Wilmington, United States, September4th, 2025, CyberNewsWire: Veteran email security leader to expand MSP and VAR partnerships and accelerate DMARC adoption. Sendmarc today announced the appointment of Rob Bowker as North American Region Lead. Bowker will oversee regional expansion with a focus on growing the Managed Service Provider (MSP) partner community, developing strategic Value-Added Reseller (VAR) […]
Wilmington, United States, September4th, 2025, CyberNewsWire: Veteran email security leader to expand MSP and VAR partnerships and accelerate DMARC adoption.
Sendmarc today announced the appointment of Rob Bowker as North American Region Lead.
Bowker will oversee regional expansion with a focus on growing the Managed Service Provider (MSP) partner community, developing strategic Value-Added Reseller (VAR) partnerships, and broadening the enterprise customer base.
Bowker brings more than two decades of experience in email infrastructure, deliverability, and security.
He has helped organizations implement and scale Domain-based Message Authentication, Reporting and Conformance (DMARC), Sender Policy Framework (SPF), and DomainKeys Identified Mail (DKIM) to protect email ecosystems and improve deliverability.
In his new role, Bowker will lead Sendmarc’s North American growth by forging partner-led routes to market and accelerating DMARC adoption across enterprise and mid-market organizations, while empowering MSPs with tools to protect small and medium-sized businesses (SMBs).
He will also expand the regional team to execute the company’s partner-first strategy.
“What excites me most about Sendmarc is our ability to pair an enterprise-class platform with a globally distributed team of experts. Customers don’t just get the best DMARC platform – they get support that spans time zones, cultures, and perspectives. I’m looking forward to helping Sendmarc accelerate growth across North America, working alongside MSPs, resellers, and enterprises to strengthen email security where it’s needed most,” said Bowker.
“Rob’s knowledge of the email and DMARC landscape and his ability to turn strategy into execution make him an invaluable leader for our North American operations,” said Jason Roos, Chief Sales Officer at Sendmarc.
“We’re excited to see the impact he’ll make as he continues building strong relationships with our partners and customers.”
About Sendmarc
Sendmarc is a global leader in safeguarding email communications through DMARC. Built with a partner-first approach, its platform empowers MSPs and VARs to deliver trusted protection against impersonation, phishing, and other email-based threats.
In addition to preventing fraud, Sendmarc improves email deliverability, ensuring legitimate business communications reach their intended recipients.
Trusted by partners worldwide, Sendmarc provides the tools and expertise needed to help customers achieve full DMARC compliance quickly and effectively.
A newly identified hacking group, dubbed “GhostRedirector” by cybersecurity researchers, has compromised at least 65 Windows servers across the globe, deploying custom malware designed to manipulate search engine results for financial gain.
According to a new report from ESET, the threat actor utilizes a malicious module for Microsoft’s Internet Information Services (IIS) to conduct a sophisticated SEO fraud scheme, primarily benefiting gambling websites.
The attacks, which have been active since at least August 2024, employ two previously undocumented custom tools: a passive C++ backdoor named “Rungan” and a malicious native IIS module called “Gamshen.”
While Rungan provides the attackers with the ability to execute commands on a compromised server, Gamshen is the core of the operation, designed to provide “SEO fraud as-a-service.”
GhostRedirector Hacks Windows Servers
Researchers explain that Gamshen functions by intercepting web traffic on the infected server. The module is specifically configured to activate only when it detects a request from Google’s web crawler, Googlebot.
For regular visitors, the website functions normally. However, when Googlebot scans the site, Gamshen modifies the server’s response, injecting data from its own command-and-control server.
GhostRedirector Hackers Compromise Windows Servers
This technique allows the attackers to create artificial backlinks and use other manipulative SEO tactics, effectively hijacking the compromised website’s reputation to boost the page ranking of a target website.
ESET believes the primary beneficiaries of this scheme are various gambling websites targeting Portuguese-speaking users. ESET researchers have attributed the campaign with medium confidence to a previously unknown, China-aligned threat actor.
This assessment is based on several factors, including the use of a code-signing certificate issued to a Chinese company, hardcoded Chinese language strings within the malware samples, and a password containing the Chinese word “huang” (yellow) used for rogue user accounts.
The victimology indicates an opportunistic approach rather than a targeted campaign against a specific industry.
Compromised servers span sectors such as healthcare, retail, transportation, education, and technology, with the majority located in Brazil, Thailand, and Vietnam.
Additional victims were identified in the United States, Peru, Canada, and parts of Europe and Asia.
GhostRedirector Hackers Compromise Windows Servers
GhostRedirector’s attack chain begins with what is believed to be an SQL injection vulnerability for initial access. Once inside, the attackers use PowerShell or CertUtil to download their arsenal from a staging server.
To gain full control, they employ publicly known privilege escalation exploits like “EfsPotato” and “BadPotato” to create new administrator-level user accounts on the server.
These rogue accounts provide persistent access, ensuring the attackers can maintain control even if their primary backdoors are discovered and removed.
The group’s toolkit also includes other custom utilities, such as “Zunput,” a tool that scans the server for active websites and drops multiple webshells to provide alternative methods of remote access.
The shared code libraries and infrastructure across these tools allowed ESET to cluster the activity and attribute it to a single group.
While the immediate impact on website visitors is minimal, participation in the SEO fraud scheme can severely damage the compromised host’s reputation by associating it with black-hat SEO tactics.
Find this Story Interesting! Follow us on Google News, LinkedIn, and X to Get More Instant Updates.
Armis Labs has uncovered ten critical security flaws collectively named “Frostbyte10” in Copeland’s E2 and E3 building management controllers. These devices, which handle refrigeration, HVAC, lighting, and other essential functions, could allow remote attackers to execute code, change settings, disable systems, or steal sensitive data. A firmware update is available now, and affected organizations are […]
A new cyber-attack, dubbed “Grokking,” is exploiting features on the social media platform X to spread malicious links on a massive scale.
Scammers are manipulating the platform’s advertising system and its generative AI, Grok, to bypass security measures and amplify harmful domains. This technique turns X’s own tools into unwilling accomplices in a widespread malvertising scheme.
According to GuardioSecurity researcher Nati Tal, the attack begins with malware promoting “video card” posts, which often use explicit or sensational “adult” content to lure users.
While X’s policies aim to combat malvertising by disallowing links in promoted content, these attackers have found a critical loophole.
The malicious link is not placed in the main body of the post but is instead embedded in the small “From:” field located beneath the video player.
X’s automated security scans seem to miss this area. As a result, posts can spread widely and get anywhere from 100,000 to over 5 million paid impressions.
The second stage of the attack leverages the platform’s AI assistant, Grok. Curious users, seeing the often anonymous and intriguing videos, frequently turn to Grok to ask for the source.
In its effort to provide a helpful answer, the AI scans the post for information and extracts the domain name from the “From:” field.
Grok then presents this malicious link directly to the user in its reply. For instance, when asked about a video’s origin, Grok has been observed responding with links to suspicious domains, Nati Tal said.
This process effectively “Grokks” the malicious link, not only delivering it to inquisitive users but also amplifying its visibility and perceived legitimacy.
By having the platform’s own AI reference the domain, the scammers may benefit from enhanced SEO and a strengthened reputation for their harmful sites, making them seem more trustworthy to unsuspecting users.
Find this Story Interesting! Follow us on Google News, LinkedIn, and X to Get More Instant Updates.
Microsoft has officially acknowledged a significant User Account Control (UAC) bug that is causing widespread installation issues across Windows 10 and Windows 11 systems. The problem stems from a security update released in August 2025 and affects millions of users attempting to install or repair applications. The Core Issue The bug emerged following Microsoft’s August 2025 […]
Cybersecurity researchers have flagged a new technique that cybercriminals have adopted to bypass social media platform X’s malvertising protections and propagate malicious links using its artificial intelligence (AI) assistant Grok.
The findings were highlighted by Nati Tal, head of Guardio Labs, in a series of posts on X. The technique has been codenamed Grokking.
The approach is designed to
The French data protection authority has fined Google and Chinese e-commerce giant Shein $379 million (€325 million) and $175 million (€150 million), respectively, for violating cookie rules.
Both companies set advertising cookies on users’ browsers without securing their consent, the National Commission on Informatics and Liberty (CNIL) said. Shein has since updated its systems to comply with
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws impacting TP-Link wireless routers to its Known Exploited Vulnerabilities (KEV) catalog, noting that there is evidence of them being exploited in the wild.
The vulnerabilities in question are listed below –
CVE-2023-50224 (CVSS score: 6.5) – An authentication bypass by spoofing vulnerability
A significant outage of Google services, including its search engine, Gmail, and YouTube, has affected users across Turkey and several countries in Eastern Europe.
The disruption, which began on Thursday morning, also impacted other popular platforms such as Google Maps, Drive, and Analytics.
Monitoring websites like Downdetector confirmed widespread service interruptions, with a spike in user reports around 10:00 a.m. local time in Turkey (07:00 GMT).
The outage was most heavily concentrated in Southeastern Europe, affecting countries such as Greece, Bulgaria, Romania, Serbia, Croatia, and Georgia.
Intermittent disruptions were also reported in other parts of Europe, including Germany, the Netherlands, Ukraine, and Russia, as well as in some U.S. cities like New York and Chicago.
The service disruption lasted for nearly two hours, with access gradually being restored for some users later in the morning.
During the outage, many websites that rely on Google Ads appeared without advertisements, and professional services like Google Analytics experienced significant slowdowns.
Reports of service disruptions began to spike dramatically around 2:10 AM EST, according to data from Down Detector, a popular outage-tracking website.
The concentration of reports suggests the problem is particularly acute on the East and West Coasts of the United States.
The sudden disruption has sent ripples across the internet, underscoring the world’s deep reliance on Google’s infrastructure. For millions, the outage has ground productivity to a halt and cut off primary channels of communication.
Social media platforms are awash with users sharing their frustration, with many echoing the sentiment that without Google, they feel disconnected from the digital world.
Το blog ΣΥΓΚΟΙΝΩΝΙΑΚΑ ΝΕΑ δεν είναι προσβάσιμο, επειδή ¨'επεσε" η google και όλες οι υπηρεσίες της (gmail, youtube, blogger κ.α.), σε μεγάλο μέρος της ΝΑ Ευρώπης και την Τουρκία. Google servises (as blogger) is down in Turkey and SE Europe.#google#downpic.twitter.com/qSRQHHG9Og
A map shared by the users illustrated the extent of the outage, showing large parts of Turkey and Southeastern Europe as the most affected regions. As of now, Google has not released an official statement regarding the cause of the disruption.
This story is developing, and we will provide updates as more information becomes available.
Find this Story Interesting! Follow us on Google News, LinkedIn, and X to Get More Instant Updates.
