Tag: spam
-
Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks
Two critical security flaws impacting the Spam protection, Anti-Spam, and FireWall plugin WordPress could allow an unauthenticated attacker to install and enable malicious plugins on susceptible sites and potentially achieve remote code execution.The vulnerabilities, tracked as CVE-2024-10542 and CVE-2024-10781, carry a CVSS score of 9.8 out of a maximum of 10.0. They were addressed in…
-
200,000 WordPress Sites Exposed to Cyber Attack, Following Plugin Vulnerability
A critical security vulnerability has been discovered in the popular WordPress plugin Anti-Spam by CleanTalk, which is installed on over 200,000 websites. The vulnerability, which includes two distinct flaws (CVE-2024-10542 and CVE-2024-10781), could allow attackers to install and activate arbitrary plugins on affected websites, potentially leading to remote code execution and full site compromise. Website owners…
-
Critical Vulnerabilities Found in Anti-Spam Plugin Used by 200,000 WordPress Sites
Two vulnerabilities in the Anti-Spam by CleanTalk WordPress plugin allowed attackers to execute arbitrary code remotely. The post Critical Vulnerabilities Found in Anti-Spam Plugin Used by 200,000 WordPress Sites appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/critical-vulnerabilities-found-in-anti-spam-plugin-used-by-200000-wordpress-sites/
-
Ursnif Trojan Campaign Targets U.S. Professionals via Stealthy Spam Attacks
The Ursnif banking Trojan, one of the most notorious forms of malware targeting financial data, has been observed in a sophisticated campaign using advanced techniques to avoid detection and steal sensitive information. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/ursnif-banking-trojan/
-
WordPress-Plug-in Anti-Spam by Cleantalk gefährdet 200.000 Seiten
Im WordPress-Plug-in Anti-Spam by Cleantalk klaffen gleich zwei Sicherheitslücken, durch die nicht authentifizierte Angreifern Instanzen kompromittieren können. First seen on heise.de Jump to article: www.heise.de/news/Wordpress-Plug-in-Anti-Spam-by-Cleantalk-gefaehrdet-200-000-Seiten-10175993.html
-
Three-Quarters of Black Friday Spam Emails Identified as Scams
Bitdefender found that 77% of Black Friday-themed spam emails in 2024 have been identified as scams, with attackers becoming more creative in their campaigns First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/black-friday-spam-emails-scams/
-
60% of Emails with QR Codes Classified as Spam or Malicious
60% of QR code emails are spam according findings from Cisco Talos, who also identified attackers using QR code art to bypass security filters First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/60-emails-qr-codes-spam-malicious/
-
Malicious QR Codes: How big of a problem is it, really?
QR codes are disproportionately effective at bypassing most anti-spam filters. Talos discovered two effective methods for defanging malicious QR codes, a necessary step to make them safe for consumption. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/malicious_qr_codes/
-
Malicious QR codes
QR codes are disproportionately effective at bypassing most anti-spam filters, as most filters are not designed to recognize that a QR code is present in an image and decode the QR code. According to Talos’ data, roughly 60% of all email containing a QR code is spam. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/malicious_qr_codes/
-
Spotify abused to promote pirated software and game cheats
Spotify playlists and podcasts are being abused to push pirated software, game cheat codes, spam links, and “warez” sites. By injecting targeted keywords and links in playlist names and podcast descriptions, threat actors may benefit from boosting SEO for their dubious online properties appearing in Google. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/spotify-abused-to-promote-pirated-software-and-game-cheats/
-
Scammers Use DocuSign API to Evade Spam Filters with Phishing Invoices
First seen on hackread.com Jump to article: hackread.com/scammers-docusign-api-spam-filters-phishing-invoices/
-
DocuSign Abused to Deliver Fake Invoices
Cybercriminals are abusing DocuSign APIs to send bogus email messages that bypass protections such as spam and phishing filters. The post DocuSign Abu… First seen on securityweek.com Jump to article: www.securityweek.com/docusign-apis-abused-to-deliver-fake-invoices/
-
Spooky Spam, Scary Scams: Halloween Threats Rise
Halloween-themed spam has risen sharply this season, with Bitdefender reporting that 40% of these emails contain malicious content designed to scam us… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/spooky-spam-scary-scams-halloween-threats-rise/
-
Simple Mail Transfer Pirates: How threat actors are abusing third-party infrastructure to send spam
Many spammers have elected to attack web pages and mail servers of legitimate organizations, so they may use these pirated resources to send unsolicit… First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/simple-mail-transfer-pirates/
-
Cofense announces Client-Specific Privacy-Assured AI Spam Filtering
New advancements to the Cofense Phishing Detection and Response (PDR) platform improve visibility of dangerous email-based threats helping SOC teams r… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/cofense-announces-client-specific-privacy-assured-ai-spam-filtering/
-
GMX und Web.de filtern wöchentlich 1,9 Milliarden Spam-Mails auch dank KI
First seen on heise.de Jump to article: www.heise.de/news/GMX-und-Web-de-filtern-woechentlich-1-9-Milliarden-Spam-Mails-auch-dank-KI-9983886.html
-
Rspamd: Open-source spam filtering system
Rspamd is an open-source spam filtering and email processing framework designed to evaluate messages based on a wide range of rules, including regular… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/07/rspamd-open-source-spam-filtering/
-
Hackers Abusing Third-Party Email Infrastructure to Send Spam Mails
Hackers are increasingly exploiting third-party email infrastructures to send spam emails. This tactic complicates the detection and prevention of spa… First seen on gbhackers.com Jump to article: gbhackers.com/hackers-abusing-third-party-email-infrastructure/
-
Phishing-Warnung: Spam-E-Mails im Namen des BSI
First seen on heise.de Jump to article: www.heise.de/news/Phishing-Warnung-Spam-E-Mails-im-Namen-des-BSI-9863496.html
-
Warnung vor Comdirect SMS-Spam
Ein Blog-Leser hat mich per Mail informiert, dass er derzeit vermehrt SMS-Spam erhält, der auf Kunden der Comdirect-Bank abzielt. In der SMS heißt es … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/09/01/warnung-vor-comdirect-sms-spam/
-
Verkada to pay $2.95 million for alleged CAN-SPAM Act violations
The Federal Trade Commission (FTC) requires security camera vendor Verkada to create a comprehensive information security program as part of a settlem… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/verkada-to-pay-295-million-for-alleged-can-spam-act-violations/
-
Problem: SPAM-Welle über Mailing-Listen (Google Groups, Microsoft)
Im Kontext des Themas Abwehr von SPAM greife ich noch einen Sachverhalt auf, der aktuell wohl zum Problem wird. Mailing-Listen von Google Groups oder … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/08/28/problem-spam-welle-ber-mailing-listen-google-groups-microsoft/
-
A misuse of Spamhaus blocklists: PART 2 How to limit outbound spam
Tags: spamIf you’ve skipped the first part of this series, we strongly recommend you go and read this blog first to understand the misuse of Spamhaus blocklists… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/a-misuse-of-spamhaus-blocklists-part-2-how-to-limit-outbound-spam/
-
Xeon Sender Tool Exploits Cloud APIs for Large-Scale SMS Phishing Attacks
Malicious actors are using a cloud attack tool named Xeon Sender to conduct SMS phishing and spam campaigns on a large scale by abusing legitimate ser… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/xeon-sender-tool-exploits-cloud-apis.html
-
Fraud tactics and the growing prevalence of AI scams
In the first six months of 2024, Hiya flagged nearly 20 billion calls as suspected spam more than 107 million spam calls everyday. The data showed spa… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/08/23/fraud-tactics-ai-scams/
-
New Tool Xeon Sender Enables Large-Scale SMS Spam Attacks
First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/xeon-sender-enables-sms-spam/
-
Azure domains and Google abused to spread disinformation and malware
A clever disinformation campaign engages several Microsoft Azure and OVH cloud subdomains as well as Google search to promote malware and spam sites. … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/azure-domains-and-google-abused-to-spread-disinformation-and-malware/
-
Indian telecom regulator orders crackdown on spam calls
First seen on therecord.media Jump to article: therecord.media/indian-telecom-regulator-cracks-down-spam
-
Hackers posing as Ukraine’s Security Service infect 100 govt PCs
Attackers impersonating the Security Service of Ukraine (SSU) have used malicious spam emails to target and compromise systems belonging to the countr… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-posing-as-ukraines-security-service-infect-100-govt-pcs/
-
Proofpoint: Betrüger verschicken Millionen Spam-Mails im Namen von Disney & Co.
First seen on heise.de Jump to article: www.heise.de/news/Proofpoint-Betrueger-verschicken-Millionen-Spam-Mails-im-Namen-von-Disney-Co-9818191.html