email security

Hooked by the Call: A Deep Dive into The Tricks Used in Callback Phishing Emails

email security, Emerging Threats, Vulnerabilities /

Hooked by the Call: A Deep Dive into The Tricks Used in Callback Phishing Emails 2024-10-21 at 17:33 By Katrina Udquin Introduction Previously, Trustwave SpiderLabs covered a massive fake order spam scheme that impersonated a tech support company and propagated via Google Groups. Since then, we have observed more spam campaigns using this hybrid form of cyberattack […]

React to this headline:

Loading spinner

Hooked by the Call: A Deep Dive into The Tricks Used in Callback Phishing Emails Read More »

Combating Misinformation and Cyber Threats to Secure the 2024 US Election

Artificial Intelligence, email security, Emerging Threats, Government, Vulnerabilities /

Combating Misinformation and Cyber Threats to Secure the 2024 US Election 2024-10-15 at 16:01 By Karl Sigler As we near the 2024 election, safeguarding the integrity of our democratic process is of paramount importance. This article is an excerpt from Trustwave Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Combating Misinformation and Cyber Threats to Secure the 2024 US Election Read More »

Strengthening Email Security: DOJ Disrupts Russian Spear-Phishing Campaign

email security, Emerging Threats, Government, Microsoft Security, Vulnerabilities /

Strengthening Email Security: DOJ Disrupts Russian Spear-Phishing Campaign 2024-10-09 at 16:02 By The need for an iron-clad email security solution is once again making headlines. This article is an excerpt from Trustwave Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Strengthening Email Security: DOJ Disrupts Russian Spear-Phishing Campaign Read More »

Protecting the US Election by Adopting Basic Cybersecurity Protocols

database security, email security, Government /

Protecting the US Election by Adopting Basic Cybersecurity Protocols 2024-10-04 at 18:31 By In a joint advisory issued on September 18, the Office of the Director of National Intelligence (ODNI), the Federal Bureau of Investigation (FBI), and the Cybersecurity and Infrastructure Security Agency (CISA) reported that Iranian actors have increased their activity attempting to influence the 2024

React to this headline:

Loading spinner

Protecting the US Election by Adopting Basic Cybersecurity Protocols Read More »

Critical Zimbra Vulnerability Exploited One Day After PoC Release

Email, email security, exploited, Vulnerabilities, Zimbra /

Critical Zimbra Vulnerability Exploited One Day After PoC Release 2024-10-02 at 13:31 By Ionut Arghire A critical-severity vulnerability in Zimbra has been exploited in the wild to deploy a web shell on vulnerable servers. The post Critical Zimbra Vulnerability Exploited One Day After PoC Release appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Critical Zimbra Vulnerability Exploited One Day After PoC Release Read More »

Trustwave Adds a Twist to Cybersecurity Awareness Month: More Security!

Compliance, email security, Managed Detection and Response, Tips & Tricks /

Trustwave Adds a Twist to Cybersecurity Awareness Month: More Security! 2024-09-30 at 16:01 By October 1 marks the start of Cybersecurity Awareness Month and traditionally Trustwave has discussed the general security concepts highlighted by the Cybersecurity and Infrastructure Security Agency (CISA), and National Cybersecurity Alliance (NCSA). However, this year Trustwave will take a slightly different approach. In the same

React to this headline:

Loading spinner

Trustwave Adds a Twist to Cybersecurity Awareness Month: More Security! Read More »

2024 Election Threats: Misinformation, Deepfakes, and Cybersecurity

Application Security, email security, Government, Threat Intelligence /

2024 Election Threats: Misinformation, Deepfakes, and Cybersecurity 2024-09-27 at 16:01 By Karl Sigler As the intensity of a critical election year builds, the greatest threat isn’t necessarily the security of ballot machines. Instead, it lies in misinformation, amplified by social media, biased algorithms, and the spread of fake news. During the 2020 U.S. presidential election,

React to this headline:

Loading spinner

2024 Election Threats: Misinformation, Deepfakes, and Cybersecurity Read More »

Shedding Light on Election Deepfakes

Artificial Intelligence, email security, Government, Threat Intelligence /

Shedding Light on Election Deepfakes 2024-09-25 at 16:01 By Pauline Bolaños Contrary to popular belief, deepfakes — AI-crafted audio files, images, or videos that depict events and statements that never occurred; a portmanteau of “deep learning” and “fake” — are not all intrinsically malicious.  This article is an excerpt from SpiderLabs Blog View Original Source React to

React to this headline:

Loading spinner

Shedding Light on Election Deepfakes Read More »

HTML Smuggling: How Blob URLs are Abused to Deliver Phishing Content

data breach, email security, Emerging Threats, Security Research, Threat Intelligence, Vulnerabilities /

HTML Smuggling: How Blob URLs are Abused to Deliver Phishing Content 2024-09-24 at 16:01 By Mike Casayuran HTML smuggling techniques have been around for quite some time. A previous Trustwave SpiderLabs’ blog discussed its use in distributing malware by storing binaries in immutable blob data within JavaScript code that gets decoded on the client-side browser, eventually delivering

React to this headline:

Loading spinner

HTML Smuggling: How Blob URLs are Abused to Deliver Phishing Content Read More »

Why Do Criminals Love Phishing-as-a-Service Platforms?

data breach, email security, Emerging Threats, Managed Detection and Response, Managed Security Services, Threat Intelligence /

Why Do Criminals Love Phishing-as-a-Service Platforms? 2024-09-23 at 13:01 By Rodel Mendrez Phishing-as-a-Service (PaaS) platforms have become the go-to tool for cybercriminals, to launch sophisticated phishing campaigns targeting the general public and businesses, especially in the financial services sector. This article is an excerpt from SpiderLabs Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Why Do Criminals Love Phishing-as-a-Service Platforms? Read More »

ALPHV BlackCat Ransomware: A Technical Deep Dive and Mitigation Strategies

email security, Emerging Threats, Managed Detection and Response, Security Research, Threat Intelligence, Vulnerabilities /

ALPHV BlackCat Ransomware: A Technical Deep Dive and Mitigation Strategies 2024-09-17 at 16:01 By ALPHV, also known as BlackCat or Noberus, is a sophisticated ransomware group targeting critical infrastructure and various organizations, including being the most active group used to attack the financial services sector. This article is an excerpt from Trustwave Blog View Original

React to this headline:

Loading spinner

ALPHV BlackCat Ransomware: A Technical Deep Dive and Mitigation Strategies Read More »

Spam With A Political Twist: Fraudsters Are Exploiting The Election Season

email security, Emerging Threats, Government, Security Research, Threat Intelligence, Vulnerabilities /

Spam With A Political Twist: Fraudsters Are Exploiting The Election Season 2024-09-17 at 16:01 By The US election is less than 70 days away and threat actors are busy crafting malicious spam that uses candidate names and political themes as social engineering tools to convince recipients to open their emails. This article is an excerpt

React to this headline:

Loading spinner

Spam With A Political Twist: Fraudsters Are Exploiting The Election Season Read More »

EasyDMARC Lands $20M for Email Security Authentication Tech

DMARC, EasyDMARC, email authentication, email security, Radian Capital /

EasyDMARC Lands $20M for Email Security Authentication Tech 2024-09-16 at 18:46 By Ryan Naraine EasyDMARC lands venture capital funding after finding traction in the email security and authentication business. The post EasyDMARC Lands $20M for Email Security Authentication Tech appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

EasyDMARC Lands $20M for Email Security Authentication Tech Read More »

Transforming IT Security with Microsoft Defender Suite

email security, Managed Detection and Response, Microsoft Security, SIEM/SOC /

Transforming IT Security with Microsoft Defender Suite 2024-09-16 at 16:04 By IT teams are the unsung heroes of today’s fast-paced digital world, tirelessly toiling behind the scenes to keep data safe and systems running smoothly. One tool that’s presented a major shift for many IT departments is the Microsoft Defender Suite. Let’s explore how this powerful

React to this headline:

Loading spinner

Transforming IT Security with Microsoft Defender Suite Read More »

How Phishing-as-a-Service Exposes Financial Services to Extensive Threats

data breach, email security, Reports, Security Research, Threat Intelligence, Vulnerabilities /

How Phishing-as-a-Service Exposes Financial Services to Extensive Threats 2024-09-12 at 16:01 By Phishing remains the favored and most successful method of obtaining an initial foothold in a targeted organization. So it should come as no surprise that threat actors have developed turnkey solutions that enable even low-skilled hackers to conduct successful email attacks. This article

React to this headline:

Loading spinner

How Phishing-as-a-Service Exposes Financial Services to Extensive Threats Read More »

Trustwave Data Reveals HTML Attachments, QR Codes, and BEC as Top Email Attack Vectors

Database Protection, email security, Emerging Threats, Reports, Threat Intelligence /

Trustwave Data Reveals HTML Attachments, QR Codes, and BEC as Top Email Attack Vectors 2024-08-26 at 16:01 By The Trustwave SpiderLabs team regularly collects a trove of data while protecting clients from email-based attacks. HTML attachments, malicious QR codes, and business email compromise (BEC) are the favored attack methods. This article is an excerpt from Trustwave Blog

React to this headline:

Loading spinner

Trustwave Data Reveals HTML Attachments, QR Codes, and BEC as Top Email Attack Vectors Read More »

The Power of Multifactor Authentication and a Strong Security Culture

Database Protection, DFIR, email security, Perspectives, Vulnerabilities /

The Power of Multifactor Authentication and a Strong Security Culture 2024-08-22 at 16:01 By The business mantra “employees are our number one asset” is true for many reasons. Including helping protect an organization from cyber threats. This article is an excerpt from Trustwave Blog View Original Source React to this headline:

React to this headline:

Loading spinner

The Power of Multifactor Authentication and a Strong Security Culture Read More »

Unlocking the Front Door: Phishing Emails Remain a Top Cyber Threat Despite MFA

Email, email security, phishing, Threat Intelligence /

Unlocking the Front Door: Phishing Emails Remain a Top Cyber Threat Despite MFA 2024-08-14 at 18:16 By Kevin Townsend SecurityWeek spoke with Mike Britton, CISO at Abnormal Security, to understand what the company has learned about current social engineering and phishing attacks. The post Unlocking the Front Door: Phishing Emails Remain a Top Cyber Threat

React to this headline:

Loading spinner

Unlocking the Front Door: Phishing Emails Remain a Top Cyber Threat Despite MFA Read More »

Microsoft 365 anti-phishing alert “erased” with one simple trick

Certitude, Don't miss, email security, Microsoft 365, News, Outlook, phishing /

Microsoft 365 anti-phishing alert “erased” with one simple trick 2024-08-08 at 16:01 By Zeljka Zorz Attackers looking for a way into organizations using Microsoft 365 can make an alert identifying unsolicited (and thus potential phishing) emails “disappear”. “When an Outlook user receives an e-mail from an address they don’t typically communicate with, Outlook shows an

React to this headline:

Loading spinner

Microsoft 365 anti-phishing alert “erased” with one simple trick Read More »

Roundcube flaws allow easy email account compromise (CVE-2024-42009, CVE-2024-42008)

CVE, Don't miss, email security, Hot stuff, News, Roundcube, security update, SonarSource, vulnerability /

Roundcube flaws allow easy email account compromise (CVE-2024-42009, CVE-2024-42008) 2024-08-07 at 12:01 By Zeljka Zorz Two cross-site scripting vulnerabilities (CVE-2024-42009, CVE-2024-42008) affecting Roundcube could be exploited by attackers to steal users’ emails and contacts, email password, and send emails from their account. About the vulnerabilities Roundcube is an open-source webmail software solution popular with European

React to this headline:

Loading spinner

Roundcube flaws allow easy email account compromise (CVE-2024-42009, CVE-2024-42008) Read More »

Scroll to Top