| 01-07-2025 |
Proofpoint Exposes Phishing via Fake Unsubscribe Links |
Cybersecurity |
Proofpoint’s Threat Insight reveals cybercriminals are using deceptive unsubscribe links in marketing emails to direct users to fake authentication pages that harvest credentials. The report also highlights overlapping tactics between threat actors TA829 and UNK_GreenSec, who share infrastructure and deploy malware like TransferLoader, blurring lines between espionage and cybercrime. These phishing campaigns employ spoofed OneDrive links and compromised routers to bypass detection. Always verify links before clicking to safeguard your information. |
|
| 26-06-2025 |
Proofpoint Human Risk Explorer Enhances Cybersecurity Precision |
Feature |
Proofpoint Human Risk Explorer, integrated into Proofpoint’s Prime Threat Protection and DLP solutions, offers a unified view of user risk by analyzing threat activity, data exposure, and behavior signals. It identifies high-risk users, explains risk drivers, and provides actionable recommendations to optimize security efforts. This tool helps organizations move from reactive to proactive defense, maximizing the value of existing security investments. Learn more about elevating your security strategy at Proofpoint’s website. |
|
| 24-06-2025 |
Proofpoint Exposes TA397’s India-Linked Espionage Tactics |
Cybersecurity |
Proofpoint’s in-depth analysis reveals TA397, likely an India-backed espionage group, targets European and Asian entities with interests in China and Pakistan. Using spearphishing and scheduled tasks, TA397 deploys malware like BDarkRAT, leveraging Let’s Encrypt certificates and Indian Standard Time-aligned operations. The group’s campaigns, detailed in a two-part series with Threatray, show sophisticated lures mimicking diplomatic entities. Read the full report at Proofpoint’s blog for critical industry insights. |
|
| 18-06-2025 |
Proofpoint Protect 2025 Showcases AI-Driven Cybersecurity |
Tech Events |
Proofpoint Protect 2025, held September 22-24 at Gaylord Opryland Resort in Nashville, offers cybersecurity leaders hands-on labs, certifications, and insights into AI-driven, human-centric security. Attendees can explore actionable strategies, network with peers, and engage in over 45 technical sessions to combat evolving threats. Early-bird registration at $495 ends June 30, with team discounts available. Secure your spot to gain industry insights and bolster credentials. |
|
| 16-06-2025 |
TeamFiltration Fuels Large-Scale Entra ID Takeover |
Cybersecurity |
Proofpoint’s research reveals UNK_SneakyStrike, an account takeover campaign targeting over 80,000 Microsoft Entra ID accounts using the TeamFiltration pentesting tool. Since December 2024, attackers have exploited Microsoft Teams API and AWS servers for user enumeration and password spraying, accessing apps like Teams, OneDrive, and Outlook. The campaign’s distinct user agent and OAuth client IDs serve as key indicators of compromise. Organizations should monitor these indicators and enable multi-factor authentication to enhance security. |
|
| 09-06-2025 |
Proofpoint Reveals Social Engineering in 25% of APT Campaigns |
Reports |
Proofpoint’s Human Factor 2025 report highlights how cyberattackers exploit human psychology, with 25% of advanced persistent threat (APT) campaigns relying on pure social engineering tactics like business email compromise and phishing. The report notes a 50% surge in advanced fee fraud, while over 90% of these campaigns use benign conversation techniques to deceive users. Extortion-based email fraud has declined by nearly 70%, emphasizing the shift toward sophisticated social engineering. Proofpoint recommends personalized security awareness training to transform people into a robust defense. Explore the full findings at Proofpoint’s website. |
|
