CyberSecurity news
FlagThis - #emailsecurity
|
Duncan Riley@SiliconANGLE - 75d
A new report from Cofense has revealed a rise in sophisticated phishing attacks that are now impersonating trusted email security providers like Proofpoint, Mimecast, and Virtru. These attacks utilize fake email attachments, phishing links, and credential-harvesting tactics designed to trick users into divulging sensitive information. By closely mimicking the branding and communications of these well-known security companies, threat actors are able to increase the likelihood that recipients will trust the emails and engage with malicious content.
The report details examples of attackers crafting highly convincing spoofed emails, including ones that appear to be from Proofpoint, Mimecast and Virtru. These emails often include embedded links or attachments designed to redirect users to fake login pages where their credentials can be stolen. While subtle clues such as mismatched sender domains and use of free email services may exist, the emails often appear legitimate. To combat these threats, organizations are urged to implement multifactor authentication, provide employee training on phishing recognition, and utilize advanced threat detection systems.
Share:
References :
Classification:
@ciso2ciso.com - 22d
Cybercriminals are increasingly leveraging Scalable Vector Graphics (SVG) files in phishing attacks to circumvent traditional email security measures. Sophos researchers have uncovered this rising threat, noting that attackers use SVG files to distribute malicious links leading to credential theft. These SVG files, commonly used for vector-based images, can contain hyperlinks and scripts within their text-based XML instructions, enabling attackers to embed malicious content directly within the graphics file.
Attackers often employ social engineering tactics in phishing emails, impersonating well-known brands like DocuSign, Microsoft SharePoint, Dropbox, and Google Voice to trick recipients into opening the malicious SVG attachments. When a user clicks the embedded link, they are redirected to a credential-harvesting site disguised as a legitimate login portal. Sophos has observed increasingly sophisticated SVG phishing attacks, including the use of Cloudflare CAPTCHA gates, credential pre-filling, live phishing templates, and JavaScript auto-redirects to further evade detection.
Share:
References :
Classification:
@go.theregister.com - 33d
The US Government's Office of Personnel Management (OPM) is facing a lawsuit over the hasty implementation of a new federal email system. Two anonymous employees have filed a complaint in a Washington DC district court, alleging that the rapid rollout, spearheaded by the Trump administration, violated the E-Government Act of 2002. The complaint claims that the OPM established a single email address, HR@opm.gov, intended for direct communication with all civilian federal employees, bypassing the usual procedures where OPM works with agencies and departments. This centralized system has raised concerns, with some speculating its primary use might be to facilitate mass firings.
At the center of the controversy is a lone, on-premises server allegedly set up quickly on the OPM network to handle the central email inbox. Crucially, a privacy impact assessment, mandated by law, was not completed or published before deployment. This assessment is meant to ensure that any staff data on the machine is protected. The lawsuit claims this oversight was intentional and willful, drawing parallels to a significant 2014 cyberattack where 20 million records were stolen from the same OPM. The agency's handling of this new system, especially given its history, has raised eyebrows and fueled fears of another potential cyber disaster.
Share:
References :
Classification:
|