Tag: spam
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 35
by
in SecurityNewsSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. DragonForce Ransomware Group is Targeting Saudi Arabia Massive Botnet Targets M365 with Stealthy Password Spraying Attacks Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab ACRStealer Infostealer Exploiting Google Docs as C2 #StopRansomware: Ghost (Cring) Ransomware…
-
Phishing-Alarm: ADAC, DocuSign, Angriffe auf Paypal und Microsoft 365-Konten
by
in SecurityNewsDie Tage sind mir wieder eine Reihe Phishing-Mails oder Meldungen zu Phishing untergekommen. So wird mein Postfach von DocuSign-Phishing-Mails von Amazons E-Mail-Dienst geflutet, weil 1&1 das im SPAM-Filter nicht erkennt. Auch eine ADAC-SPAM-Nachricht kam durch. Weiterhin sollten Paypal- und Microsoft … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/01/phishing-alarm-amazon-docusign-paypal-und-co/
-
Over 350 High-Profile Websites Hit by 360XSS Attack
by
in SecurityNews360XSS campaign exploits Krpano XSS to hijack search results & distribute spam ads on 350+ sites, including government,… First seen on hackread.com Jump to article: hackread.com/over-350-high-profile-websites-hit-by-360xss-attack/
-
Hackers Evade Outlook Spam Filters to Deliver Malicious ISO Files
A newly discovered technique allows threat actors to circumvent Microsoft Outlook’s spam filters to deliver malicious ISO files, exposing organizations to sophisticated phishing campaigns. The bypass leverages hyperlink obfuscation to disguise malicious links as benign URLs, enabling attackers to distribute malware-laden disk image files directly to victims’ inboxes. As per a report by Afine, Security…
-
DOGE’s HR email is getting the ‘Bee Movie’ spam treatment
by
in SecurityNewsOver the weekend, Elon Musk surveyed his followers on X, the platform he spent $44 billion to buy, asking whether federal employees should be required to send his team an email with a list of five things they accomplished this week. With the yes votes totaling over 70%, Musk followed through. Federal employees […] First…
-
Codeberg: Spam- und DoS-Angriffe auf nichtkommerzielle Entwicklungsplattform
by
in SecurityNewsMassenhafte Spam-Nachrichten, überlaufende E-Mail-Postfächer und verstopfte Internetleitungen: Anonyme Attacken plagen die gemeinnützige Github-Alternative. First seen on heise.de Jump to article: www.heise.de/news/Codeberg-Spam-und-DoS-Angriffe-auf-nichtkommerzielle-Entwicklungsplattform-10281324.html
-
Cyberangriff auf Stadt Brandenburg (12. Feb. 2025)?
by
in SecurityNewsKurze Meldung in Sachen Cybersicherheit. Die Stadt Brandenburg ist wohl am am gestrigen Nachmittag, den 12. Februar 2025, das Opfer eines SPAM- oder Cyberangriffs geworden. Inzwischen schlagen SPAM-Mitteilungen mit einer angeblichen Information des Amt für Soziales und Jugend bei E-Mail-Empfängern … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/02/13/cyberangriff-auf-stadt-brandenburg-12-feb-2025/
-
Google Confirms Android SafetyCore Enables AI-Powered On-Device Content Classification
by
in SecurityNewsGoogle has stepped in to clarify that a newly introduced Android System SafetyCore app does not perform any client-side scanning of content.”Android provides many on-device protections that safeguard users against threats like malware, messaging spam and abuse protections, and phone scam protections, while preserving user privacy and keeping users in control of their data,” a…
-
Top 5 ways attackers use generative AI to exploit your systems
by
in SecurityNews
Tags: access, ai, attack, authentication, awareness, banking, captcha, chatgpt, china, control, cyber, cybercrime, cybersecurity, defense, detection, exploit, extortion, finance, flaw, fraud, group, hacker, intelligence, LLM, malicious, malware, network, phishing, ransomware, resilience, service, spam, tactics, theft, threat, tool, vulnerability, zero-dayFacilitating malware development: Artificial intelligence can also be used to generate more sophisticated or at least less labour-intensive malware.For example, cybercriminals are using gen AI to create malicious HTML documents. The XWorm attack, initiated by HTML smuggling, which contains malicious code that downloads and runs the malware, bears the hallmarks of development via AI.”The loader’s…
-
Sophos Uncovers Rising Threat of SVG-Based Phishing Attacks
Sophos has identified a novel phishing technique that leverages Scalable Vector Graphics (SVG) files to bypass anti-spam and First seen on securityonline.info Jump to article: securityonline.info/sophos-uncovers-rising-threat-of-svg-based-phishing-attacks/
-
Hackers Use Hidden Text Salting to Bypass Spam Filters and Evade Detection
by
in SecurityNewsIn the latter half of 2024, Cisco Talos identified a significant increase in email threats leveraging >>hidden text salting,
-
MintsLoader Delivers StealC Malware and BOINC in Targeted Cyber Attacks
by
in SecurityNewsThreat hunters have detailed an ongoing campaign that leverages a malware loader called MintsLoader to distribute secondary payloads such as the StealC information stealer and a legitimate open-source network computing platform called BOINC.”MintsLoader is a PowerShell based malware loader that has been seen delivered via spam emails with a link to Kongtuke/ClickFix pages or a…
-
10 top XDR tools and how to evaluate them
by
in SecurityNews
Tags: ai, attack, automation, business, cloud, computing, container, corporate, credentials, data, defense, detection, edr, email, encryption, endpoint, finance, firewall, google, guide, Hardware, iam, ibm, identity, incident response, infrastructure, intelligence, malicious, malware, marketplace, microsoft, mitigation, network, office, okta, open-source, organized, risk, security-incident, service, siem, skills, soar, software, spam, technology, threat, tool, training, vulnerability, zero-dayLittle in the modern IT world lends itself to manual or siloed management, and this is doubly true in the security realm. The scale of modern enterprise computing and modern application stack architecture requires security tools that can bring visibility into the security posture of modern IT components and integrate tightly to bring real-time threat…
-
Beko Technologies bestätigt Ransomware-Angriff
by
in SecurityNewssrcset=”https://b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2491655697.jpg?quality=50&strip=all 7360w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2491655697.jpg?resize=300%2C168&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2491655697.jpg?resize=768%2C432&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2491655697.jpg?resize=1024%2C576&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2491655697.jpg?resize=1536%2C864&quality=50&strip=all 1536w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2491655697.jpg?resize=2048%2C1152&quality=50&strip=all 2048w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2491655697.jpg?resize=1240%2C697&quality=50&strip=all 1240w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2491655697.jpg?resize=150%2C84&quality=50&strip=all 150w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2491655697.jpg?resize=854%2C480&quality=50&strip=all 854w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2491655697.jpg?resize=640%2C360&quality=50&strip=all 640w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2491655697.jpg?resize=444%2C250&quality=50&strip=all 444w” width=”1024″ height=”576″ sizes=”(max-width: 1024px) 100vw, 1024px”>Die Ransomware-Bande Black Basta hat gestohlene Daten von Beko Technologies im Darknet veröffentlicht. PeopleImages.com Yuri A Shutterstock.comBeko Technologies wurde im Dezember 2024 von Cyberkriminellen erpresst. Die Ransomware-Gruppe Black…
-
Microsoft Teams im Visier: Cyberkriminelle nutzen EBombing und Vishing für Angriffe
by
in SecurityNewsNach dem Versand der Spam-Nachrichten geben sich die Angreifer als IT-Support des Unternehmens aus und kontaktieren Mitarbeitende per Sprach- oder Videoanruf über Teams. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/microsoft-teams-im-visier-cyberkriminelle-nutzen-e-mail-bombing-und-vishing-fuer-angriffe/a39522/
-
13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks
by
in SecurityNewsA global network of about 13,000 hijacked Mikrotik routers has been employed as a botnet to propagate malware via spam campaigns, the latest addition to a list of botnets powered by MikroTik devices.The activity “take[s] advantage of misconfigured DNS records to pass email protection techniques,” Infoblox security researcher David Brunsdon said in a technical report…
-
Paypal-Phishing: Angebliche monatliche Finanzberichte ködern Opfer
by
in SecurityNewsDerzeit schaffen es Phishing-Mails an Spam-Filtern vorbeizukommen, die einen monatlichen Finanzbericht für Paypal versprechen. First seen on heise.de Jump to article: www.heise.de/news/Paypal-Phishing-Angebliche-monatliche-Finanzberichte-koedern-Opfer-10237101.html
-
Muddling Meerkat Linked to Domain Spoofing in Global Spam Scams
by
in SecurityNewsInfoblox cybersecurity researchers investigating the mysterious activities of ‘Muddling Meerkat’ unexpectedly uncovered widespread use of domain spoofing in malicious spam campaigns. First seen on hackread.com Jump to article: hackread.com/muddling-meerkat-domain-spoofing-spam-scams/
-
Muddling Malspam: Unveiling the Use of Spoofed Domains in Malicious Spam Campaigns
by
in SecurityNewsA recent report by Infoblox Threat Intel uncovers the extensive and intricate use of spoofed domains in modern First seen on securityonline.info Jump to article: securityonline.info/muddling-malspam-unveiling-the-use-of-spoofed-domains-in-malicious-spam-campaigns/
-
Spam-Schutz umgangen: 512-Bit-RSA-Key mit 8 US-Dollar in der Cloud geknackt
by
in SecurityNewsDerart kurze RSA-Schlüssel gelten seit Jahrzehnten als unsicher. Ein Forscherteam hat nun demonstriert, wie schnell sie sich heute knacken lassen. First seen on golem.de Jump to article: www.golem.de/news/spam-schutz-umgangen-512-bit-rsa-key-mit-8-us-dollar-in-der-cloud-geknackt-2501-192264.html
-
Protect 3 Devices With This Maximum Security Software
by
in SecurityNewsTrend Micro guards desktop and mobile devices from ransomware, phishing schemes, spam, and more for one year. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/trend-micro-maximum-security/
-
Webbrowser: Neuer Spam-Schutz auf KI-Basis in Chrome und Edge gesichtet
by
in SecurityNewsUm Nutzer vor betrügerischen Websites zu warnen, haben Chrome und Edge neuerdings einen KI-Schutz an Bord. Noch ist das Feature aber nicht standardmäßig aktiv. First seen on heise.de Jump to article: www.heise.de/news/Webbrowser-Chrome-und-Edge-sollen-mittels-KI-vor-Spam-Seiten-warnen-10219171.html
-
Webbrowser: Chrome und Edge sollen mittels KI vor Spam-Seiten warnen
by
in SecurityNewsUm Nutzer vor betrügerischen Websites zu warnen, haben Chrome und Edge neuerdings einen KI-Schutz an Bord. Noch ist das Feature aber nicht standardmäßig aktiv. First seen on heise.de Jump to article: www.heise.de/news/Webbrowser-Chrome-und-Edge-sollen-mittels-KI-vor-Spam-Seiten-warnen-10219171.html
-
Ongoing phishing attack abuses Google Calendar to bypass spam filters
by
in SecurityNewsAn ongoing phishing scam is abusing Google Calendar invites and Google Drawings pages to steal credentials while bypassing spam filters. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ongoing-phishing-attack-abuses-google-calendar-to-bypass-spam-filters/
-
Malware trickst Sicherheitslösungen mit beschädigten Dateien (ZIP, Office) aus
by
in SecurityNewsDie Betreiber von ANY.RUN sind auf eine neue Angriffswelle bzw. SPAM-Kampagne gestoßen, die für 0-Day-Angriffe ausgenutzt werden könnte. Beschädigte ZIP-Archive oder kaputte Office-Dokumente sollen SPAM-Filter und Sicherheitslösungen austricksen, so dass entsprechende Phishing-Mails im Postfach landen. ANY.RUN-Beobachtung einer Kampagne ANY.RUN ist … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/12/12/beschaedigte-dateien-zip-office-tricksen-sicherheitsloesungen-aus/
-
Ich kombiniere, also bin ich.
by
in SecurityNewsModerne Attacken nutzen häufig generative KI und Automatisierung, um täuschend echte Spam- oder Phishing-E-Mails zu erzeugen. Oft reicht ein einzelner Indikator dabei nicht aus, um verdächtige Nachrichten zuverlässig zu identifizieren. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/ich-kombiniere-also-bin-ich/a39193/