Email security

Proofpoint researcher tells SC Media campaign targeted — fewer than 10 individuals who received spearphishing emails from TA453, aka "Charming Kitten."

Increasingly prevalent phishing attacks have prompted app security firm ImmuniWeb to update its free Community Edition to include a new email security test, SiliconAngle reports.

U.S.- and India-based organizations have been targeted by the new MULTI#STORM phishing campaign that involved a multi-stage attack chain concluding with the deployment of Warzone RAT, also known as Ave Maria, Quasar RAT, and various other remote access trojan backdoors, The Hacker News reports.

Several government entities and a military aviation organization in Ukraine had their email servers targeted by the Russian state-sponsored hacking operation APT28, also known as Fancy Bear and BlueDelta, in a new spear-phishing campaign that began in November 2021, according to The Record, a news site by cybersecurity firm Recorded Future.

Microsoft has disclosed that its Outlook web portal, OneDrive, and Azure Portal had been disrupted between June 7 and 9 as a result of Layer 7 distributed denial-of-service attacks deployed by hacktivist threat operation Anonymous Sudan, also known as Storm-1359, reports BleepingComputer.

SiliconAngle reports that generative artificial intelligence platforms ChatGPT and Google Bard have been increasingly used in facilitating more potent email attacks.

Mandiant, which led the incident response investigation, expressed a "high degree of confidence" that a threat group linked to China is using the zero-day to target and exfiltrate email data from government officials and academics working on topics of interest to Beijing.