Security News

Iran is responsible for emails sent to Democratic voters in multiple states aimed at intimidating the recipients into voting for President Donald Trump, U.S. officials said Wednesday night in calling out both Tehran and Russia for activities meant to interfere in the upcoming presidential election. The announcement at a rare, hastily called news conference just two weeks before the election underscored the concern within the U.S. government about efforts by foreign countries to spread false information meant to suppress voter turnout and undermine American confidence in the vote.

The US govt has stated that Iran is behind threatening emails sent to Democratic voters warning that they must vote for Trump or face consequences. Over the past two days, voters registered as Democrats in Florida and Alaska have received voter intimidation emails claiming to be from the far-right group known as the Proud Boys.

Hackers with access to the Signaling System 7 used for connecting mobile networks across the world were able to gain access to Telegram messenger and email data of high-profile individuals in the cryptocurrency business. Hackers pulling an SS7 attack can intercept text messages and calls of a legitimate recipient by updating the location of their device as if it registered to a different network.

Microsoft is top of the heap when it comes to hacker impersonations - with Microsoft products and services featuring in nearly a fifth of all global brand phishing attacks in the third quarter of this year. The top three phishing brands exploited by email phishing attacks were Microsoft, DHL and Apple; on the web, it was Microsoft, Google and PayPal; and for mobile, WhatsApp, PayPal and Facebook took the top spots.

An attack involving the Ryuk ransomware required 29 hours from an email being sent to the target to full environment compromise and the encryption of systems, according to the DFIR Report, a project that provides threat intelligence from real attacks observed by its honeypots. Over the past two years, Ryuk has been responsible for a significant number of high-profile attacks, including incidents involving Pennsylvania-based UHS and Alabama hospital chain DCH Health System.

To trick users into clicking these buttons, the malware distributors create Word and Excel documents that contain text and images stating that there is an issue displaying the document. The combination of text and images in these malicious attachments are called 'document templates.

"The ICO investigation found that the company was not involved in the business of supplying PPE, but that the director had decided to buy face masks to sell on at a profit," the data regulator said in a statement. The firm is also said to have "Deleted a database of key evidence which would have shown the full extent of the volume of emails they had sent" after ICO investigators contacted the company.

A phishing campaign pushing a network-compromising backdoor pretends to have the inside scoop on President Trump's health after being infected with COVID-19. To capitalize on this, the threat actors behind the BazarLoader trojan have started a new phishing campaign that pretends to have insider information on Trump's condition.

David Mitchell, Senior Director of Email Product Management at Sophos, shares his top tips to optimize workplace email security. Five steps to secure your organization's email.

Aussie telco Telstra has apologised after a Border Gateway Protocol routing oddity caused traffic destined for encrypted email service ProtonMail to wrongly pass through Telstra's servers. Switzerland-headquartered ProtonMail raged in a blog post that Telstra had engaged in "BGP hijacking" through what it described as "Incompetence and not malice", complaining that "Around 30 per cent of the global internet looking for us got pointed to Telstra instead".