Mailcow Mail Server Vulnerabilities Expose Servers to Remote Code Execution Recently, two significant security vulnerabilities have been uncovered in the Mailcow open-source mail server suite. These vulnerabilities, which affect all versions prior to 2024-04, were disclosed by SonarSource on March 22, 2024, and could allow malicious actors to execute arbitrary code on vulnerable Mailcow instances. Understanding the Vulnerabilities.

Phishing is the weapon of choice for many adversaries. And it’s easy to understand why: Users fall victim to attacks in under 60 seconds on average, novice cybercriminals can launch effective phishing campaigns thanks to off-the-shelf phishing kits and generative AI, and above all, it works — 71% of organizations reported at least one successful attack in 2023.

In a recent LevelBlue incident response engagement, an analyst in our managed detection and response (MDR) security operations center (SOC) responded to an alarm that was triggered by a suspicious email/inbox rule. The rule aimed to conceal responses to an internal phishing attempt from the account user, so the attacker could solicit funds from the company's users.

The adage "data is the new oil" doesn't resonate with everyone. Personally, having grown up around cars thanks to my dad, a master mechanic, I see oil as messy and cumbersome. Data, in my view, is more akin to bacon—universally enjoyed and valuable in various forms; everyone wants it and will go to great lengths to have an extra helping, maybe even pushing a sibling's arm out of the way to get the last piece.

In Q1 2024, Kroll observed SMS and voice-based tactics being used in phishing attacks, raising concern around the potential for deep fakes and AI technologies to further enhance the effectiveness of phishing attacks. Linked to this, one insider threat case investigated by Kroll in Q1 saw employee impersonation take place, another area in which AI-related technology could be especially impactful.

Mandiant has published a report looking at cyber threats targeting Brazil, finding that more than 85% of government-backed phishing activity comes from threat actors based in China, North Korea and Russia. “The Brazil-focused targeting of these groups mirrors the broader priorities and industry targeting trends we see elsewhere,” the researchers write.

If you're looking for an email service, you can find several options on the internet: from one of the oldest, Hotmail (now known as Outlook), to Gmail, iCloud, Yahoo, and many more. Today, we will explain their features and introduce some more secure alternatives to help you find the best email service. When we create an Outlook account, we have to accept certain terms and a privacy policy. The fine print that nobody reads, in which we agree to give our pesonal data and privacy to Microsoft.

Increasing phishing attacks are a constant threat to organizations, making it crucial for users to report suspicious emails. This practice not only helps in identifying and mitigating potential threats, but also plays a significant role in educating and creating awareness among employees. The importance of reporting suspected phishing emails cannot be overstated, as it acts as a last line of defense against cyber threats.

LNK (shortcut) files are a common starting point for many phishing campaigns. Threat actors abuse the unique properties of LNK files to deceive users and evade detection and prevention countermeasures, making them potent tools for compromising systems and networks. In this blog, we'll provide an in-depth analysis of recent LNK phishing campaigns, examining the tactics, techniques, and procedures (TTPs) employed by threat actors.

In 2023, the FBI’s Internet Crime Complaint Center (IC3) received 21,489 BEC complaints with adjusted losses over $2.9 billion USD, according to their 2023 Internet Crime Report. By way of comparison, ransomware, the cyber attack that grabs all the headlines and keeps IT and security teams up at night, accounted for only 2,825 complaints, with adjusted losses of less than $60 million USD.