#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cloud Security

delete email account | Breaking Cybersecurity News | The Hacker News

Simple Exploit Allows Attackers to Modify Email Content — Even After It's Sent!

Simple Exploit Allows Attackers to Modify Email Content — Even After It's Sent!

Aug 23, 2017
Security researchers are warning of a new, easy-to-exploit email trick that could allow an attacker to turn a seemingly benign email into a malicious one after it has already been delivered to your email inbox. Dubbed Ropemaker (stands for Remotely Originated Post-delivery Email Manipulation Attacks Keeping Email Risky), the trick was uncovered by Francisco Ribeiro, the researcher at email and cloud security firm Mimecast. A successful exploitation of the Ropemaker attack could allow an attacker to remotely modify the content of an email sent by the attacker itself, for example swapping a URL with the malicious one. This can be done even after the email has already been delivered to the recipient and made it through all the necessary spam and security filters, without requiring direct access to the recipient's computer or email application, exposing hundreds of millions of desktop email client users to malicious attacks. Ropemaker abuses Cascading Style Sheets (CSS) and Hyp
Yahoo Disables Email Auto-Forwarding; Making It Harder for Users to Move On

Yahoo Disables Email Auto-Forwarding; Making It Harder for Users to Move On

Oct 11, 2016
Yahoo! has disabled automatic email forwarding -- a feature that lets its users forward a copy of incoming emails from one account to another. The company has faced lots of bad news regarding its email service in past few weeks. Last month, the company admitted a massive 2014 data breach that exposed account details of over 500 Million Yahoo users. If this wasn't enough for users to quit the service, another shocking revelation came last week that the company scanned the emails of hundreds of millions of its users at the request of a U.S. intelligence service last year. That's enough for making a loyal Yahoo Mail user to switch for other rival alternatives, like Google Gmail, or Microsoft's Outlook. Yahoo Mail Disables Auto-Forwarding; Making It Hard to Leave But as Yahoo Mail users are trying to leave the email service, the company is making it more difficult for them to transition to another email service. That's because since the beginning of Octob
Code Keepers: Mastering Non-Human Identity Management

Code Keepers: Mastering Non-Human Identity Management

Apr 12, 2024DevSecOps / Identity Management
Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or
Cybersecurity Resources