Cyber adversaries’ ways of intruding into private networks only seem to be evolving. The best way to stay ahead of them is to invest time and resources in acquiring the right cybersecurity tools. Here are this week’s top cyber news headlines to help the pursuit of creating safe cyberspace for all.
Malicious actors reportedly attacked the Federal Bureau of Investigation (FBI) mail system Saturday (November 13, 2021) morning, ostensibly as a DHS warning of a cyberattack. The FBI confirmed that attackers compromised its mail servers and sent out bogus messages. Despite spending millions to ensure cybersecurity, the FBI’s network has been compromised. The attackers could have used the emails for spear phishing and ransomware attacks but instead outlined how recipients avoid cybercrimes. They used a compromised server to send spam, warning that someone could steal their data.
Threat actors continue to launch cyber attacks on organizations around the world. This week’s headlines cover some of these, among other cyber news.
Pakistan-based threat actors running the GravityRAT remote access trojan have recently developed a chat application called SoSafe chat which spreads malware under the disguise of a ‘safe messaging platform.’ Cybersecurity experts say that the malware is currently targeting high-profile individuals from India. Although the download link and registration for this malicious site remain un-operational, it is very much online.
Cyber threats of various kinds are rising, but as businesses and individuals become aware of the lurking dangers, cybercriminals are coming up with increasingly sophisticated methods. In a recent cyber attack, threat actors accessed customer support systems and stole data, including names and emails of 2 million Robinhood customers. After the attack on Robinhood Markets was discovered, the platform admitted that the attacker stole the client data by tricking a customer support employee.
Maintaining email security remains a challenge, especially when threat actors are so particular about sustaining their malicious activities despite law enforcement penalizing them. Here are the latest cyber headlines this week to guide you through the never-ending hunt for cyber offenders.
I’m here to provide you a quick but thorough overview of the tenant migration process, and hopefully this will answer the majority of your questions.
The core issue is that the same domain name cannot exist really in two different accounts at the same time. The examples we have on the screen, Microsoft or Google Workplace are just two of those examples, but you can use this on any hosted email system that doesn’t allow you to have multiple domains attached to multiple accounts.
While cyber adversaries aspire to rob netizens of their credentials and monetary assets, much progress is also occurring in the cybersecurity realm. This week’s headlines highlight some significant cybersecurity measures that organizations are adopting to tackle the menace of cyber attacks.
Email masking is a technique that alters an email address to protect the actual email from misuse. Email masking can help protect an organization’s email address and that of thousands of its customers. A masked email address retains its original format and cannot be traced back to the actual address.
The bygone week has been eventful in the cybersecurity realm. Here are the major cyber updates from across the globe
BillQuick Web Suite is a popular US-based billing system developed by BQE Software and has over 400,000 users globally. Unfortunately, it was targeted by a critical SQL injection bug recently deployed by an unidentified ransomware group. The vulnerability has been dubbed CVE-2021-42258 and allows adversaries to gain initial access to customers’ BillQuick data and infect the windows server with malicious commands. All the adversaries need to do is make login requests using invalid characters.
Autodiscover, a Microsoft Exchange protocol, now has a vulnerability that miscreants can exploit, according to a security firm that discovered the loophole as part of their email security research efforts. If anyone uses the vulnerability, they can access sensitive credentials from the Exchange-connected client, in a threat akin to spear phishing. These sensitive credentials are Windows domain credentials that can authenticate Exchange servers. And malicious actors using the vulnerability for their nefarious activities can be a nightmare to any organization.
The pandemic has fueled the use of online applications and services. And even malicious actors are well aware of it, who continue to launch cyberattacks to rob you of your information or monetary assets. This week’s headlines cover how a group of cyber adversaries conned people over a dating app in South Africa, among other significant cyber developments worldwide.
While website security tools secure the data that passes from server to browser, email security tools prevent unauthorized access to email accounts, content, and communications. In general, the safety of email servers tends to be limited to problems with messaging and the application of security measures that have more to do with anti-virus and anti-spam protection. If a business is dependent solely on a platform such as Gmail or MS Outlook, it does not need to focus on protecting email servers. However, when one decides to implement and maintain a dedicated email server, one must employ spam protection, phishing protection, ransomware protection, and other advanced safeguards against email threats.
Cybersecurity is an important aspect determining the smooth functioning of an organization. The following headlines from the bygone week indicate just how essential adopting cybersecurity tools are
Email is the most effective digital communication tool, and valid email addresses are paramount for email marketing. Roughly 320 billion emails are sent every day, but many emails land in the wrong inboxes due to incorrect email addresses. Some emails are not delivered because a false email address is provided while subscribing. This unintentional error makes it difficult for email marketers to reach those customers. The number of email users is set to grow to 4.6 billion by 2025. However, despite the high number of email users, reaching inboxes has become more complicated than before. In such a scenario, email validation is the key to a higher degree of email engagement.
This week’s cybersecurity headlines have had significant updates related to recent acquisitions, patches, and adversary actions. Here are the most important of those cyber news headlines:
In an abundance of caution, Apache has released patches for two cybersecurity vulnerabilities in its HTTP server. Adversaries actively exploited the vulnerabilities related to path traversal and file disclosure until 29th September, when Apache discovered the same in Apache HTTP Server 2.4.49.
Email marketing is an essential tool utilized for online marketing. Several small businesses have agreed that email marketing is one of the best ways to expand a business. However, the average click rates have recently decreased. It means that while email marketing can lead to an increase in gaining customers, maintaining and managing customers can be one of the biggest challenges for MSP due to a rise in competition. Thus, MSPs must procure the services that best enhance their needs and preserve the managed services definition. The most important purposes for email marketing involve nurturing new leads, reconnecting with old leads, and strengthening bonds with existing customers. And with the advancement of technologies, there is a high risk of being vulnerable to cyber theft and other cybercrimes. Hence, it becomes essential for the MSPs to couple their email marketing strategy with email security to meet these requirements.
Email is one of the most used forms of communication. There are around 4 billion email users worldwide, and the number of emails sent and received per day is estimated to increase to about 376 billion in 2025 (from about 306 billion in 2020). With over 4.5 billion users expected to use email in 2025, it wouldn’t be wrong to say that emails have fundamentally transformed how digital communication is carried out, whether for business, marketing, or some other purpose. However, it is also the same channel that is responsible for a majority of phishing attempts globally. Email security and phishing protection are major focal points for IT Security services and global tech giants alike.
The cyber-world is full of twists and turns, with both the cybersecurity expert and the threat actor trying to stay a step ahead of each other at all times. This week’s cyber news headlines capture some of these moves of cybersecurity experts and adversaries.
Today, sophisticated phishing attacks, such as those leading to ransomware and BEC (Business Email Compromise) incidents, can easily bypass traditional security setups. Emails are a common entry point for cyberattacks. And the overwhelming number of cyber-attacks on emails of employees and business executives has made email security an important issue for organizations.
Security experts must approach email phishing protection in the same way they secure other traditional content repositories. Email service providers and anti-phishing services must prioritize giving their customers a detailed overview to help security teams improve their actions. If a malicious actor breaks into an email account, security teams may not know how they accessed individual messages.
As the scope of digitization is rising, so are the cyber threats associated with it. This has essentially given threat actors a goldmine wherein users’ details such as their names, addresses, social security numbers, etc., and other critical data, including financial details, is the metaphorical gold for them of which they can’t seem to have enough. This week’s headlines discuss these cyber threats that have affected people worldwide.