SMTP Strict Transport Security is coming to major webmail providers this year, a Google engineer said at RSA Conference
Tag Archives: email security
Google to Block .js Attachments in Gmail
Citing security concerns, Google announced that it will soon block JavaScript (.js) file attachments in Gmail.
Yahoo Mail XSS Bug Worth Another $10K to Researcher
Finnish security researcher Jouko Pynnonen found a second stored cross-site scripting vulnerability in Yahoo Mail in less than a year, both of which earned him $10,000 bug bounties.
Critical Vulnerability Patched in Roundcube Webmail
Open source webmail provider Roundcube was patched against a vulnerability that could be trivially exploited to run code on servers or access email accounts.
Yahoo Confirms 500 Million Accounts Were Hacked by 'State Sponsored' Hackers
500 million accounts — that’s half a Billion users!
That’s how many Yahoo accounts were compromised in a massive data breach dating back to 2014 by what was believed to be a “state sponsored” hacking group.
<!– adsense –>
Over a month ago, a hacker was found to be selling login information related to 200 million Yahoo accounts on the Dark Web, although Yahoo acknowledged that the breach was
Researchers Go Inside a Business Email Compromise Scam
Dell SecureWorks today published a report at Black Hat USA 2016 on a Nigerian Business Email Compromise scam called “wire-wire”, or “waya-waya.”
Threatpost News Wrap, June 24, 2016
Mike Mimoso and Chris Brook recap the news of the week, including a Bitcoin phishing campaign, the Kaspersky Lab ransomware report, misconfigured email servers, and a decline in Angler exploit kit traffic.
Email Servers For More Than Half of World’s Top Sites Can Be Spoofed
More than half of the world’s top sites suffer from misconfigured email servers, something that heightens the risk of having spoofed emails sent from their domains, researchers warn.
Google To Deprecate SSLv3, RC4 in Gmail IMAP/POP Clients
Google will next week begin a gradual deprecation of unsafe crypto protocol SSLv3 and cipher RC4 in Gmail IMAP/POP clients.
APT Groups Finding Success with Patched Microsoft Flaw
Researchers at Kaspersky Lab have identified six APT groups using exploits for a Microsoft Office flaw that was patched in September 2015.