Weekly Email Security News Recap #4 [August 2022]

Any company’s face and reputation mirror its security and reliability, and email—the number one communication tool for big enterprises—should be as far away from spam, phishing, and ransomware as possible.

But nowadays, there’s big email security breach news or email hack news at least once a week.

For instance, a ransomware attack has disrupted operations this week at one of the largest hospitals in the Isle of France.

Then there was Plex’s (a popular streaming-media service) data breach on Wednesday, where the hacker was able to compromise private data, like usernames and passwords.

Read on for more of the latest cybersecurity news and email security breach news.

Apple Releases iOS, iPadOS and macOS Security Fixes for Two Zero-Days Under Attack

On Wednesday, Apple released software updates for iPhones, iPads and Macs, fixing two security weaknesses that attackers are known for using.

The vulnerabilities were found in WebKit, the browser engine that powers Safari, assorted apps, and the kernel—the operating system’s base.

MacOS Monterey, iOS and iPadOS were affected by these two flaws, which are believed to be connected.

According to Apple, the WebKit bug could be utilized if a vulnerable device accessed malicious web content that may direct to random code implementation.

Meanwhile, the second bug can allow a malicious application to run arbitrary code with kernel privileges, which could lead to full access to the device. 

Apple stated the affected devices include:

  • iPhone 6S models 
  • iPad Air 2
  • iPad 5th generation
  • iPad Mini 4 
  • iPod Touch (7th generation)
  • All iPad Pro models

Apple is yet to respond with a comment about the situation.

Chinese Adult Content and NSFW Platform Leaked 14 Million User’s Data

Chinese adult content and NSFW platform Hjedd has exposed user data since at least July this year. Anurag Sen, an independent security researcher, confirmed this information to Hackread.com.

The server is still publicly accessible with no security authentication, meaning anyone who can find unsecured databases on Shodan and other platforms can access Hjedd’s user data.

The exposed data includes:

  • Phone Numbers
  • Member Details
  • Usernames
  • Email Addresses
  • Bcrypt Hashed Passwords
  • Login IP addresses and details
  • Messages between Users

This is a confirmed list of details of over 14 million users with more than 24 GB of records.

Even worse, the database is being continuously and actively updated.

The Chinese adult content site has been alerted about the leak several times but has failed to secure its server.

The leaked data and exposed users remain vulnerable to spam marketing, phishing campaigns, identity fraud, etc.

Final Thoughts

Nowadays, many businesses ignore the significance of email security until a major security breach occurs.

Don’t wait for a business-destroying breach; ; go ahead and secure your domain today!

SPF Record Syntax: Structure and Components

SPF Record Syntax: Structure and Components

Understanding what SPF is and bringing it into use is important for technology-driven businesses...

Read More
What is a DKIM Record?

What is a DKIM Record?

What is a DKIM record? That's a question we see everywhere these days. Emails...

Read More
What is an SPF Record?

What is an SPF Record?

What if you realize a threat actor is misusing your domain name to send...

Read More