News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

ZeroFont phishing: Emails with text in 0 point font size
B2B Cyber ​​Security ShortNews

Hackers use the ZeroFont phishing trick: using 0-point size fonts in emails to make malicious emails appear as if they were securely scanned by security tools in Microsoft Outlook. Phishing emails that contain fonts with a size of 0 point are not entirely new. While the so-called ZeroFont phishing technique has been used in the past, this is the first time it has been documented in this way. ISC Sans analyst Jan Kopriva warns that this trick could make a massive difference in the effectiveness of phishing operations and users…

Read more

E-mail attacks: HTML attachments most dangerous
E-mail attacks: HTML attachments most dangerous

HTML attachments are still the most dangerous file type in email attacks. As a result, attackers are relying more on HTML attachments: their share has doubled in a year, according to Barracuda Networks. Hypertext Markup Language – HTML for short – is used to create and structure content presented online. This often happens in e-mail communication as well. But one can assume that practical, well thought-out technologies are usually also very popular with criminals. And in fact, HTML is an overly welcome attack tool in phishing, for example to disguise the theft of login data. Even more:…

Read more

New corporate email phishing tactics

Cyber ​​criminals are constantly introducing new techniques and tactics in their phishing attacks to fool victims and bypass security measures. Barracuda has identified three new phishing tactics used by cybercriminals: Google Translate phishing, image phishing, and special character attacks. After analyzing data on phishing emails in January 2023, Barracuda security researchers have identified three new phishing tactics being used by cybercriminals: attacks that abuse Google Translate links, attacks with image attachments, and attacks using special characters. Safety instructions from Dr. Klaus Gheri, Vice President & General Manager Network Security at Barracuda Networks. New phishing emails still rare, but sophisticated Also...

Read more

New AI/ML powered threat protection platform
New AI/ML powered threat protection platform

Proofpoint is bringing a number of new capabilities to its Aegis Threat Protection, Identity Threat Defense, and Sigma Information Protection platforms. These enable organizations to stop malicious email attacks, detect and prevent identity-based threats, and protect sensitive data from theft, loss, and insider threats. The new innovations from Proofpoint also complement the range of the newly founded Identity Threat Defense (formerly Illusive) business unit, in order to flexibly complement and protect productivity solutions such as Microsoft 365 in particular. Aegis Threat Protection Platform The Proofpoint Aegis Threat Protection Platform is an AI/ML-powered threat protection platform that combines modern...

Read more

AI Report: Dreamteam ChatGPT and Cybersecurity
AI Report: Dreamteam ChatGPT and Cybersecurity

The ChatGPT AI model can more easily filter malicious activity in XDR telemetry, improve spam filters, and simplify analysis of "Living Off the Land Binaries" -- "LOLBins" for short. Sophos has recently published this in a new report. The topic is the GPT-3 language model, which is behind the well-known ChatGPT framework, and how the cybersecurity industry can use the model to defend against attackers. The current report "GPT for You and Me: Applying AI Language Processing to Cyber ​​Defenses" describes projects developed by Sophos X-Ops that use the extensive language models of GPT-3. The goal is…

Read more

Report 2023: Massive email attacks
Report 2023: Massive email attacks

The Email Security Trends Report 2023 shows that attacks in the DACH region are above average at 81 percent. The greatest impact of successful attacks was the loss of sensitive, confidential or business-critical data. The follow-up costs of a cyber attack via e-mail can be extremely expensive for companies and on average well exceed one million dollars. This is shown by an international study commissioned by cloud security specialist Barracuda Networks and now published in its “Email Security Trends 2023” report. 75 percent of businesses worldwide have been the victim of at least one successful email attack in the last 12 months.

Read more

Is ChatGPT changing the future of IT security?
Is ChatGPT changing the future of IT security?

Open AI's ChatGPT software is making waves. With the help of AI, the chatbot answers a wide variety of questions very eloquently. So it should come as no surprise that, as is always the case with new technologies, criminals are already thinking about how to use these capabilities for their own ends. A joint study by Europol, Unicri and Trend Micro investigated this. According to these results, even better generated social engineering tools such as phishing or BEC could be considered for the Open AI software. Currently, other security researchers have also examined fraudulent emails generated with the currently hyped AI, and…

Read more

Spam wave: Fake Turkey and Syria appeals for donations
Bitdefender_News

While there is a large participation and many aid campaigns for the earthquake victims in Turkey and Syria worldwide, cyber gangsters try to steal the money with fake appeals for donations. This is how private individuals and companies recognize the scammers. As Bitdefender reports, cybercriminal free riders are trying to quickly capitalize on the earthquake disaster in Turkey and Syria. The Antispam Lab has discovered scam emails in which a supposed Ukrainian charity is asking for donations. Fake fundraisers The alleged Vladimir Foundation is currently spreading its fraudulent fundraisers in South Korea (49%), Vietnam (19%), the USA and India (7% each), Denmark (3%), Ireland...

Read more

Cyber ​​Threats: The Top 5 for SMBs
Cyber ​​Threats: The Top 5 for SMBs

Unlicensed software, phishing, DDoS attacks or careless employees - small and medium-sized enterprises (SMEs) will be confronted with a multitude of cyber threats in 2023. Kaspersky experts have analyzed the top threats for SMEs in the new year and provide protection recommendations. Half of the small and medium-sized companies in Germany were confronted with cyber attacks over the past year. Based on developments within the threat landscape in 2022, Kaspersky cybersecurity experts have identified risks and vulnerabilities that SMEs should be aware of this year: 1. Data leaks by employees While it has…

Read more

Germany affected: espionage with stealer agent Tesla
Kaspersky_news

As Kaspersky has noted, there is a recent campaign by cybercriminals using malware stealer Agent Tesla for espionage. The malware is distributed via well-crafted spam emails. Almost 15.000 users in Germany are already affected. Kaspersky experts have discovered a spam email campaign targeting companies worldwide using the notorious stealer Agent Tesla. For the spam campaign, the cyber criminals imitated e-mails from providers or contractors in detail in order to obtain the login data of the organizations concerned - the cyber criminals only revealed the wrong sender address. These credentials are shared on Darkweb forums...

Read more