Facebook announced on Wednesday the introduction of a new security feature designed to help users check if the emails they receive are legitimate or if they have been sent by cybercriminals. When it detects a suspicious login attempt or a password change, Facebook notifies users by sending them an email from the Facebookmail.com domain. Cybercriminals…

Fox-IT, the Netherlands-based cybersecurity firm owned by NCC Group, revealed on Thursday that it had been the victim of a man-in-the-middle (MitM) attack made possible by DNS records getting changed at its third-party domain registrar. The incident took place back in September and Fox-IT decided to disclose it now after conducting a detailed analysis. A…

A new phishing campaign has been spotted hitting LinkedIn users via direct messages and the LinkedIn InMail feature. They are sent from legitimate LinkedIn Premium accounts that have been hijacked by the phishers, thus increasing the likelihood that recipients will trust the message and click on the link. The messages/emails say that the sender has…

Britain’s parliament shut down external access to e-mail accounts on Saturday following a cyberattack. Parliamentary authorities described the attack as “sustained and determined”, in an email sent to lawmakers and published by the Daily Telegraph. “Earlier this morning we discovered unusual activity and evidence of an attempted cyberattack on our computer network,” it read. “Closer…

The vast majority (82 percent) of users open email attachments if they appear to be from a known contact, despite the prevalence of well-known sophisticated social engineering attacks, according to Glasswall. Of these respondents, 44 percent open these email attachments consistently every time they receive one, leaving organizations vulnerable to data breaches sourced to malicious…

Just as it is the default tool for most businesses, email’s capacity for rapid, mass communication has made it a favourite instrument of criminals. As a result, malicious emails have become a common occurrence in most consumer and business inboxes. Although chances are that most people will correctly identify the most common malicious emails as…

The developers of PHPMailer have patched a critical vulnerability that can be exploited by a remote attacker for arbitrary code execution, a researcher said on Sunday. With millions of installations, PHPMailer is considered the world’s most popular email creation and transfer class for PHP. It has been used by several major open-source projects, including WordPress,…

A flaw in Office 365 could have been exploited by attackers to send out malicious emails and make them look as if they were coming from a legitimate microsoft.com address. The issue was discovered by Utku Sen, a Turkey-based security enthusiast known for releasing an open source ransomware called Hidden Tear for educational purposes.

Yahoo said investigators were looking into the possibility that some people within the company knew at the time about the late 2014 theft of information of at least 500 million user accounts. Law enforcement authorities on Monday also “began sharing certain data that they indicated was provided by a hacker who claimed the information was…