Email Security News, Articles and Updates

Tainted leaks technique tied, sort of, to Russia

A recent investigative study by the Citizen Lab connects Russian actors to the practice of stealing, negatively altering and then releasing documents in an effort to damage the personal reputation of government officials, candidates and journalists in dozens of countries.

Bank of France customers targeted in phishing campaign

Cyber-criminals are attempting to steal credentials from French companies and consumers, yet the campaign is falsely attributed to the Bank of France.

Cast of Game of Thrones, now with 2FA

The cast of the popular HBO series Game of Thrones is now required to use two-factor authentication to receive scripts by email.

[Updated] Nomx 'secure email server' challenged by British researchers

The CEO and CTO of nomx LLC has vigorously defended claims that his product is not secure after it was hacked by British security researchers Prof Alan Woodward and Scott Helme.

Trend Micro breaks down Pawn Storm tactics, methods and goals

An in depth look at the cyberespionage gang Pawn Storm by Trend Micro reveals an incredibly complicated and capable group that has penetrated several important political and government organization and for the most part has done so on the back of one of the most basic attack methodologies available. Phishing.

Iowa veterans warned of possible data breach

On April 21, the Iowa Veterans Home (IVH) began notifying thousands of residents, former residents and applicants that their personal information may have been compromised.

1B possibly affected by 'Ring-Road' email account protocol flaw, report

A vulnerability in email accounts that could enable hackers to determine the number of characters being used in passwords has been detected.

CREST/IISP Con: We have tools to fix it so why's the internet still broken?

Malicious hackers are taking advantage of broken internet infrastructure that could be fixed, said NCSC technical director Ian Levy in his keynote speech yesterday at CRESTCon & IISP Congress 2017.

ROKRAT using Twitter, other social media as command and control link

Security researchers at Cisco Talos explain how the ROKRAT malware is leveraging social media to hide its C&C communications in plain sight.

White House staffers targeted in email blackmail scheme from UAE

Dubai police have reportedly arrested several foreign hackers who targeted five White House staffers with an email blackmail scheme.

W-2 phishing scam scourge continues hitting Powhatan County (Va.) schools

Almost 1,000 Powhatan County (Va.) school district employees had their personal information revealed when a district employee fell for a W-2 phishing scam.

Government contractor Defense Point Security hit with W-2 scam

The cybersecurity firm Defense Point Security that holds several government contracts told its employees it was hit with a W-2 phishing scam resulting in the exposure of all the personally identifiable information.

Spam hitting Germans with personalized messages

A spam campaign that targets recipients with personalized messages is spreading in Germany, similar to a previous scourge there earlier this year and another that spread in the U.K. in April 2016.

Major spam operation suffers data leak containing 1.4 billion records

A spamming group called River City Media, led by well known spammers Alvin Slocombe and Matt Ferrisi, has had its database of 1.4 billion records leaked.

Bold phishers use Australian myGov to pull PII

Australians need be aware of a phishing campaign utilizing that nation's myGov website as the hook to have its targets unknowingly give up an absolute treasure trove of personal information.

Pence used AOL for Indiana gov't business, released emails show

Communiques on topics from an FBI update on men arrested on terrorism charges to the security gates at the governor's mansion were included in the emails released to the IndyStar in answer to a public records request.

1,000 Redmond (Ore.) school district workers affected by W-2 breach

The Redmond (Ore.) school district reported that one of its workers fell for a phishing scam and emailed the W-2 forms for all district employees to an unauthorized person.

'Data security incident' affects 36K Boeing workers

A Boeing employee seeking assistance with an Excel formatting issue emailed a spreadsheet to his spouse containing personal data of 36,000 Boeing employees.

How sweet it isn't: W-2s of 3K Amalgamated Sugar workers exposed

Nearly 3K workers at Amalgamated Sugar received notifications of an intruder accessing the company's network and their personal information being disclosed.

Award for Best Phish goes to: iTunes movie scammers

A phishing scam impersonating iTunes is attempting to trick Canadian Apple users into giving away their personally identifiable information, in order to get a refund on movies they never actually paid for.

7,700 Manatee, Fla. school workers compromised in W-2 scam

Thousands of Manatee (Fla.) County school employees had their W-2 tax form information compromised after a district employee fell for a phishing scam .

Cybercrime Blotter: 'Snowshoe spammer' faces flurry of fraud charges

Scottsdale, Arizona resident Michael Persaud has been indicted on federal fraud charges in Illinois for sending more than a million spam emails worldwide by abusing at least nine separate computer networks.

Email Privacy Act goes to the Senate after House gives nod

In a voice vote, the House approved the Email Privacy Act, sending it on to the Senate for a look-see.