Security News

A newly discovered and uncommonly stealthy Advanced Persistent Threat group is breaching corporate networks to steal Exchange emails from employees involved in corporate transactions such as mergers and acquisitions. Mandiant researchers, who discovered the threat actor and now track it as UNC3524, say the group has demonstrated its "Advanced" capabilities as it maintained access to its victims' environments for more than 18 months.

A newly discovered and uncommonly stealthy Advanced Persistent Threat group is breaching corporate networks to steal Exchange emails from employees involved in corporate transactions such as mergers and acquisitions. "Once UNC3524 successfully obtained privileged credentials to the victim's mail environment, they began making Exchange Web Services API requests to either the on-premises Microsoft Exchange or Microsoft 365 Exchange Online environment," Mandiant said.

Security analysts have uncovered a recent phishing campaign from Russian hackers known as APT29 targeting diplomats and government entities. In a new campaign spotted by threat analysts at Mandiant, APT29 is targeting diplomats and various government agencies through multiple phishing campaigns.

Although it had previously been foiled by a global law enforcement effort, it looks like Emotet malware has returned behind a new campaign. New findings from cybersecurity company Check Point show that Emotet has reemerged since November 2021 as the most prevalent form of malware through an aggressive email drive using Easter themed phishing scams to distribute the botnet.

Echoworx's release of a commissioned study conducted on their behalf by Forrester Consulting reveals the evolution of email security strategies and the importance of user experience. Echoworx provides email encryption solutions that are smarter and more adaptive.

An unpatched high-severity security flaw has been disclosed in the open-source RainLoop web-based email client that could be weaponized to siphon emails from victims' inboxes. "The code vulnerability can be easily exploited by an attacker by sending a malicious email to a victim that uses RainLoop as a mail client," SonarSource security researcher Simon Scannell said in a report published this week.

On overwhelming number of security teams believe their email security systems to be ineffective against the most serious inbound threats, including ransomware. "Security team managers are most concerned that current email security solutions do not block serious inbound threats, which requires time for response and remediation by the security team before dangerous threats are triggered by users," according to the report, released Wednesday.

This WordPress plugin protects the emails displayed on your website We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. You can still display email addresses according to custom preferences, with control over fonts, colors and more, but you'll ensure that criminal data mining misses those emails when trawling the web.

A new WhatsApp phishing campaign impersonating WhatsApp's voice message feature has been discovered, attempting to spread information-stealing malware to at least 27,655 email addresses. Information-stealing malware is aggressively distributed today via various means, with phishing remaining a primary channel for threat actors.

Email marketing service Mailchimp on Monday revealed a data breach that resulted in the compromise of an internal tool to gain unauthorized access to customer accounts and stage phishing attacks. Although Mailchimp stated it acted quickly to terminate access to the breached employee account, the siphoned credentials were used to access 319 MailChimp accounts and further export the mailing lists pertaining to 102 accounts.