European discount retailer Pepco has lost €15.5 million as a result of what it described as a phishing attack.
The post Discount Retail Giant Pepco Loses €15 Million to Cybercriminals appeared first on SecurityWeek.
Domains Once Owned by Major Firms Help Millions of Spam Emails Bypass Security
8,800 domains, many once owned by major companies, have been abused to get millions of emails past spam filters as part of SubdoMailing campaign.
The post Domains Once Owned by Major Firms Help Millions of Spam Emails Bypass Security appeared first on SecurityWeek.
CISA Warns of Roundcube Webmail Vulnerability Exploitation
CISA has added the Roundcube flaw tracked as CVE-2023-43770 to its known exploited vulnerabilities catalog.
The post CISA Warns of Roundcube Webmail Vulnerability Exploitation appeared first on SecurityWeek.
HPE Says Russian Government Hackers Had Access to Emails for 6 Months
HPE told the SEC that Russian state-sponsored threat group Midnight Blizzard had access to an email system for several months.
The post HPE Says Russian Government Hackers Had Access to Emails for 6 Months appeared first on SecurityWeek.
Mimecast Acquires User Education Startup Elevate Security
Elevate Security raised $18.3 million in venture capital financing and scored investments from the likes of Cisco and CrowdStrike.
The post Mimecast Acquires User Education Startup Elevate Security appeared first on SecurityWeek.
Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day
Chinese hackers exploited a zero-day tracked as CVE-2023-7102 to deliver malware to Barracuda Email Security Gateway (ESG) appliances.
The post Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day appeared first on SecurityWeek.
SMTP Smuggling Allows Spoofed Emails to Bypass Authentication Protocols
A new attack technique named SMTP Smuggling can allow malicious actors to send out spoofed emails that bypass authentication mechanisms.
The post SMTP Smuggling Allows Spoofed Emails to Bypass Authentication Protocols appeared first on SecurityWeek.
CISA Issues Warning for Russian ‘Star Blizzard’ APT Spear-Phishing Operation
The US cybersecurity agency calls attention to a Russian APT targeting academia, defense, governmental organizations, NGOs and think-tanks.
The post CISA Issues Warning for Russian ‘Star Blizzard’ APT Spear-Phishing Operation appeared first on SecurityWeek.
Google’s RETVec Open Source Text Vectorizer Bolsters Malicious Email Detection
Google shows how RETVec, a new and open source text vectorizer, can improve the detection of phishing attacks, spam and other harmful content.
The post Google’s RETVec Open Source Text Vectorizer Bolsters Malicious Email Detection appeared first on SecurityWeek.
Google Will Start Deleting ‘Inactive’ Accounts in December. Here’s What You Need to Know
The easiest way to keep your Google account active (and thus prevent it from being deleted) is to sign in at least once every two years.
The post Google Will Start Deleting ‘Inactive’ Accounts in December. Here’s What You Need to Know appeared first on SecurityWeek.
