More than 900 of almost 2,300 official government email addresses belonging to politicians of Great Britain, France, and European Parliament have been exposed on the dark web, mostly impacting British senior government and opposition members, whose email addresses appeared over 2,100 times, SecurityWeek reports.
Georgia resident Malachi Mullings has been sentenced to a decade-long imprisonment for his involvement in business email compromise and romance scams, reports The Record, a news site by cybersecurity firm Recorded Future.
Attacks leveraging Microsoft Exchange Server vulnerabilities to facilitate keylogger malware deployment have been launched against more than 30 government, financial, education, and IT organizations in Africa and the Middle East since 2021, reports The Hacker News.
Most everyone uses email and critical infrastructure sectors are high-profit industries that deploy legacy technology easy to exploit, so attackers take advantage of the easy access via email to make hefty profits.
SecurityWeek reports that Google has noted that the preventable cyberattack aimed at U.S. government emails that the Cyber Safety Review Board attributed to Microsoft's significant security failings was indicative of the "monoculture" security risks, which should be mitigated by implementing a multi-vendor strategy in addition to the advancement of open standards for interoperability.
Cofense, a phishing detection and response solutions firm, released a report providing information on a sophisticated phishing campaign targeting business accounts in Meta platforms, reports SiliconAngle.
The U.S. House Committee on Homeland Security invited Brad Smith, Microsoft’s top lawyer, to attend a proposed hearing on May 22 to discuss the use of the company’s email software that led to emails of U.S. government officials being obtained by hackers, according to CNBC.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
