PhishMail

06/11/2023

Once upon a time, there lived a brave knight named Sir Arthur. He was a proud and noble knight who was determined to battle evil and save his kingdom. One day, he was summoned to a distant land in order to help protect a beautiful princess from an evil wizard. With his trusty sword and shield in hand, Sir Arthur set off on an exciting and perilous journey to save the princess. Will he succeed? Find out in the thrilling story of Sir Arthur and the Princess!

17/10/2023

Discord: A Playground for Nation-State Hackers Targeting Critical Infrastructure
------------------------------------------------------

In what's the latest evolution of threat actors abusing legitimate infrastructure for nefarious ends, new findings show that nation-state hacking groups have entered the fray in leveraging the social platform for targeting critical infrastructure.

Discord, in recent years, has become a lucrative target, acting as a fertile ground for hosting malware using its content delivery network (CDN) as

Nation-state hackers are turning to Discord! Discover how they're using this social platform for potential cyber-espionage.

17/10/2023

Critical Vulnerabilities Uncovered in Open Source CasaOS Cloud Software
------------------------------------------------------

Two critical security flaws discovered in the open-source CasaOS personal cloud software could be successfully exploited by attackers to achieve arbitrary code ex*****on and take over susceptible systems.

The vulnerabilities, tracked as CVE-2023-37265 and CVE-2023-37266, both carry a CVSS score of 9.8 out of a maximum of 10.

Sonar security researcher Thomas Chauchefoin, who discovered the bugs,

Two major vulnerabilities in open-source CasaOS personal cloud software could allow attackers to gain full control of your system.

17/10/2023

Webinar: Locking Down Financial and Accounting Data — Best Data Security Strategies
------------------------------------------------------

Financial data is much more than just a collection of numbers; it is a crucial component of any business and a prime target for cybercriminals. It's important to understand that financial records can be a veritable treasure trove for digital pirates.

A security breach not only puts customers' personal information in jeopardy but also enables fraudsters to drain company funds and exploit clients.

inancial data is more than numbers; it's the lifeblood of your business. Learn how to shield it from cyber threats in our upcoming webinar. Don't miss

17/10/2023

Exploring the Realm of Malicious Generative AI: A New Digital Security Challenge
------------------------------------------------------

Recently, the cybersecurity landscape has been confronted with a daunting new reality – the rise of malicious Generative AI, like FraudGPT and WormGPT. These rogue creations, lurking in the dark corners of the internet, pose a distinctive threat to the world of digital security. In this article, we will look at the nature of Generative AI fraud, analyze the messaging surrounding these creations,

The cybersecurity world faces a new threat: malicious Generative AI, including FraudGPT & WormGPT. How do they impact our digital safety?

17/10/2023

Experts Warn of Severe Flaws Affecting Milesight Routers and Titan SFTP Servers
------------------------------------------------------

A severity flaw impacting industrial cellular routers from Milesight may have been actively exploited in real-world attacks, new findings from VulnCheck reveal.

Tracked as CVE-2023-43261 (CVSS score: 7.5), the vulnerability has been described as a case of information disclosure that affects UR5X, UR32L, UR32, UR35, and UR41 routers before version 35.3.0.7 that could enable attackers to access

Milesight's industrial routers risk unauthorized web interface access, while Titan MFT and Titan SFTP servers face remote

17/10/2023

CERT-UA Reports: 11 Ukrainian Telecom Providers Hit by Cyberattacks
------------------------------------------------------

The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed that threat actors "interfered" with at least 11 telecommunication service providers in the country between May and September 2023.

The agency is tracking the activity under the name UAC-0165, stating the intrusions led to service interruptions for customers.

The starting point of the attacks is a reconnaissance phase in

Ukraine's CERT-UA discovered threat actors targeting 11 telecom providers between May and September 2023. The attacks caused service interruptions.

17/10/2023

Warning: Unpatched Cisco Zero-Day Vulnerability Actively Targeted in the Wild
------------------------------------------------------

Cisco has warned of a critical, unpatched security flaw impacting IOS XE software that’s under active exploitation in the wild.

Rooted in the web UI feature, the zero-day vulnerability is assigned as CVE-2023-20198 and has been assigned the maximum severity rating of 10.0 on the CVSS scoring system.

It’s worth pointing out that the shortcoming only affects enterprise networking gear that have

Cisco alerts about a critical unpatched zero-day security vulnerability in its IOS XE software that's under active exploitation.

16/10/2023

Fraudsters target Booking.com customers claiming hotel stay could be cancelled
------------------------------------------------------

One of the world's largest online travel agencies, Booking.com, is being used by fraudsters to trick hotel guests into handing over their payment card details.

How do I know? The fraudsters tried the trick with me.

One of the world's largest online travel agencies, Booking.com, is being used by fraudsters to trick hotel guests into handing over their payment card details. How do I know? The fraudsters tried the…

16/10/2023

Israelis told to secure their home security cameras against hackers
------------------------------------------------------

The Government of Israel has told the owners of private home security cameras to urgently secure them against being hacked, in the wake of a dramatic heightening of the conflict between Israel and Hamas.

The Government of Israel has told the owners of private home security cameras to urgently secure them against being hacked, in the wake of a dramatic heightening of the conflict between Israel and…

16/10/2023

Pro-Russian Hackers Exploiting Recent WinRAR Vulnerability in New Campaign
------------------------------------------------------

Pro-Russian hacking groups have exploited a recently disclosed security vulnerability in the WinRAR archiving utility as part of a phishing campaign designed to harvest credentials from compromised systems.

"The attack involves the use of malicious archive files that exploit the recently discovered vulnerability affecting the WinRAR compression software versions prior to 6.23 and traced as

WinRAR users, be alert! Pro-Russian hackers exploited a recent vulnerability in the software. Ensure your version is updated!

16/10/2023

SpyNote: Beware of This Android Trojan that Records Audio and Phone Calls
------------------------------------------------------

The Android banking trojan known as SpyNote has been dissected to reveal its diverse information-gathering features.

Typically spread via SMS phishing campaigns, attack chains involving the spyware trick potential victims into installing the app by clicking on the embedded link, according to F-Secure.

Besides requesting invasive permissions to access call logs, camera, SMS messages, and external

Discover the dangerous capabilities of SpyNote, an Android banking trojan. It records audio, logs keystrokes, SMS messages, and captures screenshots.

16/10/2023

Signal debunks online rumours of zero-day security vulnerability
------------------------------------------------------

Over the weekend rumours circulated on social networks of an unpatched security hole in the Signal messaging app that could allow a remote hacker to seize control of your smartphone.

But were they true?

Read more in my article on the Hot for Security blog.

Over the weekend rumours circulated on social networks of an unpatched security hole in the Signal messaging app that could allow a remote hacker to seize control of your smartphone.

16/10/2023

The Fast Evolution of SaaS Security from 2020 to 2024 (Told Through Video)
------------------------------------------------------

SaaS Security’s roots are in configuration management. An astounding 35% of all security breaches begin with security settings that were misconfigured. In the past 3 years, the initial access vectors to SaaS data have widened beyond misconfiguration management. “SaaS Security on Tap” is a new video series that takes place in Eliana V's bar making sure that the only thing that leaks is beer (

SaaS Security breaches often stem from misconfigured settings. Learn how 'SaaS Security on Tap' video series tackles the key concepts.

16/10/2023

Signal Debunks Zero-Day Vulnerability Reports, Finds No Evidence
------------------------------------------------------

Encrypted messaging app Signal has pushed back against "viral reports" of an alleged zero-day flaw in its software, stating it found no evidence to support the claim.

"After responsible investigation *we have no evidence that suggests this vulnerability is real* nor has any additional info been shared via our official reporting channels," it said in a series of messages posted in X (formerly

🔒 Signal refutes viral reports of a zero-day flaw in its encrypted messaging app. Extensive investigation found no evidence to support the claim.

16/10/2023

Binance's Smart Chain Exploited in New 'EtherHiding' Malware Campaign
------------------------------------------------------

Threat actors have been observed serving malicious code by utilizing Binance's Smart Chain (BSC) contracts in what has been described as the "next level of bulletproof hosting."

The campaign, detected two months ago, has been codenamed EtherHiding by Guardio Labs.

The novel twist marks the latest iteration in an ongoing campaign that leverages compromised WordPress sites to serve unsuspecting

Malicious actors are using Binance's Smart Chain (BSC) contracts to host malicious code and serve it on compromised WordPress

14/10/2023

Microsoft to Phase Out NTLM in Favor of Kerberos for Stronger Authentication
------------------------------------------------------

Microsoft has announced that it plans to eliminate NT LAN Manager (NTLM) in Windows 11 in the future, as it pivots to alternative methods for authentication and bolster security.

"The focus is on strengthening the Kerberos authentication protocol, which has been the default since 2000, and reducing reliance on NT LAN Manager (NTLM)," the tech giant said. "New features for Windows 11 include

Microsoft plans to phase out the '90s NT LAN Manager (NTLM) in favor of a stronger focus on Kerberos for authentication in Windows 11.

13/10/2023

New PEAPOD Cyberattack Campaign Targeting Women Political Leaders
------------------------------------------------------

European Union military personnel and political leaders working on gender equality initiatives have emerged as the target of a new campaign that delivers an updated version of RomCom RAT called PEAPOD.

Cybersecurity firm Trend Micro attributed the attacks to a threat actor it tracks under the name Void Rabisu, which is also known as Storm-0978, Tropical Scorpius, and UNC2596, and is also

A new cyber campaign targets EU military & political leaders focusing on gender equality. The cyber collective behind it blurs lines between financial