Intrusions by Unfurling Hemlock, which is believed to be of Eastern European origin, commence with the delivery of malicious emails with the 'WEXTRACT.EXE' file.
One-quarter of attacks during the first three months of 2024 involved BEC, most of which were in the finance sector, a report from Arctic Wolf revealed.
Attackers could leverage a pair of medium-severity vulnerabilities in the Mailcow open-source mail server software older than version 2024-04 to facilitate arbitrary code execution, account takeovers, and sensitive data access, reports The Hacker News.
By leveraging AI, teams can end the black hole and more efficiently manage user-reported phishing emails and even explain to users the specifics of their case.