Tag: spam

‘AkiraBot’ Spammed 80,000 Websites With AI-Generated Messages

Apr 10, 2025 11:06 AM

Tags: ai, captcha, framework, spam

CAPTCHA-evading Python framework AkiraBot has spammed over 80,000 websites with AI-generated spam messages. The post ‘AkiraBot’ Spammed 80,000 Websites With AI-Generated Messages appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/akirabot-spammed-80000-websites-with-ai-generated-messages/
AkiraBot Targets 420,000 Sites with OpenAI-Generated Spam, Bypassing CAPTCHA Protections

Apr 10, 2025 10:05 AM

Tags: ai, captcha, cybersecurity, intelligence, openai, service, spam

Cybersecurity researchers have disclosed details of an artificial intelligence (AI) powered platform called AkiraBot that’s used to spam website chats, comment sections, and contact forms to promote dubious search engine optimization (SEO) services such as Akira and ServicewrapGO.”AkiraBot has targeted more than 400,000 websites and successfully spammed at least 80,000 websites since September First seen…
Precision-validated phishing: The rise of sophisticated credential theft

Apr 10, 2025 5:05 AM

Tags: api, authentication, awareness, ciso, credentials, data-breach, defense, email, infosec, mail, password, phishing, sans, service, spam, spear-phishing, theft, threat, training

‘A little bit of hype’: David Shipley, head of Canadian-based security awareness training firm Beauceron Security, said “there’s a little bit of hype” in giving the tactic a fancy name for what is in fact spear phishing, although, he admitted, it’s “rapid-fire spear phishing.”The reason, he said, is that “spray-and-pray” mass phishing campaigns today are…
New AkiraBot Abuses OpenAI API to Spam Website Contact Forms

Apr 9, 2025 6:52 PM

Tags: ai, api, cybersecurity, openai, spam

Cybersecurity researchers have identified a new spam campaign driven by ‘AkiraBot,’ an AI-powered bot that targets small business… First seen on hackread.com Jump to article: hackread.com/akirabot-abuses-openai-api-spam-website-contact-forms/
Waski verbreitet Banking-Trojaner: auch deutsche Nutzer betroffen

Apr 9, 2025 5:55 PM

Tags: banking, mail, spam

Wenn du in den letzten Tagen und Wochen eine Spam-E-Mail mit einer ZIP-Datei im Anhang bekommen hast, könnte es durchaus sein, dass es sich um eine Schadsoftware handelt, die es auf die Zugangsdaten deines Onlinebanking-Accounts abgesehen hat. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2015/03/26/waski-verbreitet-banking-trojaner-auch-deutsche-nutzer-betroffen/
Mumblehard: Linux-Malware verbreitet Spam über deinen Server

Apr 9, 2025 5:55 PM

Tags: linux, malware, spam

Heute decken ESET-Experten eine Linux-Malware-Familie auf, die bereits seit einiger Zeit ihr Unwesen treibt Linux/Mumblehard. Ein White Paper über die Bedrohung ist auf WeLiveSecurity als Download verfügbar. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2015/04/29/mumblehard-linux-malware-verbreitet-spam-ueber-deinen-server/
Best Email Deliverability Tools

Apr 7, 2025 6:42 PM

Tags: email, spam, tool

Discover the best email deliverability tools to enhance inbox placement, monitor reputation, and prevent spam issues. Compare top solutions for improved email performance. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/best-email-deliverability-tools/
PoisonSeed targets Mailchimp, Mailgun, and Zoho to phish high-value accounts

Apr 7, 2025 2:42 PM

Tags: attack, crypto, phishing, spam, supply-chain, threat

Activities align with CryptoChameleon: While many threat researchers have linked PoisonSeed actors to Scattered Spider, Silent Push believes the alignment is more accurate with the CryptoChameleon advanced phishing kit from 2024.The mailchimp-sso[.]com domain, which is the basis of the association made with Scattered Spider, was registered on Porkbun from the previous attack up until March…
PoisonSeed Exploits CRM Accounts to Launch Cryptocurrency Seed Phrase Poisoning Attacks

Apr 7, 2025 11:42 AM

Tags: attack, credentials, crypto, email, exploit, malicious, spam, tool

A malicious campaign dubbed PoisonSeed is leveraging compromised credentials associated with customer relationship management (CRM) tools and bulk email providers to send spam messages containing cryptocurrency seed phrases in an attempt to drain victims’ digital wallets.”Recipients of the bulk spam are targeted with a cryptocurrency seed phrase poisoning attack,” Silent Push said in an First…
How to Check Email Deliverability?

Apr 2, 2025 10:47 PM

Tags: email, spam

Struggling with emails landing in spam? Learn how to check email deliverability effectively, troubleshoot common issues, and improve inbox placement. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/how-to-check-email-deliverability/
Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images

Mar 31, 2025 4:13 PM

Tags: access, exploit, hacker, malicious, spam, threat, wordpress

Threat actors are using the “mu-plugins” directory in WordPress sites to conceal malicious code with the goal of maintaining persistent remote access and redirecting site visitors to bogus sites.mu-plugins, short for must-use plugins, refers to plugins in a special directory (“wp-content/mu-plugins”) that are automatically executed by WordPress without the need to enable them explicitly via…
Hijacked Microsoft web domain injects spam into SharePoint servers

Mar 29, 2025 5:13 AM

Tags: microsoft, spam

The legacy domain for Microsoft Stream was hijacked to show a fake Amazon site promoting a Thailand casino, causing all SharePoint sites with old embedded videos to display it as spam. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/hijacked-microsoft-stream-classic-domain-spams-sharepoint-sites/
Multistage Info-Stealer SnakeKeylogger Targets Individuals and Businesses to Steal Login Credentials

Mar 25, 2025 7:16 PM

Tags: attack, credentials, cyber, email, infection, login, malicious, malware, spam, threat

SnakeKeylogger, a sophisticated multistage malware, has emerged as a significant threat to both individuals and businesses by targeting sensitive login credentials. This malware campaign is characterized by its stealthy in-memory execution and multi-stage infection chain, making it challenging to detect. The attack begins with a malicious spam email containing a .img file attachment, which, when…
11 ways cybercriminals are making phishing more potent than ever

Mar 25, 2025 8:13 AM

Tags: 2fa, ai, attack, authentication, awareness, breach, business, ciso, conference, corporate, credentials, cyber, cyberattack, cybercrime, cybersecurity, dark-web, data, deep-fake, detection, dns, email, exploit, finance, hacker, infrastructure, intelligence, linkedin, login, malicious, malware, mfa, microsoft, mobile, office, phishing, powershell, qr, russia, service, social-engineering, software, sophos, spam, sql, switch, theft, threat, tool

They’re luring with voice and video: Bad actors are also exploiting AI’s ability to clone voices and likenesses from audio and video clips or images found online.Combined with tools that mimic caller ID, cybercriminals can fool targets by calling them and purporting to be a family member, friend, or work colleague seeking urgent assistance. Such…
Exchange Online bug mistakenly quarantines user emails

Mar 21, 2025 7:13 PM

Tags: email, microsoft, spam

Microsoft is investigating an Exchange Online bug causing anti-spam systems to mistakenly quarantine some users’ emails. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-exchange-online-bug-mistakenly-quarantines-user-emails/
ESET Endpoint Security Outlook-Plug-in flutet Exchange Online SPAM-Ordner

Mar 21, 2025 1:13 AM

Tags: endpoint, spam

Ich stelle mal eine Beobachtung hier im Blog ein, die möglicherweise Administratoren von Exchange Online helfen könnte. Es gibt einen Bericht, dass das Outlook Plug-in von ESET Endpoint Security die SPAM-Ordner von Exchange Online-Postfächern mit Einträgen flutet. In diesem Kontext … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/21/eset-endpoint-security-outlook-plug-in-flutet-exchange-online-spam-ordner/
Attackers use CSS to create evasive phishing messages

Mar 17, 2025 5:52 PM

Tags: cisco, detection, exploit, phishing, privacy, spam, threat

Threat actors exploit Cascading Style Sheets (CSS) to bypass spam filters and detection engines, and track users’ actions and preferences. Cisco Talos observed threat actors abusing Cascading Style Sheets (CSS) to evade detection and track user behavior, raising security and privacy concerns, including potential fingerprinting. Cascading Style Sheets (CSS) is a stylesheet language used to…
Cybercriminals Exploit CSS to Evade Spam Filters and Track Email Users’ Actions

Mar 17, 2025 2:52 PM

Tags: cisco, cybercrime, email, exploit, malicious, spam

Malicious actors are exploiting Cascading Style Sheets (CSS), which are used to style and format the layout of web pages, to bypass spam filters and track users’ actions.That’s according to new findings from Cisco Talos, which said such malicious activities can compromise a victim’s security and privacy.”The features available in CSS allow attackers and spammers…
Hackers Use CSS Tricks to Bypass Spam Filters and Monitor Users

Mar 17, 2025 8:52 AM

Tags: cyber, cybersecurity, hacker, malicious, privacy, spam, threat

Cybersecurity experts have uncovered how hackers use Cascading Style Sheets (CSS) to deceive spam filters and monitor user behavior. This sophisticated technique allows malicious actors to remain under the radar while gaining insights into user preferences and actions. The abuse of CSS for both evasion and tracking poses substantial threats to privacy and security. The…
Kurzinfo: Spam, angeblich von borncity.com Missbrauch von IP 95.211.93.115

Mar 14, 2025 3:52 PM

Tags: spam

Kurzer Hinweis an IT-Mitarbeiter und Administratoren unter der Leserschaft. Gerade bin ich von einer Stelle darüber informiert worden, dass von borncity.com “SPAM versendet wird” und es wurde ein Problem vermutet. Ich bin noch am Recherchieren, gehe aber davon aus, … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/14/kurzinfo-spam-angeblich-von-borncity-com/
Kurzinfo: Spam, angeblich von borncity.com

Mar 14, 2025 1:52 PM

Tags: spam

Kurzer Hinweis an IT-Mitarbeiter und Administratoren unter der Leserschaft. Gerade bin ich von einer Stelle darüber informiert worden, dass von borncity.com “SPAM versendet wird” und es wurde ein Problem vermutet. Ich bin noch am Recherchieren, gehe aber davon aus, … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/14/kurzinfo-spam-angeblich-von-borncity-com/
The most notorious and damaging ransomware of all time

Mar 14, 2025 9:52 AM

Tags: access, android, attack, backdoor, backup, banking, botnet, breach, communications, computer, control, credentials, cryptography, cyber, cybercrime, dark-web, data, defense, detection, email, encryption, endpoint, exploit, extortion, finance, flaw, framework, germany, google, government, group, hacker, hacking, healthcare, infection, infrastructure, international, jobs, korea, law, lazarus, leak, linux, malicious, malware, microsoft, mobile, msp, network, north-korea, office, open-source, oracle, password, phishing, phone, powershell, ransom, ransomware, russia, service, software, spam, switch, technology, threat, tool, ukraine, update, usa, virus, vulnerability, windows

Conti: History: First appearing in May 2020, the Conti RaaS platform is considered the successor to the Ryuk ransomware. As of January 2021, Conti is believed to have infected over 150 organizations and earned millions of dollars for its criminal developers and their affiliates. At least three new versions have been found since its inception.How it works: Conti uses the…
Google Introduces New AI-Powered Scam Detection Features for Android

Mar 5, 2025 3:34 PM

Tags: ai, android, detection, google, scam, spam

With Android Scam Detection for messages and calls, Google wants to push scam detection further than traditional spam detection First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/google-new-ai-scam-detection/
CISOs should address identity management ‘as fast as they can’ says CrowdStrike exec

Mar 4, 2025 12:34 AM

Tags: access, ai, attack, authentication, business, china, ciso, crowdstrike, cvss, cyberattack, disinformation, email, exploit, finance, government, identity, iran, jobs, malicious, malware, mfa, microsoft, network, north-korea, password, phishing, phone, powershell, russia, service, social-engineering, spam, switch, tactics, threat, tool, update, vulnerability

Breakout time, how long it takes for an adversary to start moving laterally across at IT network, reached an all-time low last year. The average fell to 48 minutes, while the fastest breakout time dropped to a mere 51 seconds;Voice phishing (vishing) attacks, where adversaries call victims to amplify their activities with persuasive social engineering…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 35

Mar 2, 2025 12:33 PM

Tags: attack, botnet, exploit, google, group, international, kaspersky, malware, password, ransomware, spam

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. DragonForce Ransomware Group is Targeting Saudi Arabia Massive Botnet Targets M365 with Stealthy Password Spraying Attacks Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab ACRStealer Infostealer Exploiting Google Docs as C2 #StopRansomware: Ghost (Cring) Ransomware…
Phishing-Alarm: ADAC, DocuSign, Angriffe auf Paypal und Microsoft 365-Konten

Mar 1, 2025 12:34 AM

Tags: cyberattack, finance, mail, microsoft, phishing, spam

Die Tage sind mir wieder eine Reihe Phishing-Mails oder Meldungen zu Phishing untergekommen. So wird mein Postfach von DocuSign-Phishing-Mails von Amazons E-Mail-Dienst geflutet, weil 1&1 das im SPAM-Filter nicht erkennt. Auch eine ADAC-SPAM-Nachricht kam durch. Weiterhin sollten Paypal- und Microsoft … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/01/phishing-alarm-amazon-docusign-paypal-und-co/
Over 350 High-Profile Websites Hit by 360XSS Attack

Feb 28, 2025 7:34 PM

Tags: attack, exploit, government, spam, xss

360XSS campaign exploits Krpano XSS to hijack search results & distribute spam ads on 350+ sites, including government,… First seen on hackread.com Jump to article: hackread.com/over-350-high-profile-websites-hit-by-360xss-attack/
Hackers Evade Outlook Spam Filters to Deliver Malicious ISO Files

Feb 25, 2025 7:23 AM

Tags: cyber, hacker, malicious, malware, microsoft, phishing, spam, threat

A newly discovered technique allows threat actors to circumvent Microsoft Outlook’s spam filters to deliver malicious ISO files, exposing organizations to sophisticated phishing campaigns. The bypass leverages hyperlink obfuscation to disguise malicious links as benign URLs, enabling attackers to distribute malware-laden disk image files directly to victims’ inboxes. As per a report by Afine, Security…
DOGE’s HR email is getting the ‘Bee Movie’ spam treatment

Feb 24, 2025 10:23 PM

Tags: email, spam

Over the weekend, Elon Musk surveyed his followers on X, the platform he spent $44 billion to buy, asking whether federal employees should be required to send his team an email with a list of five things they accomplished this week. With the yes votes totaling over 70%, Musk followed through. Federal employees […] First…
Cyberangriff auf Stadt Brandenburg (12. Feb. 2025)?

Feb 13, 2025 3:48 PM

Tags: cyberattack, mail, spam

Kurze Meldung in Sachen Cybersicherheit. Die Stadt Brandenburg ist wohl am am gestrigen Nachmittag, den 12. Februar 2025, das Opfer eines SPAM- oder Cyberangriffs geworden. Inzwischen schlagen SPAM-Mitteilungen mit einer angeblichen Information des Amt für Soziales und Jugend bei E-Mail-Empfängern … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/02/13/cyberangriff-auf-stadt-brandenburg-12-feb-2025/