
UAC-0226 Deploys GIFTEDCROOK Stealer via Malicious Excel Files Targeting Ukraine
The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed a new set of cyber attacks targeting Ukrainian institutions with information-stealing malware.The activity is aimed at military formations, law enforcement agencies, and local self-government bodies, particularly those located near Ukraine’s eastern border, the agency said.The attacks involve distributing phishing emails First seen on thehackernews.com Jump…
-
Morphing Meerkat: A PhaaS Utilizing DNS Reconnaissance to Generate Targeted Phishing Pages
Originally discovered in 2020 as a Phishing-as-a-Service (PhaaS) platform, Morphing Meerkat has since evolved into a sophisticated cybercriminal tool. Initially capable of mimicking login pages for only five email services, the platform has expanded its capabilities, now encompassing over 100 distinct phishing scams. This advancement highlights its increasing technical sophistication and growing threat to organizations…
-
Dental Practice Support Firm Notifying 173,400 of Email Hack
Breach Affects Pediatric, Orthodontic and Dental Surgery Practices in 6 States. A Nashville, Tennessee firm that provides HR and finance services to dozens of specialty dental practices across six states is notifying more than 173,400 people of a 2024 email hacking incident affecting children and other patients. The company already faces several lawsuits related to…
-
Threat Actors Use VPS Hosting Providers to Deliver Malware and Evade Detection
Cybercriminals are intensifying phishing campaigns to spread the Grandoreiro banking trojan, targeting users primarily in Mexico, Argentina, and Spain. A detailed analysis by Forcepoint X-Labs reveals the sophisticated techniques employed by these attackers to evade detection and deliver malware. Phishing Tactics and Infrastucture The campaign begins with phishing emails purportedly from tax agencies, containing high-importance…
-
Best Email Deliverability Tools
Discover the best email deliverability tools to enhance inbox placement, monitor reputation, and prevent spam issues. Compare top solutions for improved email performance. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/best-email-deliverability-tools/
-
What are Verified Mark Certificates how do they help authenticate emails?
Digital certificates are a vital part of securing online communications, including email. While they primarily safeguard sensitive data, they can also enhance trust and brand recognition. Verified mark certificates (VMCs) are a specialized type of digital certificate used to authenticate emails by displaying a trademarked logo next to the sender’s name. VMCs offer a variety…
-
CRM, Bulk Email Providers Targeted in Crypto Phishing Campaign
‘PoisonSeed’ phishing campaign targets CRM and bulk email providers to distribute “crypto seed phrase” messages. The post CRM, Bulk Email Providers Targeted in Crypto Phishing Campaign appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/crm-bulk-email-providers-targeted-in-crypto-phishing-campaign/
-
PoisonSeed Campaign uses stolen email credentials to spread crypto seed scams and and empty wallets
A campaign named PoisonSeed uses stolen CRM and bulk email credentials to send crypto seed scams, aiming to empty victims’ digital wallets. Silent Push researchers warn of a malicious PoisonSeed campaign that uses stolen CRM and bulk email provider credentials to send crypto seed phrase spam. Victims are tricked into importing compromised seed phrases into…
-
PoisonSeed Exploits CRM Accounts to Launch Cryptocurrency Seed Phrase Poisoning Attacks
A malicious campaign dubbed PoisonSeed is leveraging compromised credentials associated with customer relationship management (CRM) tools and bulk email providers to send spam messages containing cryptocurrency seed phrases in an attempt to drain victims’ digital wallets.”Recipients of the bulk spam are targeted with a cryptocurrency seed phrase poisoning attack,” Silent Push said in an First…
-
PoisonSeed Campaign: Uncovering a Web of Cryptocurrency and Email Provider Attacks
Silent Push Threat Analysts have uncovered a sophisticated campaign targeting enterprise organizations, VIP individuals, and cryptocurrency holders, dubbed >>PoisonSeed.>crypto seed phrase
-
Security Affairs newsletter Round 518 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. A flaw in Verizon’s iOS Call Filter app exposed call records of millions Port of Seattle ‘s August…
-
CYFOX Launches Email Security Solution with Direct Microsoft 365 Integration
First seen on scworld.com Jump to article: www.scworld.com/news/cyfox-launches-email-security-solution-with-direct-microsoft-365-integration
-
DMARC Adoption in U.S. and Canada Higher Education Sector
We’re looking at how DMARC adoption is shaping the email security landscape of colleges and universities in North America. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/dmarc-adoption-in-u-s-and-canada-higher-education-sector/
-
Cyber agencies urge organizations to collaborate to stop fast flux DNS attacks
How to mitigate DNS attacks: Fast flux is one of many types of DNS attack. But there are tactics organizations can use to mitigate them.In the case of fast flux, the report recommends that:defenders should use cybersecurity and PDNS services that detect and block fast flux. “By leveraging providers that detect fast flux and implement…
-
PoisonSeed Targets CRM and Bulk Email Providers in New Supply Chain Phishing Attack
A sophisticated phishing campaign, dubbed >>PoisonSeed,
-
Beware! Weaponized Job Recruitment Emails Spreading BeaverTail and Tropidoor Malware
A concerning malware campaign was disclosed by the AhnLab Security Intelligence Center (ASEC), revealing how threat actors are leveraging fake recruitment emails to distribute malicious payloads. The attackers impersonated Dev.to, a prominent developer community, and lured victims with promises of lucrative job offers. Instead of attaching malware directly to emails, they provided a BitBucket link…