Email security

The Hacker News reports that threat actors could exploit a path traversal vulnerability in RarLab's UnRAR utility to facilitate arbitrary code execution and compromise Zimbra webmail servers.

After about a year of silence, a new variant of Bahamut malware was spotted in the wild targeting Android mobile devices in the Middle East and South Asia, Cyble researchers reported.

Security researchers say the new awareness training game, combined with AI-powered behavioral learning, can help companies mitigate cyberthreats.

Affiliates of the LockBit ransomware operation have been leveraging fake copyright violation claims as phishing lures to facilitate malware spread.

Malware sent to emails surged by 196% between 2020 and 2021, accounting for 74.1% of all threats averted by Trend Micro last year.

Researchers identified a credential-phishing attack that spoofs MetaMask, one of the most widely used crypto applications that lets users store and swap cryptocurrencies, interact with blockchain, and host dApps, which are built on a decentralized network supported by a blockchain distributed ledger.

BleepingComputer reports that the Europol, in coordination with the Belgian and Dutch Police, has successfully disrupted a phishing group behind the theft of several millions of euros following the arrests of nine suspects in the Netherlands, from whom cash, cryptocurrency, electronic devices, jewelry, and firearms and ammunition have been seized.

A new Emotet malware has led to a nine-fold increase in the use of Microsoft Excel macros compared with what security experts found in the fourth quarter of 2021.