News

The Register on MSN1d
Google's email spoofed by cunning phisherfolk who re-used DKIM creds
PLUS: Malware developers adopt Node.js; US disinformation warriors disbanded; Gig worker accounts for sale; and more Infosec ...
Fake Google Security Alert Hides a Phishing Scam
A developer reported the scam after noticing a slight discrepancy in the email address. The scam passed Google’s own DKIM ...
WinBuzzer1d
Google Email Systems Spoofed by Phishing Campaign Reusing Valid DKIM Signatures
Attackers have successfully impersonated Google by exploiting DKIM replay, using valid signatures on fake subpoena emails ...
Popular AI program spoofed in phishing campaign spawning fake Microsoft Sharepoint logins
Cybersecurity researchers Abnormal spotted the attacks in the wild, and described the phishing flow as “so polished it feels legitimate at every step.” The attack starts with ...
Phishers abuse Google OAuth to spoof Google in DKIM replay attack
In a rather clever attack, hackers leveraged a weakness that allowed them to send a fake email that seemed delivered from ...