Hunter Perrin · @hperrin
236 followers · 807 posts · Server port87.social

Does anyone know if is one of those extortion services that will only remove your IP from their SMTP block list if you pay them? I’ve sent them two tickets now over the past two months, and they’re still blocking emails from my servers.

#proofpoint

Last updated 1 year ago

Nemo_bis 🌈 · @nemobis
936 followers · 3800 posts · Server mamot.fr
The Network DNA · @thenetworkdna
3 followers · 60 posts · Server mastodon.world

How to Utilize Proofpoint Advanced Threat Protection (ATP) to Strengthen Your Network Security

lnkd.in/gEFFVF4w

#cyberattacks #proofpoint #atp #security #network #securityengineers #networksecurity

Last updated 2 years ago

The Network DNA · @thenetworkdna
3 followers · 60 posts · Server mastodon.world
Djoerd Hiemstra · @djoerd
601 followers · 2983 posts · Server idf.social

I most certainly did, , thanks for messing up the URLs in my email. NOT!

#proofpoint

Last updated 2 years ago

Tarnkappe.info · @tarnkappeinfo
1903 followers · 4151 posts · Server social.tchncs.de
aLFRe‍ · @aLFRe
9 followers · 432 posts · Server mastodon.social

Yrs ago F-Secure reported that threat actor designated as
was targeting military personnel, govt. officials, s and journalists from across and since 2015 Oct.via from previously compromised email accounts
Dubbed by , by and by its biggest success was a and op:a dump of former director
involved in backed campaign

#callistogroup #thinktank #europe #southcaucasus #spearphishing #seaborgium #microsoft #coldriver #google #ta446 #proofpoint #hack #leak #protonmail #mi6 #richarddearlove #brexit #leaveue

Last updated 2 years ago

Sai · @akaSAI
0 followers · 13 posts · Server infosec.exchange

" researchers uncovered on December 6th, 2022, the threat actors employed brand abuse, app and other social engineering tactics to lure users into authorizing malicious apps.

...this malicious campaign includes data exfiltration, brand abuse, and delegated permissions over compromised users’ mailboxes, calendars, and meetings.

Users and organizations should not trust based on the verified publisher status alone.

Organizations are encouraged to use solutions that can automatically detect and revoke malicious third-party OAuth apps from their environments."

The Dangerous Consequences of Actors Abusing Microsoft’s “Verified Publisher” Status

proofpoint.com/us/blog/cloud-s

#proofpoint #impersonation #oauth #apps #cloud #security #threat #threatactors #microsoft #socialengineering #verifiedpublisher #malware

Last updated 2 years ago

Hey InfoSec Mastodon. Does anyone know if Proofpoint finally supports sending aggregate (rua) reports, even if is has to be manually enabled? I'm guessing not. That would cut into their Proofpoint Email Fraud Defense (EFD) revenue.

Proofpoint proudly processes a massive amount of the world's email. By honoring DMARC without sending DMARC aggregate reports (rua), it prevents non-Proofpoint EFD customers from seeing who is impersonating them to Proofpoint customers, which is a danger to everyone, Proofpoint customer or not.

#proofpoint #infosec #dmarc #email #phishing #spoofing #proofpointefd #efd

Last updated 2 years ago

@taco Let me know what they say, if anything. proudly processes a massive amount of the world's email. By not sending DMARC aggregate reports (rua), it prevents non-Proofpoint EFD customers from seeing who is impersonating them to Proofpoint customers, which is a danger to everyone, Proofpoint customer or not.

#proofpoint

Last updated 2 years ago

Unfortunately lots of email services will honor , but won't send any reports back to domain owners. Most notabley — likely done just to force their customers to pay for their DMARC analytics service, Email Fraud Defense (). Cisco Ironport can send reports back, but an instance admin needs to enable that.

#proofpoint #efd #dmarc

Last updated 2 years ago

Redhotcyber · @redhotcyber
236 followers · 150 posts · Server mastodon.bida.im

Il framework C2 Nighthawk, potrebbe diventare una alternativa a Brute Ratel e Cobalt Strike

Gli di hanno pubblicato un rapporto sul framework C2 di . Dopo aver osservato come il framework è stato utilizzato a settembre 2022, i hanno concluso che anche ai potrebbe piacere Nighthawk.

Nighthawk è sviluppato e commercializzato dalla società europea , che offre ai propri clienti strumenti e servizi per la del degli intrusi e il test.

lnkd.in/d32t79qa

#infosecurity #privacy #CyberSecurityNews #cybersecuritytraining #CyberSecurityAwareness #cybercrime #cybersecurity #hacking #dataprotection #ethicalhacking #informationsecurity #redhotcyber #penetration #comportamento #modellazione #MDSec #criminali #ricercatori #nighthawk #proofpoint #esperti

Last updated 2 years ago

Part 1: SocGholish, a very real threat from a very fake update

"SocGholish is a malware variant which continues to thrive in the current information security landscape. By utilizing an extensive variety of stages, eligibility checks, and obfuscation routines, it remains one of the most elusive malware families to date.

SocGholish was observed in the wild as early as 2018. The absence of details surrounding target selection, evasion logic, and specific procedures employed by TA569 and their use of SocGholish in the intermediary phases of infection contributes to this shroud of mystery."

proofpoint.com/us/blog/threat-

#SocGholish #proofpoint #threatintel

Last updated 2 years ago

Part 1: SocGholish, a very real threat from a very fake update

SocGholish is a malware variant which continues to thrive in the current information security landscape. By utilizing an extensive variety of stages, eligibility checks, and obfuscation routines, it remains one of the most elusive malware families to date.

SocGholish was observed in the wild as early as 2018. The absence of details surrounding target selection, evasion logic, and specific procedures employed by TA569 and their use of SocGholish in the intermediary phases of infection contributes to this shroud of mystery.

proofpoint.com/us/blog/threat-

#SocGholish #proofpoint #threatintel

Last updated 2 years ago

**Part 1: SocGholish, a very real threat from a very fake update**

> SocGholish is a malware variant which continues to thrive in the current information security landscape. By utilizing an extensive variety of stages, eligibility checks, and obfuscation routines, it remains one of the most elusive malware families to date. SocGholish was observed in the wild as early as 2018. The absence of details surrounding target selection, evasion logic, and specific procedures employed by TA569 and their use of SocGholish in the intermediary phases of infection contributes to this shroud of mystery.

proofpoint.com/us/blog/threat-

#SocGholish #proofpoint #threatintel

Last updated 2 years ago

· @packetsnorter
45 followers · 38 posts · Server ioc.exchange

@bobdobberson AH, yes - if the receiving anti-spam solution is configured to block failed SPF records (depends on the settings for hard and soft fails).

Generally, no = neutral weight, but with advanced anti-spam solutions, you could process mail from domains without SPF differently - e.g. route it though an inspection rule with heavier weights for suspected spam content. For instance, can have VERY complex inspection rules.

But, blocking mail without SPF is not a good idea.

#spf #proofpoint

Last updated 2 years ago

Greetings, time for my !

I’m a security and infrastructure technologist who lives in the Northern California Bay Area and works at . Outside of work, I assist in maintaining open source and am a committer. For my fellow geeks, my favorite protocols are , , and .

When I'm not buried in my laptop, I like to travel and hang out with my partner and our two dogs.

#introduction #proofpoint #sendmail #freebsd #dns #smtp #xmpp

Last updated 2 years ago

Patrick Campbell · @0ne_ca11ed_pat
21 followers · 39 posts · Server mastodon.social

Hello All, late here. I’m Patrick, and into . Dad to 4 kiddos, husband to my beautiful wife. Been in IT for over 10 years. 5 of those now in as a member. Interested in transitioning to and . Working on my currently and always learning and willing to share knowledge on . Will be sharing more once I figure out things here! Happy almost Friday

#introduction #introduceyourself #photography #retropie #videogames #infosec #blueteam #threathunting #pentesting #oscp #microsoft #proofpoint #paloxdr #zscaler

Last updated 2 years ago

Curt Wilson · @CurtWilson
101 followers · 21 posts · Server mastodon.social

Excellent write-up on new Emotet activity to include IcedID. Also, TIL about the malduck module. proofpoint.com/us/blog/threat-

#EMOTETMalware #icedid #proofpoint

Last updated 2 years ago