A threat actor got a near-continuous view into an influential finance executive’s email inbox, thanks to clever use of legitimate, native Windows tools.
Tag: Email
AI, Global Security News
Global Stock Exchange Hit by Monthslong Email Campaign
A threat actor got a near-continuous view into an influential finance executive’s email inbox, thanks to clever use of legitimate, native Windows tools.
AI, Exploits, Global Security News, Government & Policy
SideCopy group targets Afghanistan’s Ministry of Finance with Xeno RAT
The campaign commences with a spear-phishing email containing a ZIP archive with a malicious LNK file written in Pashto, designed to exploit the familiarity of the language within the Afghan government.
AI, Global Security News
Codex knowledge work expands into research, reports, and spreadsheets
Office workers in the United States lose hours each week to email triage and to searching for files spread across disconnected systems. Roughly 40 percent of US labor, about 72 million people, works primarily with information such as analysis, documents, designs, and communication. Research from the McKinsey Global Institute puts the average knowledge worker at…
AI, Global Security News
The Deliverability Problem: How New Platforms Are Solving Inbox Placement
Email still reaches more people than any other digital channel. Getting it to actually land in the inbox…
AI, Global Security News
Doppel launches AI email security to disrupt phishing campaigns
Doppel Email Security utilizes autonomous agents and its Doppel 360 Threat Graph to investigate threats within the inbox.
AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, privacy, Risk Management
The 6 Best Email Security Software & Solutions in 2026 (Compared and Reviewed)
This guide is for IT leaders, security teams, and business decision-makers looking to strengthen email protection against phishing, malware, and business email compromise attacks. It covers the best email security software solutions in 2026, along with the key features, pricing considerations, and deployment factors to evaluate before choosing a platform. Key Takeaways for Email Security…
AI, Global Security News
CypherLoc scareware tricks millions into identity theft traps
The CypherLoc attack begins with a phishing email containing a malicious link or attachment.
AI, Global Security News, malware
Product showcase: F-Secure Internet Security blocks phishing sites, fake stores, and SMS scams
F-Secure Internet Security protects against viruses, ransomware, spyware, infected email attachments, and other cyber threats. It focuses on securing devices and online activity through malware protection, scam prevention, safe browsing, and banking safeguards. The platform supports Windows, macOS, Android, and iOS devices under a single subscription. After downloading the Android app from the Play Store,…
AI, Global Security News
Enhancing Cisco Secure Email Gateway: Safer Clicks and Cleaner Files
Cisco Secure Email Gateway enhancements: RBI neutralizes web-based threats via isolated browsing, CDR sanitizes malicious components from email attachments.
AI, Exploits, Global Security News, Network Security
SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access
Critical security vulnerabilities have been disclosed in SEPPMail Secure E-Mail Gateway, an enterprise-grade email security solution, that could be exploited to achieve remote code execution and enable an attacker to read arbitrary mails from the virtual appliance. “These vulnerabilities could have been exploited to read all mail traffic or as an entry vector into the…
AI, Global Security News
Egnyte unveils Email Capture and AI features to unify fragmented data
Egnyte has announced a new set of capabilities designed to consolidate fragmented knowledge. Email Capture centralizes critical communications and attachments from siloed inboxes into the Egnyte folder structure, assisting users to make more informed data-driven decisions based on their entire knowledge base. Egnyte is also launching a set of AI-driven integrations and capabilities specifically designed…
AI, Global Security News, Risk Management
How to Reduce Phishing Exposure Before It Turns into Business Disruption
What happens when a phishing email looks clean enough to pass through security, but dangerous enough to expose the business after one click? That is the gap many SOCs still struggle with: the attacks that leave teams unsure what was exposed, who else was targeted, and how far the risk has spread. Early phishing detection…
AI, Global Security News, Risk Management
The scam economy has found its AI upgrade
Scam attempts continue to reach consumers via email, text messages, social media, online advertising, and phone calls. The volume of exposure has remained stable over the past year, with more than half of consumers encountering scam attempts at least monthly, according to the F-Secure Scam Intelligence & Impacts Report 2026. Most common channels for scam…
AI, Global Security News
Scammers Use Hidden Text to Bypass AI Email Filters in Phishing Scams
Scammers are hiding invisible text inside phishing emails to manipulate AI-powered email filters and increase the chances of scams reaching inboxes.
AI, Global Security News
SSL.com rotates their root certificate today, (Tue, May 5th)
I just got an email from SSL.com last night, they are rotating out their root certificate today (May 5,2026). This is normal, business as usual stuff for a CA, but certificates get used for all kinds of things, and sometimes they aren’t used like they should be, so sometimes hiccups happen. If you are using…
AI, Global Security News
Amazon SES increasingly abused in phishing to evade detection
The Amazon Simple Email Service (SES) is being increasingly abused to send convincing phishing emails that can bypass standard security filters and render reputation-based blocks ineffective. […]
AI, Compliance, Cybersecurity, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Human-centric failures: Why BEC continues to work despite MFA
Business email compromise (BEC) is still thriving even in organizations that have implemented multi-factor authentication (MFA). As security professionals, we often assume that MFA is the silver bullet for email security, but real-world incidents suggest otherwise. Attackers exploit human behaviors, process gaps and operational blind spots that MFA alone cannot address. In many modern BEC…
AI, Global Security News
Microsoft to deprecate legacy TLS in Exchange Online starting July
Microsoft says it will start blocking legacy TLS connections for POP and IMAP email clients in Exchange Online starting in July 2026. […]
AI, Global Security News
Google brings instant email verification to Android, no OTP needed
Google has introduced cryptographically verified email credentials for Android through the Credential Manager API. This API aligns with the W3C Digital Credential API standard. It provides a unified way for apps to request and retrieve user credentials for authentication and authorization. “By integrating the new verified email via the Credential Manager API, you can reduce…
AI, Endpoint, Global Security News
Bitdefender extends GravityZone with continuous email threat protection
Bitdefender has launched GravityZone Extended Email Security, unifying email and endpoint protection in one platform. Built for organizations and MSPs, it uses an ICES approach to deliver continuous protection against modern email threats, including phishing, BEC, ransomware, impersonation, and insider attacks. “Email threats are growing more sophisticated and effective as total business email compromise-related payments…
AI, Global Security News, malware
Obfuscated JavaScript or Nothing, (Thu, Apr 9th)
I spotted an interesting piece of JavaScript code that was delivered via a phishing email in a RAR archive. The file was called “cbmjlzan.JS” (SHA256:a8ba9ba93b4509a86e3d7dd40fd0652c2743e32277760c5f7942b788b74c5285) and is only identified as malicious by 15 AV’s on VirusTotal[1]. The file is pretty big (10MB) and contains a copy of the AsmDB project lib[2]. The purpose is unknown.…
AI, Exploits, Global Security News, malware
Image or Malware? Read until the end and answer in comments :)
A malicious email delivered a .cmd malware that escalates privileges, bypasses antivirus, downloads payloads, sets persistence, and self-deletes. I received this email from a friend to make an analysis. First, let me express my thanks to Janô Falkowski Burkard for this amazing contribution. A little context, He received an email that was really strange and…
AI, Cybersecurity, Data Breaches, Exploits, Funding, Global Security News, malware, Network Security, Risk Management
Security awareness is not a control: Rethinking human risk in enterprise security
Organizations have been responding to phishing, business email compromise, and credential theft in essentially the same manner for over ten years. They essentially follow a playbook that involves investing in awareness training, running phishing simulations, and requiring employees to complete annual security modules. The reason behind this is simple and the reasoning behind these efforts…
AI, Global Security News
Mimecast makes enterprise email security deployable in minutes
Most organizations running Microsoft 365 rely on native email controls as their primary line of defense. According to Mimecast research, 38% of organizations depend exclusively on those native controls for collaboration security, and 64% say those controls are insufficient against the threat landscape. Ranjan Singh, Chief Product and Technology Officer at Mimecast, outlines how the…
AI, Global Security News
Microsoft fixes Outlook Classic crashes caused by Teams Meeting add-in
Microsoft has resolved a known issue that rendered the classic Outlook email client unusable for users who enabled the Microsoft Teams Meeting Add-in. […]
AI, Global Security News
assetsaas.io Deploys Check Point Email Security To Transform Email Deliverability and Improve Client Outcomes With Enhanced Email Security
By making email security and deliverability invisible yet provably effective, AssetSaas.io differentiates itself in a crowded market
AI, Data Breaches, Global Security News
FBI confirms hack of Director Patel’s personal email inbox
The Handala hackers associated with Iran have breached the personal email account of FBI Director Kash Patel and published photos and documents. […]
AI, Data Breaches, Global Security News
Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack
Threat actors with ties to Iran successfully broke into the personal email account of Kash Patel, the director of the U.S. Federal Bureau of Investigation (FBI), and leaked a cache of photos and other documents to the internet. Handala Hack Team, which carried out the breach, said on its website that Patel “will now find…
AI, Data Breaches, Europe, Global Security News, Government & Policy, malware, Risk Management
Iran-linked group Handala hacked FBI Director Kash Patel’s personal email account
Iran-linked group Handala claims it hacked FBI Director Kash Patel’s personal email, leaking files. The FBI says no government data was exposed. Iran-linked hacking group Handala claims it breached FBI Director Kash Patel’s personal Gmail account and shared alleged data, including photos and files. The FBI confirmed it is aware of the incident and has…
AI, Cybersecurity, Exploits, Global Security News, Russia
TA446 Deploys Leaked DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign
Proofpoint has disclosed details of a targeted email campaign in which threat actors with ties to Russia are leveraging the recently disclosed DarkSword exploit kit to target iOS devices. The activity has been attributed with high confidence to the Russian state-sponsored threat group known as TA446, which is also tracked by the broader cybersecurity community…
AI, Global Security News
Paid AI Accounts Are Now a Hot Underground Commodity
AI accounts are becoming part of the cybercrime supply chain, sold like email accounts or VPS access. Flare Systems shows how underground markets bundle and resell premium AI access at scale. […]
AI, Global Security News
Darktrace Brings AI-Native Service Delivery to MSSPs with New Managed Email Security Offering
New offering empowers MSSPs to deliver AI-native email security powered by Darktrace’s Self-Learning AI Expansion of the Darktrace Defenders Partner Program gives MSSPs greater flexibility and scalability to build and grow managed security services
AI, Global Security News
Introducing Apple Business — a new all‑in‑one platform for businesses of all sizes
Apple Business combines built-in mobile device management, business email and calendar services with custom domain support, and a powerful new option to reach local customers
AI, Global Security News
Microsoft fixes bug causing Classic Outlook sync issues with Gmail
Microsoft has fixed a known issue causing Gmail and Yahoo email synchronization and connection problems for classic Outlook users. […]
AI, Global Security News
Microsoft: Enabling Teams Meeting add-in breaks Outlook Classic
Microsoft is working to address a known issue that renders the classic Outlook email client unusable for users who have enabled the Microsoft Teams Meeting Add-in. […]
AI, Global Security News
Weekly Update 495
In the beginning, it was simple. A website, a database and 150M+ email addresses to search. Time has added serverless functions (which run on servers 🤷♂️), code on the edge, new data storage constructs and a completely different mechanism for even just querying a simple email address. HIBP is a continually evolving beast, and barely…
AI, Global Security News
Microsoft investigates classic Outlook sync and connection issues
Microsoft is investigating several issues causing email synchronization and connection problems when using the classic Outlook desktop client. […]
AI, Global Security News
Attackers use AiTM phishing kit, typosquatted domains to hijack AWS accounts
Phishers are targeting AWS accounts holders with fake email security alerts and redirecting them to a high-fidelity clone of the AWS Management Console sign-in page, Datadog researchers have warned. The cloned AWS phishing page (Source: Datadog Security Labs) The campaign has been running since the end of February and possibly earlier. “In one observed case,…
AI, Global Security News, Risk Management
Mimecast brings gateway-grade email security to API deployment
Mimecast has announced that its complete email security protection stack is now available through API deployment, eliminating a fundamental trade-off in the market. Standalone integrated cloud email security (ICES) solutions offered fast deployment but came at a cost: they were built primarily for targeted, sophisticated attacks and relied on native Microsoft or Google controls to…
AI, Global Security News
Backup strategies are working, and ransomware gangs are responding with data theft
Business email compromise (BEC) and funds transfer fraud combined for 58% of all cyber insurance claims filed in 2025, according to data from Coalition covering more than 100,000 policyholders across the United States, Canada, the United Kingdom, Australia, and Germany. BEC was the single most common claim type at 31%, with frequency rising 15% year…
AI, Global Security News, malware
Multi-Stage “BadPaw” Malware Campaign Targets Ukraine
Malware campaign uses Ukrainian email service for credibility, deploying “BadPaw” to execute attacks
AI, Global Security News
Microsoft: Hackers abuse OAuth error flows to spread malware
Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take users to malicious pages. […]
AI, Endpoint, Exploits, Global Security News, Risk Management
Third-Party Patching and the Business Footprint We All Share
Everyday tools like PDF readers, email clients, and archive utilities quietly define the real attack surface. Action1 explains how third-party software drift increases exploit risk and why consistent patching reduces exposure across endpoints. […]
AI, Global Security News, Risk Management
Entra ID OAuth Consent Can Grant ChatGPT Access to Emails
OAuth consent in Entra ID can grant apps like ChatGPT email access after approval, exposing hidden risks that may bypass MFA and enable persistent access.
AI, Global Security News
Why ‘Call This Number’ TOAD Emails Beat Gateways
Attackers are bypassing email gateways through telephone-oriented attack delivery (TOAD), in which the only email payload is a phone number.
AI, Global Security News, Government & Policy, malware, Network Security
What does business email compromise look like?
Business email compromise (BEC) is the digital con dressed to impress. It’s clean, calculated, and ready to fool even the sharpest eyes. These scammers don’t tell on themselves with sloppy hacks. They whisper in familiar voices, posing as your CEO, HR, or a trusted vendor. And, unlike phishing, they’re a precision strike built on inside…
AI, Compliance, Endpoint, Global Security News, malware, Risk Management
How to prevent business email compromise
Business email compromise (BEC) is the cyber equivalent of an expertly forged handwritten note—no malware fireworks, no flashing warnings, just a convincing request that tricks someone into wiring money or handing over sensitive data. Knowing how to prevent BEC should sit at the top of every security to‑do list because even one fraudulent email can…
AI, Cybersecurity, Endpoint, Exploits, Global Security News, Risk Management
Know the red flags: Business email compromise signs to look out for
When it comes to cyber threats, business email compromise (BEC) is one of the sneakiest, most costly scams out there. These digital predators don’t rely on brute force, but are patient, tactical, and they exploit one weakness above all: human trust. If you’re in the cybersecurity game, spotting a BEC attack can mean the difference…
AI, Cybersecurity, Global Security News, Risk Management
Celebrating Two Years of CSF 2.0!
Celebrate this milestone with us! Email us at csf [at] nist.gov (csf[at]nist[dot]gov) or tag @NISTcyber on X telling us what your favorite CSF 2.0 resource is (or how your organization has benefitted from implementing the CSF 2.0). Today marks two years since the publication of the Cybersecurity Framework (CSF) 2.0! Published in 2024, the CSF…
AI, Exploits, Global Security News
Scammers exploit trust in Atlassian Jira to target organizations
Threat actors have leveraged legitimate email notification feature of Atlassian Jira to deliver localized scam emails at scale. The emails From late December 2025 through late January 2026, victims were targeted with spam emails from legitimate-looking Atlassian Jira Cloud addresses. Organizations already using Jira were specifically targeted: the attackers selected domains known to have active…
AI, Endpoint, Global Security News
One stolen credential is all it takes to compromise everything
Attackers often gain access through routine workflows like email logins, browser sessions, and SaaS integrations. A single stolen credential can give them a quick path to move across systems when access permissions are broad and visibility is fragmented. That pattern appears across more than 750 incident response engagements covered in Unit 42’s Global Incident Response…
AI, Global Security News
Fake Incident Report Used in Phishing Campaign, (Tue, Feb 17th)
This morning, I received an interesting phishing email. I’ve a “love & hate” relation with such emails because I always have the impression to lose time when reviewing them but sometimes it’s a win because you spot interesting “TTPs” (“tools, techniques & procedures”). Maybe one day, I’ll try to automate this process! Today’s email targets Metamask[1]…
AI, Data Breaches, Exploits, Global Security News, privacy, Risk Management
Japanese sex toys maker Tenga discloses data breach
Sex toy maker Tenga says a hacker accessed an employee’s email account, potentially exposing customer names, emails, and order details. TENGA Co., Ltd. is a Tokyo-based Japanese sexual wellness and lifestyle company known for its innovative adult products. It employs roughly 125–200 people worldwide across its Japan headquarters and international offices. Tenga operates in personal…
AI, Breaking News, data breach, Data Breaches, Endpoint, Global Security News, hacking, malware, privacy, Security
Flickr moves to contain data exposure, warns users of phishing
Flickr says a flaw at a third-party email provider may have exposed users’ names, email addresses, IPs, and account activity. Flickr is a photo-sharing platform owned by SmugMug. It has over 100 million registered users and millions of active photographers. Flickr warned users about a possible data breach caused by a flaw in a third-party…
AI, Breaking News, data breach, Data Breaches, Endpoint, Global Security News, hacking, malware, privacy, Security
Flickr moves to contain data exposure, warns users of phishing
Flickr says a flaw at a third-party email provider may have exposed users’ names, email addresses, IPs, and account activity. Flickr is a photo-sharing platform owned by SmugMug. It has over 100 million registered users and millions of active photographers. Flickr warned users about a possible data breach caused by a flaw in a third-party…
AI, Breaking News, data breach, Data Breaches, Endpoint, Global Security News, hacking, malware, privacy, Security
Flickr moves to contain data exposure, warns users of phishing
Flickr says a flaw at a third-party email provider may have exposed users’ names, email addresses, IPs, and account activity. Flickr is a photo-sharing platform owned by SmugMug. It has over 100 million registered users and millions of active photographers. Flickr warned users about a possible data breach caused by a flaw in a third-party…
AI, Breaking News, data breach, Data Breaches, Endpoint, Global Security News, hacking, malware, privacy, Security
Flickr moves to contain data exposure, warns users of phishing
Flickr says a flaw at a third-party email provider may have exposed users’ names, email addresses, IPs, and account activity. Flickr is a photo-sharing platform owned by SmugMug. It has over 100 million registered users and millions of active photographers. Flickr warned users about a possible data breach caused by a flaw in a third-party…
AI, cyber attack, cyber attacks, Cybersecurity, Data Breaches, Global Security News, Security
Flickr Notifies Users of Data Breach After External Partner Security Flaw
Flickr says a third-party email vendor flaw may have exposed user names, emails, IP data, and activity logs,…
AI, Data Breaches, Global Security News, Security
Data breach at fintech firm Betterment exposes 1.4 million accounts
Hackers stole email addresses and other personal information from 1.4 million accounts after breaching the systems of automated investment platform Betterment in January. […]
AI, Cybercrime, Cybersecurity, Global Security News, News
AI is driving a new kind of phishing at scale
Email remains a primary entry point for attackers, and security teams continue to manage high volumes of malicious messages that change form across campaigns. Attackers generate large numbers of messages with small variations in wording, structure, and delivery paths. AI systems now sit at the center of this activity, supporting generation, testing, and rollout of…