Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Intruders in your email inbox
Email as a primary attack vector

Automated email inbox rules are a useful and familiar feature of most email programs. They help manage your inbox and the daily flood of wanted and unwanted messages by allowing you to move emails to specific folders, forward them to colleagues when you're away, or delete them automatically. However, once an account has been compromised, attackers can abuse inbox rules to disguise further attacks, for example by secretly exfiltrating information from the network via forwarding, ensuring that the victim does not see security warnings, and deleting certain messages. E-mail…

Read more

Log4j alarm: Mandiant provides tools 

The BSI has issued the highest warning level for the security hole discovered a few days ago in the widely used Java library log4j. Mandiant provides free tools for creating rules for the systematic search for deserialization exploits. Mandiant released free tools on GitHub today that companies can use to create rules for systematically searching for deserialization exploits and other types of zero-day exploits. This also includes rules for finding the JNDI Code Injection Zero-Day, which was published for log4j last week. Rules Against Deserialization Exploits In a new blog post, Mandiant describes ...

Read more