Security News

The Alaska court system said Tuesday it had restored email capabilities nearly two weeks after a cybersecurity attack. The court system, in a statement, said it doesn't know who was behind the attack, why the court system was targeted or how long it will be before services are fully back online.

Abnormal Security removed the blog post after receiving legal notice from Zix. Through their PR agency, Zix contacted us to say that the blog post was removed because they believe it contained multiple false and misleading statements, and they asked us to remove our article or issue a retraction.

A Microsoft Outlook update released today for the desktop client introduced bugs that prevent users from creating or viewing mail. In an incident status message in the Microsoft 365 Admin Center titled 'EX255650: Issue affecting viewing email content in Outlook', Microsoft states that they have identified the root cause of the issue and released a fix.

Trend Micro's hosted email security product is experiencing a global brownout. Trend's sparse notification says the company is "Aware of some email delivery delays in Hosted Email Security and Pre-filter products affecting customers in all regions. We are currently addressing the issue and hope to have it resolved as soon as possible."

Microsoft is working on addressing an Office 365 issue that has resulted in legitimate emails sent from multiple domains getting tagged as malicious and quarantined. "Users having multiple issues related to email flow, links within email messages and the Microsoft Defender portal," Microsoft says in the Microsoft 365 admin center.

Exim is a popular mail transfer agent used on Unix-like operating systems, with over 60% of the publicly reachable mail servers on the Internet running the software. A Shodan search reveals nearly four million Exim servers that are exposed online.

Microsoft detected a large-scale business email compromise campaign that targeted more than 120 organizations using typo-squatted domains registered a few days before the attacks started. BEC scammers use various tactics to compromise business email accounts, later used to redirect payments to bank accounts under their control or target employees in gift card scams.

Regardless of the anti-malware tools, firewalls, Sender Policy Framework or Domain-based Message Authentication, Reporting and Conformance solutions in place, it is clear that phishing emails are reaching individuals and organizations at an unprecedented rate, causing more consistently detrimental effects than many other security threats combined. What is the answer for businesses like FatFace or those desperate to avoid falling victim to this level of cybercrime? Bolstering email security is ultimately about striking the balance between protective technologies and sufficient staff training.

The cockup, which happened on Monday, had locals in the borough of Tower Hamlets receive emails with hundreds of addresses visible. Register reader Patrick, who was the unlucky recipient of one such message, told us: "The email I received had 400 recipients in the To: field, I assume because Outlook has a limit of 500... Just assuming that I received all the Bs and Cs - then that's ~5,000 email addresses they leaked."

Echoworx announced the introduction of biometric authentication to its Echoworx Email Encryption platform, enabling secure passwordless authentication options. By leveraging biometrics, along with their growing list of seven authentication options, Echoworx enables enterprises with the option to access encrypted communications in seconds, without the need for registration, questions or passwords.