Cybercriminals Deploy FOG Ransomware Disguised as DOGE via Malicious Emails https://gbhackers.com/cybercriminals-deploy-fog-ransomware-disguised-as-doge/ #CyberSecurityNews #cybersecurity #Ransomware #Email

I have a correspondence who sends me email that, instead of normal encoding, uses base64 encoded email.

It crashes two of my email clients.

Genuine madness.

Bleeping Computer: Phishers abuse Google OAuth to spoof Google in DKIM replay attack. “In a rather clever attack, hackers leveraged a weakness that allowed them to send a fake email that seemed delivered from Google’s systems, passing all verifications but pointing to a fraudulent page that collected logins. The attacker leveraged Google’s infrastructure to trick recipients into accessing […]

https://rbfirehose.com/2025/04/21/bleeping-computer-phishers-abuse-google-oauth-to-spoof-google-in-dkim-replay-attack/

Tuta (@tutaprivacy.bsky.social)

https://bsky.app/profile/tutaprivacy.bsky.social/post/3lndbb5of322f

> We #opensource - as much as we dislike #Google Break free from Big Tech tracking, go secure! https://tuta.com/blog/open-source-email-fdroid #foss #fdroid #android #email #calendar

We #opensource - as much as we dislike #Google

Break free from Big Tech tracking, go secure!

https://tuta.com/blog/open-source-email-fdroid

It's 2025... so why are obviously malicious advertising URLs still going strong?

In 2025, a phishing email containing a malicious link redirected through Google Ads was received by the Internet Storm Center. The link led to a credential-stealing page hosted on a dynamic DNS service. Despite being clearly fraudulent and detected by VirusTotal, the ad redirect remained active for over a week. The article questions why major ad providers like Google aren't implementing basic security measures to prevent such obvious threats. It suggests that ad companies should filter out links to domains unsuitable for legitimate ads and regularly check landing pages for malicious content. The author argues that this should be the minimum expected from ad providers in 2025, especially given the availability of AI and tools like VirusTotal for threat detection.

Pulse ID: 680630cf7d432f84fd61b71b
Pulse Link: https://otx.alienvault.com/pulse/680630cf7d432f84fd61b71b
Pulse Author: AlienVault
Created: 2025-04-21 11:49:35

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

FOG Ransomware Spread by Cybercriminals Claiming Ties to DOGE

An investigation of nine malware samples revealed FOG ransomware being distributed by cybercriminals impersonating the Department of Government Efficiency (DOGE). The ransomware, spread via email and phishing attacks, is concealed in a ZIP file named 'Pay Adjustment.zip'. The infection chain involves a multi-stage operation, downloading various scripts and executables. The ransomware checks for sandbox environments, decrypts its payload, and drops a ransom note. FOG ransomware has targeted multiple sectors, including technology, education, manufacturing, and transportation. The campaign either involves original FOG operators using DOGE references to troll users or other actors embedding FOG ransomware for impersonation purposes.

Pulse ID: 68063d6f5beb7958a54e2952
Pulse Link: https://otx.alienvault.com/pulse/68063d6f5beb7958a54e2952
Pulse Author: AlienVault
Created: 2025-04-21 12:43:27

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

Soy usuario de Protonmail desde sus inicios, cuando estaba en beta.

Con el tiempo también fui usuario premium de Protonmail y ProtonVPN, y actualmente sigo siendo cliente premium de Protonmail, hasta octubre de este año.

Aposté por Protonmail porque me convenció su postura respecto a la protección de los datos de los usuarios. En seguridad informática, cuando se utilizan servicios externos, todo pasa por la confianza, y eso es una decisión personal de la que debe responsabilizarse cada unx.

Con el paso del tiempo he notado cambios, tanto en lo tecnológico como en sus políticas y acciones que me llevaron a decidir abandonar sus servicios.

Más allá del precio, que es bastante exorbitante para usuarios de Argentina, y que ciertas características del servicio estén detrás de ese paywall, los recursos necesarios para poder acceder a UNA CUENTA DE MAIL, son ridículos.

La web es cada vez más lenta y sobrecargada y no veo que tanta tecnología e innovación haya agregado ningún valor a mi experiencia.

La aplicación Proton Bridge, que es una de esas cosas que está detrás del paywall, y que debería ser un servicio mínimo que hace de puente entre el cliente de correo y el servidor de Proton, requiere 2GB de RAM para funcionar. Es indignante.

La migración a otro servicio de mail es un trámite altamente complejo y potencialmente problemático para cualquier persona con una actividad en Internet tan activa como la mia, pero no es la primera vez que lo haya hecho, y probablemente no sea la última.

FairEmail is by far the best Android email app I've tried, and is inexplicably missing from all the "best Android email clients in 2025" lists.

https://email.faircode.eu/

How to set up and maintain your own mail server. With well-maintained instructions and recommendations on a variety of topics, pertinent to how modern #email services work, and how you can master your own
https://workaround.org/ Focused on #Debian 12, but most of it would be quite similar for other #Linux distros

How to Install #Mailwizz on #cPanel #VPS Server This article provides a guide for how to install MailWizz on cPanel VPS server.
What is MailWizz?
MailWizz is a self-hosted #email marketing software that allows businesses and marketers to create, send, and manage email campaigns efficiently. It is a powerful alternative to cloud-based email marketing platforms like Mailchimp, Sendinblue, or GetResponse, but with the advantage of ...
Continued https://blog.radwebhosting.com/how-to-install-mailwizz-on-cpanel-vps-server/?utm_source=mastodon&utm_medium=social&utm_campaign=ReviveOldPost #mailserver #vpsguide

#DontForget... #TheBIGEvent is #ComingUp...

#ForScience and #Technology, #Engineering and #Mathematics...

With #EMail - what an #Innovation...?!

​ | ​

Mayor Satya Rhodes-Conway cuts the ceremonial ribbon at the Highway 30 bridge opening | Harald Kliems

Welcome to the Madison Bikes newsletter. We have a lot of events coming up, so read on to learn about them!

Advocacy Event @ Machinery Row

This Wednesday from 7-8:30pm at Machinery Row, Madison Bikes is partnering with WI Bike Fed to host Driving Federal Bike Safety Legislation, an event […]

https://www.madisonbikes.org/2025/04/spring-into-action-advocacy-and-adventure/

Meine Datenschutz und Privatsphäre Übersicht 2025, für Jedermann

Teilen er­be­ten

als PDF:

https://cryptpad.digitalcourage.de/file/#/2/file/iLDoTt03wkGUL3dA39ScX6hV/

 #DSGVO #TDDDG ( #unplugtrump )
#Datenschutz #Privatsphäre #sicherheit #Verschlüsselung
#encryption #WEtell #SoloKey #NitroKey #Email #Cybersecurity #Pixelfed #Massenűberwachung
#Google #Metadaten #WhatsApp #Threema #Cryptpad #Signal
#Hateaid #Cyberstalking #Messenger #Browser #Youtube #NewPipe #Chatkontrolle #nichtszuverbergen #ÜberwachungsKapitalismus #Microsoft #Apple #Windows #Linux #Matrix #Mastodon #Friendica #Fediverse #Mastodir #Loops #2FA #Ransomware #Foss #VeraCrypt #HateAid #Coreboot #Volksverpetzer #Netzpolitik #Digitalisierung #FragdenStaat #Shiftphone  #OpenSource #GrapheneOS #CCC #Mail #Mullvad #PGP #GnuPG #DNS #Gaming #linuxgaming #Lutris #Protondb #eOS #Enshittification
#Bloatware #TPM #Murena  #LiberaPay #GnuTaler #Taler #PreppingforFuture
#FediLZ #BlueLZ #InstaLZ #ThreatModel
#FLOSS #UEFI #Medienkompetenz

I interpret the following

Apr 20 18:38:09 skapet spamd[52874]: (GREY) 117.53.153.22: <> -> <spfilter-2.sel01.mschosting.com-1745167076-testing@ehtrib.org>

As a sign there are still, er, individuals out there who think SMTP callbacks were a good idea.

Please have them read "Twenty-plus years on, SMTP callbacks are still pointless and need to die" (2017) https://nxdomain.no/~peter/twenty-plus_years_on_smtp_callbacks_are_still_pointless.html

It’s time for my favorite Eastertide newsletter, “Market Analysis of CPU Fan Cooling [chinese lettering]”

Was wondering if anyone knows this MTA (Stalwart) or has experiences with it. Found it totally randomly, never heard of it before despite knowing quite a bit about mail subsystems, and if the docs are correct, it's the kind of too-good-to-be-true software. Pure Rust and brings everything onboard (at least I) need.

https://github.com/stalwartlabs/mail-server

I have like 5 accounts that I can’t use my personal e-mail for so I’m looking to find a GMail alternative for them to continue my journey to be 100% off Google products.

Does any email provider (paid or free) offer the same level of deliverability, uptime, and have something similar to Google’s Advanced Protection Program (https://landing.google.com/intl/en_us/advancedprotection/)?

Just launched: [@fuck.it] – the boldest email you’ll ever own.
Private. Ad-free. Invite-only. Backed by artists. Built for rebels.
Now live on https://crowdfundr.com/d2XmQ2

Support, boost, or grab yourname@fuck.it while it lasts.