Security News
Our tale, from a reader Regomised as "Ali", takes place nearly 20 years ago, when he was in his first job in IT. His career, in a manner familiar to many, began on the helpdesk. Ali's helpdesk tickets up until this point had mainly consisted of users not knowing how to use the service: "Like how do I get my email, why can't I edit my site, what do you mean I need to own a computer to work on a website - I just bought a modem!".
Secure email gateway protections aren't necessarily enough to stop phishing emails from delivering ransomware to employees, especially if the cybercrooks are using legitimate cloud services to host malicious pages. Researchers are raising the alarm over a phishing email kicking off a Halloween-themed MICROP ransomware offensive, which they observed making its way to a target's inbox despite its being secured by an SEG. Infection Routine.
The U.S. Department of State is offering a $10 million reward for information about the activities of two Iranian nationals charged for cyber activity intended to "Intimidate and influence" American voters during the 2020 U.S. presidential campaign. An indictment unsealed today by the Department of Justice alleges that between September and November 2020, 24-year old Seyyed Mohammad Hosein Musa Kazemi and 27-year old Sajjad Kashian obtained information of more than 100,000 U.S. voters and used it "Sow discord among Americans."
Vinny Troia, the cybersecurity researcher mentioned in a fake alert gushed out of the FBI's email system, says it's just one of a string of jabs from a childish but cybercriminally talented tormentor. Vinny Troia, the cybersecurity researcher mentioned in a fake alert gushed out to thousands of people from the FBI's own email system on Friday night, has fingered the guy who allegedly pulled off the exploit.
On Saturday, spam tracker Spamhaus tweeted that it had learned of "Scary" emails being sent purportedly from the FBI and Department of Homeland Security. Though the emails were sent from a portal owned by the FBI and DHS, Spamhaus said that the messages themselves were fake.
Extending encryption to your email system, and the precious documents and info it holds, should be a no-brainer. Any email security effort will come up against a range of blockers, from access concerns, compliance issues, and the challenges of maintaining a joyful user experience, across multiple devices.
The Spamhaus Project, a European nonprofit that monitors email spam, detected the exploit and tweeted about it early Saturday morning, saying that "We have been made aware of 'scary' emails sent in the last few hours that purport to come from the FBI/DHS. While the emails are indeed being sent from infrastructure that is owned by the FBI/DHS, our research shows that these emails *are* fake." "Hi its pompompurin. Check headers of this email it's actually coming from FBI server. I am contacting you today because we located a botnet being hosted on your forehead, please take immediate action thanks."
The data for approximately 7 million Robinhood customers stolen in a recent data breach are being sold on a popular hacking forum and marketplace. Last week, Robinhood disclosed a data breach after one of its employees was hacked, and the threat actor used their account to access the information for approximately 7 million users through customer support systems.
The U.S. Federal Bureau of Investigation on Saturday confirmed unidentified threat actors have breached one of its email servers to blast hoax messages about a fake "Sophisticated chain attack." "Vinny Troia wrote a book revealing information about hacking group TheDarkOverlord. Shortly after, someone began erasing ElasticSearch clusters leaving behind his name. Later his Twitter was hacked, then his website. Now a hacked FBI email server is sending this," Hutchins tweeted.
Well-known email tracking organisation Spamhaus, which maintains lists of known senders of spams and scams, is warning of a fraudulent "FBI/Homeland Security" alert that has apparently been widely circulated to network administrators and other IT staff in North America. Urgent: Threat actor in systems Our intelligence monitoring indicates exfiltration of several of your virtualized clusters in a sophisticated chain attack.