email security

CISA Warns of Roundcube Webmail Vulnerability Exploitation

CISA, CISA KEV, email security, exploited, Roundcube, Vulnerabilities /

CISA Warns of Roundcube Webmail Vulnerability Exploitation 2024-02-13 at 13:31 By Eduard Kovacs CISA has added the Roundcube flaw tracked as CVE-2023-43770 to its known exploited vulnerabilities catalog. The post CISA Warns of Roundcube Webmail Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to […]

React to this headline:

Loading spinner

CISA Warns of Roundcube Webmail Vulnerability Exploitation Read More »

Protecting against AI-enhanced email threats

Artificial Intelligence, Don't miss, email security, Hot stuff, LLMs, News, phishing, strategy, threats /

Protecting against AI-enhanced email threats 2024-02-13 at 07:31 By Helga Labus Generative AI based on large language models (LLMs) has become a valuable tool for individuals and businesses, but also cybercriminals. Its ability to process large amounts of data and quickly generate results has contributed to its widespread adoption. AI in the hands of cybercriminals

React to this headline:

Loading spinner

Protecting against AI-enhanced email threats Read More »

HPE Says Russian Government Hackers Had Access to Emails for 6 Months

APT29, Email, email security, Featured, HPE, Nation-State, Russia /

HPE Says Russian Government Hackers Had Access to Emails for 6 Months 2024-01-25 at 12:16 By Eduard Kovacs HPE told the SEC that Russian state-sponsored threat group Midnight Blizzard had access to an email system for several months. The post HPE Says Russian Government Hackers Had Access to Emails for 6 Months appeared first on

React to this headline:

Loading spinner

HPE Says Russian Government Hackers Had Access to Emails for 6 Months Read More »

Organizations need to switch gears in their approach to email security

cybersecurity, Egress, Email, email security, News, phishing, report, survey /

Organizations need to switch gears in their approach to email security 2024-01-23 at 06:02 By Help Net Security Email security risks remain high with 94% of organizations experiencing incidents in the past 12 months, according to Egress. Inbound email incidents primarily took the form of malicious URLs, attacks sent from a compromised account, and malware

React to this headline:

Loading spinner

Organizations need to switch gears in their approach to email security Read More »

Flipping the BEC funnel: Phishing in the age of GenAI

Artificial Intelligence, BEC scams, CISO, cybersecurity, Don't miss, email security, Expert analysis, Expert corner, generative AI, Hot stuff, Ironscales, News, opinion, phishing, SOC /

Flipping the BEC funnel: Phishing in the age of GenAI 2024-01-15 at 08:02 By Help Net Security For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic (and usually poorly-written) email and fire it out to thousands of recipients in the hope that a few might take the

React to this headline:

Loading spinner

Flipping the BEC funnel: Phishing in the age of GenAI Read More »

Social engineer reveals effective tricks for real-world intrusions

cybersecurity, Don't miss, email security, Features, Hot stuff, human, human error, network, News, opinion, phishing, Secure Yeti, social engineering, social media, threat /

Social engineer reveals effective tricks for real-world intrusions 2024-01-08 at 08:31 By Mirko Zorz In this Help Net Security interview, Jayson E. Street, Chief Adversarial Officer at Secure Yeti, discusses intriguing aspects of social engineering and unconventional methods for gathering target information. Street explores the overlooked threat of physical security and the human tendency to

React to this headline:

Loading spinner

Social engineer reveals effective tricks for real-world intrusions Read More »

Uncovering the hidden dangers of email-based attacks

Abnormal Security, cybersecurity, Email, email security, Inky, SafeGuard Cyber, Video /

Uncovering the hidden dangers of email-based attacks 2024-01-08 at 06:01 By Help Net Security Email-based attacks have evolved beyond traditional spam and phishing attempts. Cybercriminals now employ sophisticated tactics such as spear-phishing, whaling, and business email compromise (BEC), posing a significant threat to businesses of all sizes. Email attacks can result in financial losses, reputational

React to this headline:

Loading spinner

Uncovering the hidden dangers of email-based attacks Read More »

Mimecast Acquires User Education Startup Elevate Security 

awareness training, Elevate Security, email security, Funding/M&A, Mimecast, user education /

Mimecast Acquires User Education Startup Elevate Security  2024-01-04 at 20:17 By Ryan Naraine Elevate Security raised $18.3 million in venture capital financing and scored investments from the likes of Cisco and CrowdStrike. The post Mimecast Acquires User Education Startup Elevate Security  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Mimecast Acquires User Education Startup Elevate Security  Read More »

Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day

Barracuda, email security, Featured, Malware & Threats, Zero-Day /

Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day 2023-12-27 at 13:16 By Eduard Kovacs Chinese hackers exploited a zero-day tracked as CVE-2023-7102 to deliver malware to Barracuda Email Security Gateway (ESG) appliances. The post Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day Read More »

SMTP Smuggling Allows Spoofed Emails to Bypass Authentication Protocols

Email, email authentication, email security, SMTP, spoofing /

SMTP Smuggling Allows Spoofed Emails to Bypass Authentication Protocols 18/12/2023 at 17:16 By Eduard Kovacs A new attack technique named SMTP Smuggling can allow malicious actors to send out spoofed emails that bypass authentication mechanisms. The post SMTP Smuggling Allows Spoofed Emails to Bypass Authentication Protocols appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

SMTP Smuggling Allows Spoofed Emails to Bypass Authentication Protocols Read More »

CISA Issues Warning for Russian ‘Star Blizzard’ APT Spear-Phishing Operation

CISA, Cyberwarfare, email security, Microsoft, Nation-State, Russia, Star Blizzard, Threat Intelligence /

CISA Issues Warning for Russian ‘Star Blizzard’ APT Spear-Phishing Operation 08/12/2023 at 00:48 By Ryan Naraine The US cybersecurity agency calls attention to a Russian APT targeting academia, defense, governmental organizations, NGOs and think-tanks. The post CISA Issues Warning for Russian ‘Star Blizzard’ APT Spear-Phishing Operation appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

CISA Issues Warning for Russian ‘Star Blizzard’ APT Spear-Phishing Operation Read More »

Google’s RETVec Open Source Text Vectorizer Bolsters Malicious Email Detection

email security /

Google’s RETVec Open Source Text Vectorizer Bolsters Malicious Email Detection 30/11/2023 at 14:16 By Eduard Kovacs Google shows how RETVec, a new and open source text vectorizer, can improve the detection of phishing attacks, spam and other harmful content. The post Google’s RETVec Open Source Text Vectorizer Bolsters Malicious Email Detection appeared first on SecurityWeek.

React to this headline:

Loading spinner

Google’s RETVec Open Source Text Vectorizer Bolsters Malicious Email Detection Read More »

Google Will Start Deleting ‘Inactive’ Accounts in December. Here’s What You Need to Know

Data Protection, email security, Google /

Google Will Start Deleting ‘Inactive’ Accounts in December. Here’s What You Need to Know 29/11/2023 at 15:02 By Associated Press The easiest way to keep your Google account active (and thus prevent it from being deleted) is to sign in at least once every two years. The post Google Will Start Deleting ‘Inactive’ Accounts in

React to this headline:

Loading spinner

Google Will Start Deleting ‘Inactive’ Accounts in December. Here’s What You Need to Know Read More »

Zimbra Zero-Day Exploited to Hack Government Emails

email security, exploited, Featured, Government, Malware & Threats, Zimbra /

Zimbra Zero-Day Exploited to Hack Government Emails 16/11/2023 at 19:46 By Eduard Kovacs Google says a Zimbra zero-day from earlier this year, CVE-2023-37580, was exploited in several campaigns to hack government emails. The post Zimbra Zero-Day Exploited to Hack Government Emails appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Zimbra Zero-Day Exploited to Hack Government Emails Read More »

How cybercriminals adapt and thrive amidst changing consumer trends

cybercriminals, cybersecurity, Don't miss, email security, Hot stuff, threat, Video, VIPRE Security /

How cybercriminals adapt and thrive amidst changing consumer trends 03/11/2023 at 08:36 By Help Net Security The email threat landscape is experiencing a profound transformation, adapting to new challenges and exploiting emerging vulnerabilities with speed and sophistication. In this Help Net Security video, Usman Choudhary, CPTO at VIPRE Security Group, discusses how cybercriminals modify their

React to this headline:

Loading spinner

How cybercriminals adapt and thrive amidst changing consumer trends Read More »

Proofpoint to Acquire Tessian for AI-Powered Email Security Tech

Armorblox, cloud security, Compliance, email security, Funding/M&A, M&A Tracker, M365, Material Security, Proofpoint, Tessian /

Proofpoint to Acquire Tessian for AI-Powered Email Security Tech 30/10/2023 at 18:46 By Ryan Naraine Proofpoint removes a formidable competitor from the crowded email security market and adds technology to address risk from misdirected emails. The post Proofpoint to Acquire Tessian for AI-Powered Email Security Tech appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Proofpoint to Acquire Tessian for AI-Powered Email Security Tech Read More »

Security leaders have good reasons to fear AI-generated attacks

Abnormal Security, Artificial Intelligence, cybersecurity, Email, email security, generative AI, Industry news, report, survey /

Security leaders have good reasons to fear AI-generated attacks 25/10/2023 at 06:33 By Help Net Security Generative AI is likely behind the increases in both the volume and sophistication of email attacks that organizations have experienced in the past few months, and it’s still early days, according to Abnormal Security. Their leading worry is the

React to this headline:

Loading spinner

Security leaders have good reasons to fear AI-generated attacks Read More »

LinkedIn Smart Links Abused in Phishing Campaign Targeting Microsoft Accounts

email security, phishing /

LinkedIn Smart Links Abused in Phishing Campaign Targeting Microsoft Accounts 12/10/2023 at 16:31 By Ionut Arghire A recently observed phishing campaign targeting Microsoft accounts is using LinkedIn smart links to bypass defenses. The post LinkedIn Smart Links Abused in Phishing Campaign Targeting Microsoft Accounts appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

LinkedIn Smart Links Abused in Phishing Campaign Targeting Microsoft Accounts Read More »

Google, Yahoo Boosting Email Spam Protections

Email, email security, Google, spam, Yahoo /

Google, Yahoo Boosting Email Spam Protections 04/10/2023 at 16:16 By Ionut Arghire Google and Yahoo are introducing new requirements for bulk senders, to improve phishing and spam protections. The post Google, Yahoo Boosting Email Spam Protections appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Google, Yahoo Boosting Email Spam Protections Read More »

Critical zero-days in Exim revealed, only 3 have been fixed

0-day, Don't miss, email security, Exim, Hot stuff, Linux, News, security update, Trend Micro, vulnerability disclosure, WatchTowr /

Critical zero-days in Exim revealed, only 3 have been fixed 02/10/2023 at 17:03 By Zeljka Zorz Six zero-days in Exim, the most widely used mail transfer agent (MTA), have been revealed by Trend Micro’s Zero Day Initiative (ZDI) last Wednesday. Due to what seems to be insufficient information and poor communication, fixes for only three

React to this headline:

Loading spinner

Critical zero-days in Exim revealed, only 3 have been fixed Read More »

Scroll to Top