Security News

CISA: Roundcube email server bug now exploited in attacks
2024-02-12 19:03

CISA warns that a Roundcube email server vulnerability patched in September is now actively exploited in cross-site scripting attacks. The security flaw is a persistent cross-site scripting bug that lets attackers access restricted information via plain/text messages maliciously crafted links in low-complexity attacks requiring user interaction.

Crime gang targeted jobseekers across Asia, looted two million email addresses
2024-02-09 04:03

Singapore-based infosec firm Group-IB has detected a group that spent the last two months of 2023 stealing personal info from websites operated by jobs boards and retailers websites across Asia. The actors, dubbed "ResumeLooters" by Group-IB, used SQL injection and Cross-Site Scripting attacks to steal databases from the sites.

Microsoft fixes connection issue affecting Outlook email apps
2024-02-01 19:53

Microsoft has fixed a known issue causing desktop and mobile email clients to fail to connect when using Outlook.com accounts. "For Outlook 2013 and Outlook 2016, if you are still seeing authentication prompts, please ensure you've enabled two step verification and create an app password. Use the app password in place of your normal password when Outlook prompts for authentication."

Microsoft sheds some light on Russian email heist – and how to learn from Redmond's mistakes
2024-01-27 00:32

Microsoft, a week after disclosing that Kremlin-backed spies broke into its network and stole internal emails and files from its executives and staff, has now confirmed the compromised corporate account used in the genesis of the heist didn't even have multi-factor authentication enabled. On Thursday, Redmond admitted Midnight Blizzard - a Moscow-supported espionage team also known as APT29 or Cozy Bear - "Utilized password spray attacks that successfully compromised a legacy, non-production test tenant account that did not have multifactor authentication enabled."

Microsoft Says State-Sponsored Attackers Accessed Senior Leaders’ Emails
2024-01-25 16:58

Microsoft disclosed on Jan. 19 that a nation-state backed attack occurred beginning in November 2023 in which the Russian state-sponsored threat actor group Midnight Blizzard accessed some Microsoft corporate emails and documents through compromised email accounts. The attackers gained access in November 2023 using a legacy test tenant account.

HPE joins the 'our executive email was hacked by Russia' club
2024-01-25 02:02

HPE has become the latest tech giant to admit it has been compromised by Russian operatives. HPE "Immediately activated our response process to investigate, contain, and remediate the incident, eradicating the activity."

HPE: Russian hackers breached its security team’s email accounts
2024-01-24 21:50

Hewlett Packard Enterprise disclosed today that suspected Russian hackers known as Midnight Blizzard gained access to the company's Microsoft Office 365 email environment to steal data from its cybersecurity team and other departments. In a new Form 8-K SEC filing, HPE says they were notified on December 12th that the suspected Russian hackers breached their cloud-based email environment in May 2023.

What Microsoft's latest email breach says about this IT security heavyweight
2024-01-24 11:02

Microsoft declined to answer The Register's questions about the digital heist, or its security in general. This marks the second time since 2020 the same gang of Kremlin-backed cyber spies - whom Microsoft now calls Midnight Blizzard, used to track as Nobelium, and most call Cozy Bear - has invaded Microsoft.

Trello API abused to link email addresses to 15 million accounts
2024-01-23 21:31

An exposed Trello API allows linking private email addresses with Trello accounts, enabling the creation of millions of data profiles containing both public and private information. In a conversation with emo, BleepingComputer learned that a publicly exposed API was used to associate email addresses with public Trello profiles.

Organizations need to switch gears in their approach to email security
2024-01-23 04:00

Email security risks remain high with 94% of organizations experiencing incidents in the past 12 months, according to Egress. The impact of an email security incident can be severe for employees and their organizations.