Brand spoofing: criminals increasingly disguise themselves as local businesses
Suspicious emails usually appear to come from Microsoft or Amazon. However, criminals are becoming increasingly cunning with the brands they mimic, so potential victims do not readily recognize the deception.
Mimecast looked at an overview of criminal activity through email campaigns in its Octo... Read more
‘Quishing attacks surge and bypass email security’
Email attacks using QR codes increased significantly in the last quarter of 2023. Researchers are concerned because quishing attacks are increasingly able to bypass email security solutions or spam filters.
Researchers at Abnormal Security found in a study that quishing attacks involving malicio... Read more
New form of phishing: What is quishing and why is it dangerous?
Phishing is a technique that is still commonly used by hackers even though the attack is years old. Small changes to the technique breathe new life into the phishing scheme each time. This mainly involves changing the medium. Whereas phishing was traditionally spread via email, hackers later switch... Read more
Barracuda zero-day exploited for espionage in Belgium, Germany and Poland
The Chinese hackers who broke into Barracuda's Email Security Gateway (ESG) devices appeared to be primarily interested in devices belonging to politically important targets. The hackers spared no expense to maintain a presence in these devices after a patch was released. Barracuda eventually decid... Read more
Backdoor malware targets unrecoverable Barracuda ESG appliances
A new backdoor malware has targeted Barracuda's Email Security Gateway (ESG) appliances. Customers who have not yet replaced the unrecoverable appliances will have to hurry.
CISA discovered the backdoor malware "Whirlpool" designed to exploit the vulnerability in Barracuda's ESG appliances. Thi... Read more
Microsoft’s cybersecurity criticized again: ‘Even worse than we thought’
A "critical" vulnerability in Azure AD just won't be addressed by Microsoft. The tech giant appears to have known about it since March but keeps putting off fixing it. The CEO of the cybersecurity company that reported the vulnerability is now expressing his frustration with this slow response onli... Read more
New phishing tactic abuses Google AMP to trick email security solutions
Hackers have found a way to circumvent mailbox security solutions. A higher number of phishing emails end up in employees' inboxes as a result.
Through Google Accelerated Mobile Pages (AMP), hackers can still get phishing messages into companies' mailboxes. Hackers extend the URL leading to the... Read more
Chinese email hack only detectable with most expensive Microsoft subscription
Among Microsoft's cloud computing services are detection tools that could have detected the Chinese email hack. The right tools are only part of the most comprehensive and most expensive subscription. In the US, they want to see things changed.
The Biden administration wonders if Microsoft shou... Read more
‘Chinese email hack affects Western European governments’
Microsoft revealed this week that Chinese hackers were conducting spying operations on U.S. organizations. The leaked information would include email messages from Commerce Secretary Gina Raimondo, who plays a crucial role in export restrictions to China surrounding computer chips.
The email hac... Read more
Bug in Barracuda Email Gateway Defense blocks login attempts
Users of Barracuda's Email Gateway Defense are unable to access their accounts. The company anticipates providing a fix by July 14.
A flaw in Barracuda's Email Gateway Defense is locking users out of their accounts. A login attempt is followed by the message 'The link to log in is invalid'.
... Read more