#EmailFiltering

Proofpoint phishing palaver plagues millions with ‘perfectly spoofed’ emails from IBM, Nike, Disney, others

by

July 30, 2024 at 02:35AM A large-scale phishing campaign exploited a security vulnerability in Proofpoint’s email filtering to send three million fake emails daily, appearing to be from major companies. The spammers manipulated Proofpoint’s system to send malicious emails, tricking recipients into revealing sensitive information. Guardio Security notified Proofpoint and assisted in mitigating the attack, … Read more

Botnet sent millions of emails with LockBit Black ransomware payloads

by

May 13, 2024 at 03:14PM A new large-scale LockBit Black ransomware campaign has been sending millions of phishing emails through the Phorpiex botnet since April. The attackers use ZIP attachments containing an executable that deploys the LockBit Black payload, encrypting the recipients’ systems if launched. The emails are being sent from over 1,500 unique IP … Read more

FIN7 targets American automaker’s IT staff in phishing attacks

by

April 17, 2024 at 04:44PM FIN7 targeted a U.S. car maker with spear-phishing emails to infect IT systems with the Anunak backdoor. The attack involved living-off-the-land binaries, scripts, and libraries and relied on a malicious URL impersonating legitimate software. The attack did not spread beyond the initial infected system. BlackBerry recommends defenses including MFA, training, … Read more

Cloud Email Filtering Bypass Attack Works 80% of the Time

by

March 29, 2024 at 03:38PM Many businesses using cloud-based email spam filtering services are at risk due to frequent misconfigurations, posing potential security vulnerabilities. Based on the meeting notes, it seems that there is a concern about the potential risk for enterprises using cloud-based email spam filtering services due to misconfigurations. It might be important … Read more

Need to Know: Key Takeaways from the Latest Phishing Attacks

by

February 28, 2024 at 10:08AM The article discusses the rising threat of phishing attacks, including recent high-profile incidents and actionable tips to mitigate risks. It emphasizes the importance of employee training, advanced email filtering, and multi-factor authentication to bolster defense. Additionally, it advocates for security automation to streamline incident response and proactively address potential threats. … Read more