How to stop exploitation of CVE-2024-49040
The patch that fixes CVE-2024-49040 in Microsoft Exchange is temporarily unavailable. We’ve implemented heuristics that detect attempts to exploit it.
28 articles
The patch that fixes CVE-2024-49040 in Microsoft Exchange is temporarily unavailable. We’ve implemented heuristics that detect attempts to exploit it.
This phishing campaign incorporates ghost spoofing, embedded text in images, a PDF file, a QR code, DocuSign imitation, and Cloudflare verification — yet it still completely misses the mark.
We’ve discovered a new Trojan that’s very selective about its victims.
Telegram bot sells subscriptions to phishing tools to hack Microsoft 365 accounts, including 2FA bypass.
Cybercriminals are using genuine Facebook infrastructure to send phishing emails threatening to block accounts.
Cybercriminals prey on corporate credentials by sending phishing links through Dropbox after priming the victim.
By hijacking domains with CNAME records and exploiting forgotten SPF records, attackers seize domains and use them for their own purposes.
Got a message from your boss or coworker asking you to “fix a problem” in an unexpected way? Beware of scammers! How to protect yourself and your company against a potential attack.
Why cybercriminals want to attack PR and marketing staff and, crucially, how to protect your company from financial and reputational harm.
Examples of how QR codes in emails are used for phishing.
Scammers want to steal your passwords and financial data with fake websites. But where do they host them, and how to spot a fake?
Fake websites and email addresses are often used in phishing and targeted attacks. How do fake domains get created, and how to spot one?
Cybercriminals have adopted the marketing tool for information collection.
A detailed look at a phishing site masquerading as an e-mail scanner and its attempts to snag victims.
We explain what file types cybercriminals most often use to hide malware, and how to avoid getting infected.
Here’s how scammers try to phish for verification codes — and what may happen if you send them one.
Have you ever received a letter from a Nigerian prince? A Nigerian astronaut? How about Daenerys Targaryen? If so, you know that we are talking about funny Nigerian spam — and this post covers it all!
Aleks Gostev of Kaspersky Lab’s GReAT discusses the WhatApp move towards encryption and how email needs to be next in adopting end-to-end encryption