Tag: Email security
-
The Evolution of IcedID: From Banking Fraud to malware Delivery
New versions of IcedID no longer possess the capability for unusual online banking fraud. It concentrates on spreading more malware on compromised systems. According to the cybersecurity website, since late last year, three different hackers have used these new variants in seven operations. Moreover, all these operations have as their primary objective; the distribution of…
-
Microsoft is stepping up its efforts to prevent hazardous emails
Microsoft is launching a new Exchange Online security feature. Moreover, it is likely that after 90 days of administrators being notified to secure them, any emails sent from “persistently vulnerable exchange servers” will be throttled and eventually stopped. These Exchange servers are found in on-premises or hybrid settings. They are either running out-of-date software or…
-
Cybersecurity Maturity Report demonstrates organizational unpreparedness for cyberattacks
The new Cybersecurity Maturity Report reveals cyberattacks surged by 38% in 2022 alone, resulting in significant company loss, including financial and brand damage. Meanwhile, corporate security expenses have grown dramatically as a result of the increasing sophistication of assaults and the proliferation of cybersecurity solutions on the market. How equipped are companies and countries to…
-
Microsoft provides tips on identifying Outlook zero-day exploits
Microsoft released a guide for customers with detection indicators of infiltration by exploiting a recently fixed Outlook zero-day vulnerability. This privilege escalation security gap is in the Outlook client for Windows. It is tracked as CVE-2023-23397, and it allows attackers to obtain NTLM hashes without user intervention in NTLM-relay zero-click attacks. Cybercriminals can use it…
-
Hackers use Google Chrome extensions to access your Gmail
Kimsuky used Google Chrome extensions to steal the target’s Gmail emails. Kimsuky also known as Thallium, Velvet Chollima is a North Korean threat organization. It conducts cyber-espionage against diplomats, journalists, government agencies, university academics, and politicians through spear phishing. Initially targeting South Korean targets, the threat actors gradually expanded their operations to the United States…
-
Businesses: Stop employing the worst passwords imaginable
According to the survey, many organizations are still not taking account security seriously enough. Business passwords are still being broken at an alarming rate. Moreover, many businesses continue to utilize the most readily hackable strings possible. Password management business Specops Software examined over 800 million leaked passwords in its annual Weak Password Report. It concluded…
-
Discover Dark Data Challenges in Your Business
Don’t be fooled by the name: dark data is all too transparent – to evil actors, that is. Dark data is information that a corporation retains but no longer requires. It is often surprising to see how much data is stashed away in the computer systems of companies- on laptops, file servers, and cell phones.…
-
Email security is more concerning for organizations
According to the research, all businesses are concerned about email security. According to a recent Egress research, we’re all becoming increasingly concerned about email security. Moreover, the hazards that fraudulent communications represent are also increasing. According to the cybersecurity website, 99% of cybersecurity executives are concerned if they have secure email. While the majority of them around 98%…
-
Microsoft Exchange servers are under attack for phishing via OAuth App
Attackers get access to Microsoft Exchanges Servers and use them for phishing emails. Attackers adopt various ways of getting access to the important information of users. Attack through Oauth App is one of the attempts to hijack systems to send phishing emails to the users. According to Microsoft 365 Defender team, the attackers attack those…
-
What do hackers do for more realistic phishing attacks?
Sock pockets, a new campaign by hackers. Iranian group of hackers is using phishing techniques where these hackers use multiple email accounts and personas that target into thinking people the conversation is real. Hackers send an email while CCing some other email, that is under their control, and start a fake conversation. The researchers named…