Security News
Kosi Goodness Simon-Ebo, a 29-year-old Nigerian national extradited from Canada to the United States last April, pleaded guilty to wire fraud and money laundering through business email compromise. According to the plea agreement, the scammers had a high success ratio of roughly 1 to 7, making one million out of the almost seven million they attempted to steal.
Sending an email with a forged address is easier than previously thought, due to flaws in the process that allows email forwarding, according to a research team led by computer scientists at the University of California San Diego. It's called forwarding-based spoofing, and researchers found that they can send email messages impersonating these organizations, bypassing the safeguards deployed by email providers such as Gmail and Outlook.
Mistakes were made, lessons learned, stuff now fixed, says Windows maker Remember that internal super-secret Microsoft security key that China stole and used to break into US government email...
Protect Your Email With This Top-Rated Tool - Just $40 for Labor Day Mail Backup X is one of the top-rated tools on the market for backing up and archiving your emails. It's so crucial that losing access to your email or mistakenly deleting certain email messages could become a serious headache in your life.
Suspected Chinese hackers disproportionately targeted and breached government and government-linked organizations worldwide in recent attacks targeting a Barracuda Email Security Gateway zero-day, with a focus on entities across the Americas. Barracuda warned customers that the vulnerability was being exploited to breach ESG appliances on May 20, when it also patched all vulnerable devices remotely.
The U.S. Federal Bureau of Investigation is warning that Barracuda Networks Email Security Gateway appliances patched against a recently disclosed critical flaw continue to be at risk of potential compromise from suspected Chinese hacking groups. It also deemed the fixes as "Ineffective" and that it "Continues to observe active intrusions and considers all affected Barracuda ESG appliances to be compromised and vulnerable to this exploit."
The FBI has warned owners of Barracuda Email Security Gateway appliances the devices are likely undergoing attack by snoops linked to China, and removing the machines from service remains the safest course of action. On Wednesday, the FBI pushed that recommendation in a flash alert [PDF] that stated it "Strongly advises all affected ESG appliances be isolated and replaced immediately."
Cybercriminals employ artificial intelligence to create complex email threats like phishing and business email compromise attacks, while modern email security systems use AI to counter these attacks, according to Perception Point and Osterman Research. Cybercriminals have shown rapid adoption of AI tools to their favor with 91.1% of organizations reporting that they have already encountered email attacks that have been enhanced by AI, and 84.3% expecting that AI will continue to be utilized to circumvent existing security systems.
Experian has agreed to cough up $650,000 after being accused of spamming people with no opt-out button. According to the Feds [PDF], California-based Experian Consumer Services, also known as ConsumerInfo.com, spammed folks with marketing offers after they signed up for free accounts to limit third-party access to their credit reports.
To counteract new and emerging threat methods enhanced by artificial intelligence, specialized email security vendors are leveraging a synergy of AI and human insights to enhance email security, according to IRONSCALES and Osterman Research. Over 74% of respondents have experienced an increase in the use of AI by cybercriminals in the past six months, and over 85% believe that AI will be used to circumvent their existing email security technologies.