Security News

A massive ad fraud campaign named "SubdoMailing" is using over 8,000 legitimate internet domains and 13,000 subdomains to send up to five million emails per day to generate revenue through scams and malvertising. "The campaign is called"SubdoMailing, as the threat actors hijack abandoned subdomains and domains belonging to well-known companies to send their malicious emails.

A financial services company that illegally dispatched tens of thousands of spam messages promising to help the recipients magically wipe away their debts is itself now a debtor to the UK's data regulator. Free Debt Help can consolidate your unaffordable payments, write off up to 85 percent of your total debt Check if you qualify text HELP or Stop2Stop.

Food delivery company HelloFresh is nursing a £140,000 fine by Britain's data privacy watchdog after a probe found it had dispatched upwards of a staggering 79 million spam email and one million texts in just seven months. The Information Commissioner's Office says the company claimed messages were based on an opt-in statement, yet this statement did not include any reference to the sending of marketing messages via text.

Google has officially announced it's ceasing support for Usenet groups on its Google Groups platform, a move partly attributed to the platform's increasing struggle with spam content. The upcoming changes will take effect from February 22, 2024, after which users can no longer post, subscribe, or view new Usenet content through Google Groups.

A new Python project called 'Wall of Flippers' detects Bluetooth spam attacks launched by Flipper Zero and Android devices. The ability to launch Bluetooth LE spam attacks using the Flipper Zero portable wireless pen-testing and hacking tool was first demonstrated in September 2023 by security researcher 'Techryptic.

Attackers are compromising high-privilege Microsoft accounts and abusing OAuth applications to launch a variety of financially-motivated attacks. Microsoft Threat Intelligence has observed a number of attacks that started with attackers compromising poorly secured accounts that have permissions to create, modify, and grant high privileges to OAuth applications.

Google has revealed a new multilingual text vectorizer called RETVec (short for Resilient and Efficient Text Vectorizer) to help detect potentially harmful content such as spam and malicious...

Recent Flipper Zero Bluetooth spam attacks have now been ported to an Android app, allowing a much larger number of devices to implement these annoying spam alerts. Inspired by previous research on the topic and Flipper Zero applets targeting iOS devices, and later Android and Windows, software developer Simon Dankelmann developed an Android app capable of the same Bluetooth spam.

A custom Flipper Zero firmware called 'Xtreme' has added a new feature to perform Bluetooth spam attacks on Android and Windows devices. The main idea behind the spam attack is to use Flipper Zero's wireless communication capabilities to spoof advertising packets and transmit them to devices in range of pairing and connection requests.

Microsoft has disabled a bad anti-spam rule flooding Microsoft 365 admins' inboxes with blind carbon copies of outbound emails mistakenly flagged as spam. This false positive issue affected Exchange Online users worldwide, with many reports saying that all emails sent to external addresses were being tagged as spam.