Security News

As TechRepublic has reported previously, business email compromise - or BEC - attacks are on the upswing, particularly as threat actors use such tactics as third-party reconnaissance to impersonate vendors. Email security firm Armorblox reported a rise in nearly all forms of email attack last year.

Phishers are targeting YouTube content creators by leveraging the service's Share Video by Email feature, which delivers the phishing email from an official YouTube email address. The email informs the targets of a new monetization policy, new rules, and prompts them to view a video.

A Russian hacking group tracked as TA473, aka 'Winter Vivern,' has been actively exploiting vulnerabilities in unpatched Zimbra endpoints since February 2023 to steal the emails of NATO officials, governments, military personnel, and diplomats. Today, Proofpoint has published a new report on how the threat actor exploits CVE-2022-27926 on Zimbra Collaboration servers to access the communications of NATO-aligned organizations and persons.

Webinar Business email compromise is possibly the worst of cybercrimes because it abuses trust. It feeds on relationships carefully nurtured over decades and erodes a confidence which is foundational to cooperation, and progress.

Microsoft aims to make it impossible for unsupported and/or unpatched on-prem Microsoft Exchange servers to use the company's Exchange Online hosted cloud service to deliver email. Blocking potentially malicious emails from reaching Exchange Online.

Microsoft is introducing a new Exchange Online security feature that will automatically start throttling and eventually block all emails sent from "Persistently vulnerable Exchange servers" 90 days after the admins are pinged to secure them.It will also be able to throttle and eventually block emails from Exchange servers that haven't been remediated before reaching Exchange Online mailboxes.

The Federal Bureau of Investigation is warning companies in the U.S. of threat actors using tactics similar to business email compromise that allow less technical actors to steal various goods from vendors. Typical business email compromise attacks focus on stealing money by tricking the victim into diverting funds to the fraudster's account.

A joint cybersecurity advisory from the German Federal Office for the Protection of the Constitution and the National Intelligence Service of the Republic of Korea warn about Kimsuky's use of Chrome extensions to steal target's Gmail emails. Kimsuky is a North Korean threat group that uses spear phishing to conduct cyber-espionage against diplomats, journalists, government agencies, university professors, and politicians.

Amid all of the buzz around ChatGPT and other artificial intelligence apps, cybercriminals have already started using AI to generate phishing emails. In the end, human-generated phishing mails caught more victims than did those created by ChatGPT. Specifically, the rate in which users fell for the human-generated messages was 4.2%, while the rate for the AI-generated ones was 2.9%. That means the human social engineers outperformed ChatGPT by around 69%. One positive outcome from the study is that security training can prove effective at thwarting phishing attacks.

An open source adversary-in-the-middle phishing kit has found a number of takers in the cybercrime world for its ability to orchestrate attacks at scale. DEV-1101, per the tech giant, is said to be the party behind several phishing kits that can be purchased or rented by other criminal actors, thereby reducing the effort and resources required to launch a phishing campaign.