email Archives - Securezoo

Microsoft uncovers NOBELIUM ‘sophisticated email-based attack’

Cybersecurity Attacks, Malware, Messaging Security, Phishing / By Frank Crast / May 28, 2021 / Constant Contact, email, GoldMax, Microsoft, MSTIC, phishing, SolarWinds, Sunburst, Teardrop

The Microsoft Threat Intelligence Center (MSTIC) has uncovered a “sophisticated email-based attack” operated by NOBELIUM, as part of a wide-scale malicious email campaign.

SonicWall Email Security zero-day vulnerabilities

Messaging Security, Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / April 25, 2021 / CVE-2021-20021, CVE-2021-20022, CVE-2021-20023, email, HES, Messaging, SonicWall

SonicWall has released urgent patches for Critical Email Security product zero-day vulnerabilities CVE-2021-20021, CVE-2021-20022 and CVE-2021-20023.

Microsoft takes down malicious domains used in COVID-19 related phishing campaign

Cybercrime, Cybersecurity Attacks, Messaging Security, Phishing / By Frank Crast / July 8, 2020 / COVID-19, DCU, email, Messaging, Microsoft, phishing

Microsoft has disrupted a major cybercriminal operation designed to take advantage of the COVID-19 pandemic and defraud victims in 62 countries around the world.

Hackers exploiting Exim vulnerabilities

Messaging Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / October 13, 2019 / CVE-2019-15846, CVE-2019-16928, EHLO, email, Exim, Vulnerabilities

Hackers have been recently targeting at least two vulnerabilities on unpatched Exim email systems. Exim has already released two updates in September that fixes each of the flaws.

Phosphorus threat group targets email accounts

Cybersecurity Attacks, Messaging Security / By Frank Crast / October 8, 2019 / email, Microsoft, MSTIC, Office 365, Phosphorus

Microsoft has warned a cyber threat group dubbed Phosphorus has recently targeted email accounts belonging to Microsoft customers.

Samba fixes two security vulnerabilities

Messaging Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / April 8, 2019 / CVE-2019-3870, CVE-2019-3880, email, Samba

Samba has released fixes for two security vulnerabilities that impact Samba products. A remote attacker could take advantage of these bugs and exploit unpatched systems.

NIST SP 800-177 Revision 1: “Trustworthy Email”

Cryptography, Cybersecurity Articles, Messaging Security, Standards & Guidelines / By Frank Crast / February 26, 2019 / 800-177, authentication, DKIM, DMARC, email, encryption, Messaging, NIST, SPF, TLS

The National Institute of Standards and Technology (NIST) has releases its Security Publication (SP) 800-177 Revision 1, that include security guidelines and recommendations for achieving “trustworthy email”.

Emotet malware threat re-emerges with new features

Malware, Messaging Security, Phishing / By Frank Crast / January 19, 2019 / Cisco, Cybercrime, email, Emotet, malware, Proxy, Ransomware, SORBS, SpamCop, Spamhaus, Talos

The infamous banking trojan Emotet is re-emerging via new cyber campaigns after a low period of activity over the recent Christmas holidays. Emotet is one of the most widely developed and distributed malware families used by cyber criminals.

Nearly 800M email records exposed in massive data breach

Cloud Security, Data Breach, Password Management / By Frank Crast / January 17, 2019 / Cloud, Collection 1, Database, email, MEGA, passwords, Troy Hunt

A massive data breach dubbed “Collection #1” exposed nearly 800 million email addresses and millions of passwords. Security expert Troy Hunt was alerted of the leaked data made available for free download from popular MEGA cloud storage service. The data consisted of over 12,000 separate files and more than 87GB of data.

Cisco patches critical email security appliance vulnerability

Leave a Comment / Messaging Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / January 10, 2019 / Cisco, CVE-2018-15453, CVE-2018-15460, email, ESA, Security

Cisco released two security updates that fix vulnerabilities in its email security appliance (ESA) software.