Weekly Email Security News Recap #1 [April 2022]

If you’re following our blog, you’ll know that we’ve been doing monthly email and cybersecurity news coverages. However, we need to be quick to catch the news tide. So, starting this month, we’re moving to a weekly schedule!

These articles are bite-sized pieces to keep you on top of the cybersecurity and email security news. Read about top stories in April’s first week below.

 

DDoS Attacks on Finnish Government Sites

On April 8, Finland’s defense and foreign affairs websites were taken offline because of a DDoS attack.

The Ministry of Defense announced that they’d keep the website closed until it was under harmful traffic. Still, the same day at 2.06 pm, the official Twitter account of the Finnish government wrote about the issues being resolved.

There’s nothing specific about the threat actors, but Russian hackers are under suspicion because of some recent real-life political issues. The Kremlin may have been angered by the fact that Finland started seeking NATO membership. Although this is a speculation, a Russian aircraft breaking Finnish airspace is yet another indicator of the validity of the thought.

 

New Campaign Spoofing WhatsApp Voice-Messages

A malicious phishing campaign spreads info-stealing malware using a legitimate domain. Through this campaign, attackers impersonate WhatsApp by spoofing emails and sending voice message notifications to unsuspecting users.

The malicious campaign targets Office 365 and Google Workspace accounts, so far reaching about 27,660 mailboxes.

It basically works like this: The recipient clicks the email’s link, which redirects to a page that attempts to install a malicious obscured JavaScript code. As the malware is installed, it can steal browser credentials.

Targeted institutions include those from the education, healthcare, and retail sectors.

 

Data Breach of 8.2 million U.S. Customers via Cash App

 

A former employee accessed the account information of Cash App, causing a data breach of 8.2 million U.S. customers.

The breach occurred after the former employee downloaded internal Cash App information while no longer working at the company.

The report has customers’ full names, brokerage account numbers, and additional information like portfolio values, holdings, and trading activities limited to one day.

When the breach was first reported, it was believed not to include sensitive data like date of birth, Social Security numbers, credentials, payment information, card information, etc.

Another piece of information surfacing is that the vaulted data didn’t include any access codes or passwords for the accounts, and that the breach didn’t  affect customers outside of the U.S.

It’s not clear why the former employee had access to insider information from the company. However, Cash App commented that they’d informed authorities about the breach.

That’s it for this week! We’ll be keeping our focus on the pulse of email security latest news and bring new stories to you next week. Stay alert!

SPF Record Syntax: Structure and Components

SPF Record Syntax: Structure and Components

Understanding what SPF is and bringing it into use is important for technology-driven businesses...

Read More
What is a DKIM Record?

What is a DKIM Record?

What is a DKIM record? That's a question we see everywhere these days. Emails...

Read More
What is an SPF Record?

What is an SPF Record?

What if you realize a threat actor is misusing your domain name to send...

Read More