Security News
In an Internet-wide scan conducted during the study, 320,000 email servers were found vulnerable to what's called a command injection attack. The attacks require that the malicious party can tamper connections established between an email client and the email server of a provider and has login credentials for their own account on the same server.
In an Internet-wide scan conducted during the study, 320,000 email servers were found vulnerable to what's called a command injection attack. The attacks require that the malicious party can tamper connections established between an email client and the email server of a provider and has login credentials for their own account on the same server.
The Lithuanian Ministry of Foreign Affairs has declined to comment about the authenticity of email files allegedly stolen from its network and offered for sale on a data-trading forum. According to the seller, the cache contains 102 PST files converted from OST data and is around 300GB large.
Customers who signed up for emails from fast-food chain Chipotle Mexican Grill were recently faced with bigger challenges than queso versus sour cream. The Inky report, posted Friday, found 121 phishing emails sent from the compromised Chipotle Mailgun account sent between July 13 and July 16.
All the malicious emails were sent via the Constant Contact mailing service using the compromised account of the United States Agency for International Development. "Analysis of the email headers revealed that the messages originated from Mailgun servers and passed email authentication for chipotle[.]com," says Inky.
The US Department of Justice says that the Microsoft Office 365 email accounts of employees at 27 US Attorneys' offices were breached by the Russian Foreign Intelligence Service during the SolarWinds global hacking spree. Even though other districts were also affected by the attacks to a lesser degree, the Russian SVR state hackers managed to breach the O365 email accounts of at least 80 percent of employees from US Attorneys' offices located in the Eastern, Northern, Southern, and Western Districts of New York.
A 21-year-old Rhode Island woman has pleaded guilty to targeting candidates for political office and their campaign staff with phishing emails. The woman, Diana Lebeau, of Cranston, R.I., admitted in court to sending phishing emails to roughly 22 members of the campaign staff of a political candidate, posing as the campaign's managers or co-chairs.
Chipotle.com, the deception would be evident upon examining the raw email header data. "It is important that recipients notice the discrepancy between a sender's display name and its actual email address," wrote Bukar Alibe, cyber security analyst at INKY, in a blog post provided to The Register.
Hackers have compromised an email marketing account belonging to the Chipotle food chain and used it to send out phishing emails, luring recipients to malicious links. The campaign sent out in three days at least 120 malicious emails from a hacked Mailgun account used by Chipotle for email marketing purposes.
Pathwire released the results of its Data Compliance Survey, a survey of 1,000 IT and marketing decision-makers across the globe on the most common data privacy and compliance trends and challenges. The majority of survey respondents were based in EMEA and North America, which indicates that almost all organizations represented in the study would fall, General Data Protection Regulation, CAN-SPAM Act and/or the California Consumer Protection Act.