New Russia-affiliated actor Void Blizzard targets critical sectors for espionage

Void Blizzard, a newly identified Russia-affiliated threat actor, has been conducting global cyberespionage operations since April 2024. Their primary targets are organizations in critical sectors, particularly in NATO member states and Ukraine, including government, defense, transportation, media, NGOs, and healthcare. The group employs tactics such as using stolen credentials, likely obtained from commodity infostealer ecosystems, and recently evolved to include targeted spear phishing for credential theft. Despite using unsophisticated techniques, Void Blizzard has been effective in gaining access and collecting large volumes of emails and files from compromised organizations. Their activities pose a significant risk to NATO member states and allies of Ukraine.

Pulse ID: 6835955789329a0d9f2f521c
Pulse Link: https://otx.alienvault.com/pulse/6835955789329a0d9f2f521c
Pulse Author: AlienVault
Created: 2025-05-27 10:35:03

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

@jwildeboer's recent thread about his CA co-op idea inspired me to write down some thoughts on email encryption.

https://weddige.eu/en/articles/lets-encrypt-emails/

Stalwart 0.12 is here: Free mail server brings support for calendar and contacts

The open source mail server Stalwart now natively supports contacts and calendars. The developers want to use this to expand it into a collaboration platform.

https://www.heise.de/en/news/Stalwart-0-12-is-here-Free-mail-server-brings-support-for-calendar-and-contacts-10403990.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

Stalwart 0.12 ist da: Freier Mailserver bringt Support für Kalender und Kontakte

Der quelloffene Mailserver Stalwart unterstützt jetzt nativ Kontakte und Kalender. Damit wollen die Entwickler ihn zu einer Kollaborationsplattform ausbauen.

https://www.heise.de/news/Stalwart-0-12-ist-da-Freier-Mailserver-bringt-Support-fuer-Kalender-und-Kontakte-10399985.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

_European email providers

https://european-alternatives.eu/category/email-providers

An email provider provides its users with an e-mail address and the corresponding mailboxes. Most e-mail providers also provide a webmail interface in which the user can read and send e-mails in the browser.

This category contains services from companies based in a member state of the European Union (EU), the European Economic Area (EEA) and the European Free Trade Association (EFTA).

___

Just out of curiosity, what is the oldest #email you still have in your archive/inbox? I think mine is around '94 or '95 when I created an email on #Yahoo coming from an old #BBS email service.

#AI #gov #email #privacy #SiliconValley

'Mountain View-based company GovernmentGPT filed 90 California Public Records Act requests with multiple cities across the Bay Area for emails from residents addressed to mayors, councilmembers and city clerks from 2020 to 2023. The goal is to create an artificial intelligence tool that can easily summarize a resident’s thoughts based on public comments.'

https://sanjosespotlight.com/silicon-valley-cities-hit-with-request-for-resident-emails-to-train-ai/

The Verge: Microsoft blocks emails that contain ‘Palestine’ after employee protests. “Microsoft employees have discovered that any emails they send with the terms ‘Palestine’ or ‘Gaza’ are getting temporarily blocked from being sent to recipients inside and outside the company.”

https://rbfirehose.com/2025/05/26/the-verge-microsoft-blocks-emails-that-contain-palestine-after-employee-protests/

I received an "important email" from #Dreamhost about my domain registration. You'd think that #email security would be paramount for them.

They have no DKIM setting, so it's impossible to see if the email was tampered with in transit and if it was sent by the claimed sender. And, their DMARC policy is p=none, which tells email providers, "don't do anything special if you can't verify me".

Their dreamhostregistry.com domain is wide open for spoofing because they've configured it to be wide open for spoofing.

How can a web hosting company be so lax about email security? How can I trust emails they send to me if I have no assurance they sent it, and it wasn't modified in transit?

Greenbelt, mandate letter emails unearthed on Ford government staffers’ personal accounts
The emails, turned over to the Ontario NDP as part of a freedom of information appeal, show staff discussing the Greenbelt and mandate letters on their personal accounts.
#politics #government #email #law #Ontario #Fordgovernment
https://globalnews.ca/news/11194475/ford-staffer-personal-email-unearthed/

Your guide to moving away from Gmail and finding a new email service!

Credits: @PurchaseWithPurpose

#privacy #email #opensource #ethicaltech #infosec #degoogle #foss #digitalsovereignty #protonmail #tutanota #surveillancecapitalism #bigtech #techforgood

ARTISTS & NEWSLETTERS — AN OPEN SOURCE DIRECTORY

Artists and musicians are moving away from social media and towards newsletters.

This open source list will help you find and discover these newsletters.

HELP OUT

Please add your own and your favourites to the list so we can grow this and have an easier time staying in touch with newsletters.

Add an entry by following the instructions in the post.

Plz boost!

#newsletters #beyourownplatform #email

https://hyaline.systems/blog/directory-of-artist-and-musician-newsletters/

#spam #email #racism #Ring

"Over the weekend, numerous social media users reported receiving the emails from the official ring.com domain at 'verify.ring.com.' The emails were meant to confirm that the user has signed up for Ring’s online service, but names in the email were changed to a racist slur. "

https://www.pcmag.com/news/did-amazon-ring-just-send-me-a-racist-email

PC Magazine: Did Ring Just Send Me a Racist Email?. “Over the weekend, numerous social media users reported receiving the emails from the official ring.com domain at ‘verify.ring.com.’ The emails were meant to confirm that the user has signed up for Ring’s online service, but names in the email were changed to a racist slur. “

https://rbfirehose.com/2025/05/25/pc-magazine-did-ring-just-send-me-a-racist-email/

Configure Postfix MTA for Use with #Mastodon Effortlessly (Effortless 5 Minute Guide) This article describes how to configure Postfix MTA for use with Mastodon server. Admins who self-host their Mastodon instances can easily configure Postfix MTA (possibly even to do so using the same VPS server) to handle the #email services.
What is Postfix?
Postfix is a popular open-source ...
Continued https://blog.radwebhosting.com/configure-postfix-mta-for-use-with-mastodon-effortlessly-effortless-5-minute-guide/?utm_source=mastodon&utm_medium=social&utm_campaign=ReviveOldPost #opensource #selfhosting #mailrelay #selfhosted #mailserver #mailtransferagent

So, I am creating a new #pgp key for my #email, is "RSA" #encryption still the way to go? I noticed #GPG's default is "ECC" now

Thanks in advance!

Finally got around to setting up a self-hosted mail server. In the end I went with Stalwart for it's Rust-y all-in-oneness and relatively simple configuration (including NixOS module).

It spat out the required DNS entries for SPF, DKIM and DMARC, I added them to my test domain with @beasts and carried out some tests with Fastmail, GMail and Outlook.

I checked the @aaisp IPs I'd picked hadn't made it on to any block lists.

And it just works! No issues with delivery so far.

#privacy #infosec #email

Microsoft blockiert E-Mails seiner Mitarbeiter.innen!

#EMail-#Blockade bei #Microsoft Microsoft-Mitarbeitende berichten, dass E-Mails mit Begriffen wie „#Palästina“, „#Gaza“ oder „#Genozid“ intern wie extern vorübergehend blockiert werden.

#ZensurVorwürfe von #Protestgruppe Die Gruppe „No Azure for Apartheid“ kritisiert dies als gezielte Einschränkung der Meinungsfreiheit und Diskriminierung palästinensischer Angestellter. (1/2)

Overkill. With many receivers treating no SPF as a blanket '-all' it does very little to make it explicit.

However, if you really feel that you must give SPF records to every subdomain, make sure to also give them null MX records to drive the point home that the subdomain is not for #email.

#InfoSec #EmailSecurity https://infosec.exchange/@ais_security/114556032057865718