Archive for the ‘Email Security’ Category

ProtonVPN launches extensions for Chrome and Firefox browsers

You can now connect to ProtonVPN with just one tap of a button. Proton VPN has launched its new browser extension for Chrome and Firefox, fulfilling one of the most sought-after features requested by its user community. This new extension provides users with a more flexible way to protect their online privacy and bypass censorship. The Proton […]

Leave a Comment

Hackers Exploit ProxyShell Flaws to Deploy ProxyShellMiner on Exchange Server

ProxyShellMiner is being distributed to Windows endpoints by a very elusive malware operation, according to Morphisec. To generate income for the attackers, “ProxyShellMiner” deploys cryptocurrency miners throughout a Windows domain using the Microsoft Exchange ProxyShell vulnerabilities. ProxyShellMiner exploits a company’s Windows Exchange servers using the ProxyShell vulnerabilities CVE-2021-34473 and CVE-2021-34523 to get initial access and distribute crypto miners. “After successfully breaching an Exchange […]

Leave a Comment

HACKERS GAINED ACCESS TO O365 EMAIL ACCOUNTS BY USING OAUTH APPLICATIONS “CERTIFIED” BY MICROSOFT

Becoming verified on well-known platforms such as Instagram, Twitter, or the Apple AppStore has become the standard for determining one’s standing in the current online social scene. As users, we trust verified accounts more than those that aren’t. In the business sector, the situation is exactly the same with third-party OAuth app publishers who have […]

Leave a Comment

Everyone Wants Your Email Address. Think Twice Before Sharing It

Your email address has become a digital bread crumb for companies to link your activity across sites. Here’s how you can limit this. When you browse the web, an increasing number of sites and apps are asking for a piece of basic information that you probably hand over without hesitation: your email address. It may […]

Leave a Comment

Why encrypting emails isn’t as simple as it sounds

Why organizations need encryption Encrypting an email message ensures that unauthorized parties cannot read it. For any party without proper authorization, the message will appear indecipherable. For organizations, message confidentiality is crucial to stop potentially sensitive information from reaching prying eyes. Also, they should be able to confirm the integrity of the message and the […]

Leave a Comment

Google’s New End-To-End Encryption for Gmail on the Web

On Friday, Google released a beta version of Client-side encryption (CSE) for Gmail. This newest service is only useful to organisations that can produce their own decryption keys because CSE is designed for organisational use. Google has now made “end-to-end encryption” available for Gmail on the web, following Meta’s 2016 offer to use it for WhatsApp. […]

Leave a Comment

Phishing Scams: How To Recognize A Scam Email, VOIP call, or Text

A phishing scam is not only about stealing your login credentials, but it can also install malware, including ransomware, which is why it is essential to learn how to tackle this growing threat. The number of phishing scams reported in the first quarter of 2022 set a new record of over one million total attacks, according to […]

Leave a Comment

Microsoft is blocking Tutanota email addresses from registering a MS Teams account

Microsoft is actively blocking Tutanota email addresses from registering a Microsoft Teams account. Tutanota is an end-to-end encrypted email app and a freemium secure email service, as of March 2017, Tutanota’s owners claimed to have over 2 million users. The news is that Microsoft is actively blocking Tutanota email addresses from registering a Microsoft Teams […]

Leave a Comment

Secure email that protects your privacy

Keep your conversations private. Proton Mail is an encrypted email service based in Switzerland. Proton Mail protects your communication and has everything you need to easily manage your inbox – Proton email top priority is keeping your data safe. Create a free account #protonemail DISC InfoSec #InfoSecTools and #InfoSectraining #InfoSecLatestTitles #InfoSecServices

Leave a Comment

Attackers compromise Microsoft Exchange servers to hijack internal email chains

A malware campaign aimed at Microsoft Exchange servers exploits ProxyShell and ProxyLogon issues and uses stolen internal reply-chain emails to avoid detection. The campaign was uncovered by TrendMicro researchers that detailed the technique used to trick victims opening the malicious email used as the attack vector. The attacks were orchestrated by Squirrelwaffle, a threat actor known for sending malicious spam […]

Leave a Comment

ProtonMail Now Keeps IP Logs

ProtonMail Amends Its Policy After Giving Up an Activist’s Data ProtonMail Forced to Log IP Address of French Activist

Leave a Comment

Gift Card Gang Extracts Cash From 100k Inboxes Daily

Here’s the story of a cybercrime group that compromises up to 100,000 email inboxes per day, and apparently does little else with this access except siphon gift card and customer loyalty program data that can be resold online. The data in this story come from a trusted source in the security industry who has visibility into […]

Leave a Comment

Expert released PoC exploit for Microsoft Exchange flaw

A security expert released technical details and proof-of-concept exploit (PoC) code for the high-severity vulnerability CVE-2021-28482 in Microsoft Exchange that could be exploited by remote attackers to execute arbitrary code on vulnerable systems. April 2021 Microsoft Patch Tuesday security updates addressed four critical and high severity vulnerabilities in Exchange Server (CVE-2021-28480, CVE-2021-28481, CVE-2021-28482, CVE-2021-28483), some of these flaws were reported […]

Leave a Comment

Giving Out Your E-mail Increases Your Chances Of Getting Hacked

Does it seem as if nearly every time you install an app, it wants you to register with your email or phone number? To add to that, these apps usually want loads of other sensitive information that they don’t need. This is because of desperate data collection attempts, as your personal information is like gold […]

Leave a Comment

NSA Discloses Vulnerabilities in Microsoft Exchange

NSA helps out Microsoft with critical Exchange Server vulnerability disclosures in an April shower of patches 100+ fixes for the Windows world – plus holes in SAP, Adobe, FreeBSD, etc “This month’s release includes a number of critical vulnerabilities that we recommend you prioritize, including updates to protect against new vulnerabilities in on-premise Exchange Servers,” […]

Leave a Comment

CISA Orders Action Against Exchange Vulnerabilities

“CISA has determined that this exploitation of Microsoft Exchange on-premises products poses an unacceptable risk to Federal Civilian Executive Branch agencies and requires emergency action,” the agency said in supplementary guidance to the earlier CISA Emergency Directive (ED) 21-02. “This determination is based on the current exploitation of these vulnerabilities in the wild, the likelihood of the vulnerabilities […]

Leave a Comment

Microsoft says China-backed hackers are exploiting Exchange zero-days

Leave a Comment

ProxyLogon Microsoft Exchange exploit is completely out of the bag by now

A security researcher has released a new proof-of-concept exploit that could be adapted to install web shells on Microsoft Exchange servers vulnerable ProxyLogon issues. Since the disclosure of the flaw, security experts observed a surge in the attacks against Microsoft Exchange mailservers worldwide. Check Point Research team reported that that in a time span of 24 hours the exploitation attempts are […]

Leave a Comment

Developing a Strong Security Posture in the Era of Remote Work

Leave a Comment

Exchange Servers targeted via zero-day exploits, have yours been hit?

Microsoft has released out-of-band security updates for seven bugs affecting Microsoft Exchange Servers, four of which are zero-day vulnerabilities being exploited by attackers in the wild to plunder on-premises machines. Source: The zero-day bugs affecting Exchange Servers

Leave a Comment