Outlook Email Authentication Bypass: Display Name Obfuscation
Original Source: GitLab Repository The Vulnerability The issue lies in the “display name” of an email’s “From” header in Outlook. It appears that this display name can be manipulated to…
Original Source: GitLab Repository The Vulnerability The issue lies in the “display name” of an email’s “From” header in Outlook. It appears that this display name can be manipulated to…
APT32, also known as OceanLotus Group, is a Vietnam-based threat group that has been active since at least 2014. This group is known for its sophisticated attacks on several private…
The UK Further and Higher Education sectors are increasingly becoming targets for cyber-attacks. These attacks range from opportunistic ransomware operations to more sophisticated Advanced Persistent Threat (APT) groups. This report…
Insider threats are a significant cybersecurity risk that originates from within an organisation. These threats can come from current or former employees, contractors, or anyone else with intimate knowledge of…
APT30, also known as APT-C-30, is a China-based cyber espionage group that has been active since at least 2005. The group has targeted multiple industries, including the aerospace, government, defense,…
In a recent series of campaigns identified by Proofpoint, university students have been targeted with fraudulent job offers purportedly related to bioscience and health entities. These campaigns, which began as…
"Welcome to New York: Exploring TA453's Foray into LNKs and Mac Malware" published by Proofpoint discusses the evolving tactics of TA453, also known as Charming Kitten, APT42, Mint Sandstorm, and…
Ashley Liles, a 28-year-old former IT security analyst from Letchworth Garden City in Hertfordshire, has been convicted of blackmail and unauthorized access to a computer with intent to commit other…
Black Basta is a Russian-speaking group that was first spotted in early 2022. It is known for its double extortion attack, where it not only executes ransomware but also exfiltrates…
In July 2020, a significant cybersecurity incident affected Twitter, one of the world’s largest social media platforms, resulting in a widespread Bitcoin scam. The attack targeted high-profile accounts and raised…