Email security

PayPal settles for $2 million with New York State DFS over 2022 breach of customer accounts. (Adobe Stock)

Email security

PayPal email scam exploits address settings to trick users

SC StaffFebruary 26, 2025

The scam emails were found to originate from a legitimate PayPal address.

Phishing

Asia-Pacific subjected to FatalRAT phishing campaign

SC StaffFebruary 26, 2025

Suspected Chinese-speaking threat actors distributed malicious emails with a ZIP archive.

Premium Microsoft 365 apps are seen on an iPhone, including Word, Excel, PowerPoint, Teams, Outlook, OneNote, SharePoint, and OneDrive.

Identity

Botnet of 130,000 compromised devices targets Microsoft 365 accounts

Steve ZurierFebruary 24, 2025

Attackers target password spraying attacks on Microsoft 365 accounts to run account takeovers.

An awareness sign in the laptop's email inbox informs of phishing attempts and the necessity for awareness.

Email security

Nearly $500K pilfered from NioCorp following BEC attack

SC StaffFebruary 21, 2025

Infiltration of the company's information systems, including its email platform, enabled the misdirection of vendor payments, said NioCorp in a filing with the Securities and Exchange Commission.

AI/ML

How malicious AI powers the latest surge of advanced email threats

Mike Britton February 21, 2025

Here are five other trends in addition to AI undermining email security.

Zero Trust World

Hacktivists, delusions and unwanted emails: Zero Trust World 2025

Paul WagenseilFebruary 20, 2025

The first day of ThreatLocker's annual conference featured controversial opinions and tales from the dark side of the web.

North Korea flag is depicted on the screen with the program code. The concept of modern technology and site development

Threat Intelligence

Ongoing Kimsuky attack campaign exploits PowerShell, Dropbox

SC StaffFebruary 14, 2025

Kimsuky — also known as APT43, Black Banshee, TA427, and Velvet Chollima — commences intrusions with the distribution of phishing emails with a ZIP archive attachment containing an LNK file seemingly spoofing legitimate documents.

Fast Five

Selected by the SC Media Editorial team every Tuesday.

Sign up now for the top five issues cybersecurity pros need to know this week.