Saturday, December 14, 2024

Email Security

Top Five Industries Most Frequently Targeted by Phishing Attacks

Researchers analyzed phishing attacks from Q3 2023 to Q3 2024 and identified the top five industries targeted by subject-customized emails, which often leverage personal information like names, emails, phone...

Beware Of Callback Phishing Attacks Google Groups That Steal Login Details

Callback phishing is a two-step attack involving phishing emails and phone calls. Victims are lured into calling a bogus number in the email, where...

Hackers Abuse HTML Smuggling Technique To Deliver Sophisticated Phishing Page

Phishing attackers employed an HTML smuggling technique to deliver a malicious payload, as the attack chain started with a phishing email mimicking an American...

Beware Of New Phishing Attack That Mimics ScreenConnect And Zoom

Zoom is a widely used videotelephony software used for virtual meetings, and its wide audience base attracts the hackers most.Cyble Research & Intelligence Labs...

Operation DevilTiger, APT Hackers 0-Day Exploitation Tactics Exposed

The APT-Q-12 group, also known as Pseudo Hunter, is a Northeast Asian threat actor linked to Darkhotel, which primarily targets East Asian countries, including...

0-Click Outlook RCE Vulnerability Triggered When Email is Clicked – Technical Analysis

NetSPI discovered that Microsoft Outlook is vulnerable to authenticated remote code execution (CVE-2024-21378) due to improper validation of synchronized form objects. By manipulating a configuration...

North Korean Kimusky Group Attacking University Professors

Kimsuky, a North Korean APT group, employs targeted phishing campaigns, leveraging DMARC exploitation to conceal social engineering, infiltrate university networks, and steal research for...

Microsoft 365 Vulnerability Let Hackers Bypass Anti-phishing Feature

A vulnerability in Microsoft 365 (formerly Office 365) has been found that allows malicious actors to bypass anti-phishing measures.One of the anti-phishing features available...

Emojis Are To Express Emotions, But CyberCriminals For Attacks

There are 3,664 emojis that can be used to express emotions, ideas, or objects in digital communication.While seemingly harmless, criminals are increasingly exploiting emojis...

New Poco RAT Weaponizing 7zip Files Using Google Drive

The hackers weaponize 7zip files to pass through security measures and deliver malware effectively.These archived files can hide malicious content, which makes it more...

New ShadowRoot Ransomware Attacking Business Via Weaponized PDF’s

X-Labs identified basic ransomware targeting Turkish businesses, delivered via PDF attachments in suspicious emails from the internetru domain. PDF links trigger exe payload downloads, which...