Cyber Risk Index report highlights elevated risk as organizations struggle with visibility.

**DALLAS, Nov. 21, 2022 /PRNewswire/** — Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, today announced that 32% of global organizations have had customer records compromised multiple times over the past 12 months as they struggle to profile and defend an expanding attack surface.

The findings come from Trend Micro's semi-annual _Cyber Risk Index_ (CRI) report, compiled by the Ponemon Institute from interviews with over 4,100 organizations across North America, Europe, Latin/South America, and Asia-Pacific.

Customer records are at increased risk as organizations struggle to profile and defend an expanding attack surface.

**Jon Clay, VP of threat intelligence at Trend Micro**: "You can't protect what you can't see. But with hybrid working ushering in a new era of complex, distributed IT environments, many organizations are finding it difficult to eradicate growing security coverage and visibility gaps. To avoid the attack surface spiraling out of control, they need to combine asset discovery and monitoring with threat detection and response on a single platform."

The CRI calculates the gap between organizational preparedness and the likelihood of being attacked, with -10 representing the highest level of risk. The global CRI index moved from –0.04 in 2H 2021 to –0.15 in 1H 2022, indicating a surging level of risk over the past six months.

This trend is also reflected elsewhere in the data: the number of global organizations experiencing a "successful" cyber-attack increased from 84% to 90% over the same period. Unsurprisingly, the number now expected to be compromised over the coming year has also increased from 76% to 85%.

Some of the top preparedness risks highlighted by the index report are related to attack surface discovery capabilities. It is often challenging for security professionals to identify the physical location of business-critical data assets and applications.

From the business perspective, the biggest concern is the misalignment between CISOs and business executives. Based on the scores given by the respondents, "My organization's IT security objectives are aligned with business objectives" only has a score of 4.79 out of 10.

By addressing the shortage of cybersecurity professionals and improving security processes and technology, organizations will significantly reduce their vulnerability to attacks.

Dr. Larry Ponemon, chairman and founder of Ponemon Institute: "The CRI continues to provide a fascinating snapshot of how global organizations perceive their security posture and the likelihood of being attacked. The stakes couldn't be higher in the face of stiff macroeconomic headwinds. Respondents pointed to the high cost of outside expertise, damage to critical infrastructure, and lost productivity as the main negative consequences of a breach."

To read a full copy of the latest _Cyber Risk Index,_ please visit: www.trendmicro.com/cyberrisk

Overall, respondents rated the following as the top cyber threats in 1H 2022:

1.  Business Email Compromise (BEC)
2.  Clickjacking
3.  Fileless attacks
4.  Ransomware
5.  Login attacks (Credential Theft)  
    

**About Trend Micro  
**Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,000 employees across 65 countries, Trend Micro enables organizations to simplify and secure their connected world. www.TrendMicro.com.

SOURCE: Trend Micro Incorporated

A Third of Global Organizations Were Breached Over Seven Times in the Past Year

Threat actors are becoming only more sophisticated and determined.

Current approaches to managing operations and security made sense at the time they were established, pre-cloud and pre-digital transformation. Now, with networked multicloud environments, both digital operations and security are far more complex. And even in the digital world, people and teams want to protect their turf. According to IBM's most recent cyber-resilience report, the top three reasons why cyber resiliency has not improved are:

1.  Inability to reduce silo and turf issues
2.  Fragmented IT and security infrastructure
3.  Lack of visibility into applications and data assets

These are all operational issues.

Operations has been fragmented, with responsibilities scattered across lines of business, including IT, finance, sales and marketing, DevOps, and SecOps. Chief information officers (CIOs) scramble to make sure information is available to those who need it while trying to stay compliant with business and data policies. Meanwhile, chief information security officers (CISOs) focus on protecting assets and data from loss and threats across the entire business. All organizations face a daily flood of data across the multitude of tools and systems they rely on to run their businesses — and yet that data is siloed too.

At the same time, threat actors are increasingly sophisticated and determined. Ransomware is practically a legitimate business — perpetrators have "customer" help desks and arrange payment terms for their victims. Adding tools and people to address security doesn't scale and can no longer solve operational and security issues effectively. The status quo of siloed operations is just not sustainable.

According to IBM's research, the average midsize enterprise runs more than 45 security tools — and that's not to mention those for monitoring applications, the network, and cloud operations. Most are designed for a unique function, which they may do exceedingly well. But together, they can become a management nightmare or be ignored, which is a shame, since their data is valuable. It doesn't make sense to have so many tools yet limit data you ingest — and you also need that data over time to discover potential issues before damage occurs.

**Security and Operations Must Join Forces**

It's time to think differently about approaching both operational integrity _and_ security. Start by considering what ops and security organizations have in common:

1.  **Availability:** Ops is responsible for ensuring business systems and information are available to all who need access. Security teams are responsible for ensuring the right data is available to the right people at the right times on the right devices.
2.  **Risk:** The ops view of risk focuses on keeping everything up and running to avoid downtime and poor performance that kill business productivity and efficiency. Security organizations view risk in terms of data loss, manipulation, and damage to the business.

What if digital operations and security shifted from operating separately — working in silos, managing a lot of tools, duplicating efforts — to working together on a shared data and analytics platform? And what if that platform made them more effective at delivering on their common objectives of providing availability across infrastructure and assets while reducing risk?

Digital ops and security share a common goal of keeping the business operating securely at optimal capacity. To succeed in this shared mission, you need to create a cohesive "digital + security" approach, supported by a team that collaborates and optimizes the resources at hand — both human and machine.

**Security and Operations Need a Common Operational Picture**

For many companies, the cost of running operations takes a disproportionate share of budgets, leaving less to spend on innovation and growth. And it's not helping reduce risk (of downtime or breaches). The only solution is to accelerate digital transformation by shifting focus from worrying about risk to preventing it. And the only way to do that is converging _all_ your operations and security data into a common platform.

Merging ops and security with an information-sharing platform enables fully secured, reliable, and convenient enterprise operations.

By ingesting and analyzing all your operational and security data, you can ultimately derive a common operational picture (COP). From there, you need to connect the dots across ops and security data to gain the context and intelligence necessary to successfully manage risk. Applying advanced analytics and machine learning, organizations can then identify pre-incident situations, rank them by business risk, and correlate them with sufficient context for proactive resolution. 

Ops and security can 100% work together. By doing so, CISOs and CIOs gain insights and can prove damage avoided — which means they can show "goals saved" and quantify value.

Better Together: Why It's Time for Ops and Security to Converge

A 500-page document reviewed by WIRED shows that Corellium engaged with several controversial companies, including spyware maker NSO Group.

Corellium, a cybersecurity startup that sells phone-virtualization software for catching security bugs, offered or sold its tools to controversial government spyware and hacking-tool makers in Israel, the United Arab Emirates, and Russia, and to a cybersecurity firm with potential ties to the Chinese government, according to a leaked document reviewed by WIRED that contains internal company communications.

The 507-page document, apparently prepared by Apple with the goal of using it in the company’s 2019 copyright lawsuit against Corellium, shows that the security firm, whose software lets users perform security analysis using virtual versions of Apple’s iOS and Google’s Android, has dealt with companies that have a track record of selling their tools to repressive regimes and countries with poor human rights records.

According to the leaked document, Corellium in 2019 offered a trial of its product to NSO Group, whose customers have for years been caught using its Pegasus spyware against dissidents, journalists, and human rights defenders. Similarly, Corellium’s sales staff offered to provide a quote to purchase its software to DarkMatter, a now-shuttered cybersecurity company with ties with the UAE government that hired several former US intelligence members who reportedly helped it spy on human rights activists and journalists. 

In correspondence with WIRED, Corellium says NSO Group and Dark Matter had access to “a limited time/limited functionality trial version of Corellium's software” and that both were later denied requests to purchase the full version following its vetting process. 

For years Corellium has painted itself as a crucial defender against software bugs on Android and iOS. But the leaked document shows that Corellium worked with several companies that use bugs and exploits to hack into cell phones, as opposed to helping Google and Apple patch vulnerabilities.

The document includes emails between Corellium staff and customers or potential customers, including NSO Group and DarkMatter. The document is not public and is being reported on for the first time here. 

“As one of our early beta requesters, we’re delighted to extend you and your team at NSO Group an exclusive invitation to try Corellium, the world’s first and only mobile device virtualization platform. We think you’ll really enjoy the advanced mobile security research tools we have to offer,” reads a March 26, 2019, email between Correllium’s support staff and an NSO Group employee. “Your free trial will last until April 9. Trial accounts are limited, but if you need more time, or if you prefer to start your trial at a different time, just let us know.”

In the case of DarkMatter, the document includes an email exchange between a company employee and a Corellium sales email address. The emails are not dated, but they apparently reference a 2019 training on how to use the platform that Corellium offered potential customers at the cybersecurity conference Black Hat.

“I was a trainer at Blackhat last year where you guys had provided us access to the portal for a few days and I was very impressed with the amount of features it had,” the DarkMatter employee wrote. “We are interested in purchasing it. Can you guys provide us a quote for all the available options that you have?”

“We’re so glad to hear that you enjoyed using Corellium at Blackhat, and we actually have DarkMatter on our list of teams to reach out to regarding availability,” an unnamed Corellium employee responded. “We’d be more than happy to provide you a quote with all the options checked.”

Also in 2019, according to the document, Corellium sold its software to Paragon, a little-known company that has since been reported to be a provider of government surveillance technology. Corellium also licensed its software to a company called Pwnzen Infotech, whose founders were part of Pangu Team, a well-known Chinese group of elite iOS and iPhone hackers. A Pwnzen sales representative told Reuters in 2019, when Pwnzen was already a Corellium customer, that the company helped hack the phone of a person suspected of “subverting the government” in China. 

“There are a number of ties between Pwnzen and the People’s Republic of China’s government that are cause for concern,” says Dakota Cary, a consultant at Krebs Stamos Group who has written several reports about cybersecurity in China. “Bolstering Pwnzen’s hacking capabilities likely occurred at the detriment to US security interests,” he added, explaining that the company’s improved capabilities could have provided the Chinese government with better tools to hack targets inside and outside of the country, including the US.

Also, as of today, Corellium counts Russian iPhone hacking company Elcomsoft as a customer. And in 2019, Corellium sold to Elcomsoft’s Israeli competitor Cellebrite, a firm that helps law enforcement unlock iPhones and access the data stored within. Cellebrite has reportedly sold its phone-hacking products to countries such as China, Saudi Arabia, and Bahrain, among others. 

Corellium did not dispute the legitimacy of the document, but it also did not respond to a series of questions about its contents. Instead, Corellium CEO Amanda Gorton shared a draft of a blog post in which the company says it offered trials to NSO Group and DarkMatter but denied that the two companies became customers. 

“We’ve had opportunities to profit from these bad actors and have chosen not to,” the blog post reads. It further explains that Corellium restricts sales of its cloud product to “fewer than sixty countries” and has a “block list” of organizations.

Corellium didn’t specify the 60 countries, nor did it answer specific questions about Paragon, Pwnzen, Cellebrite, or Elcomsoft. The company wrote in the blog post that as the sales process goes on, the vetting gets “more intensive.” According to the blog post, that means Corellium asks about the customer’s use case, consults with “trusted contacts in the security community, including contacts at various US government agencies,” and looks at the potential customer’s online presence and investigates its “ownership, corporate structure, and employees.”

Apple did not respond to a request for comment, nor did NSO Group, Cellebrite, or Pwnzen. XiaBo Chen, who identifies as the founder of Pwnzen on LinkedIn, did not respond to multiple requests for comment. After the controversy surrounding DarkMatter’s role in targeting activists and journalists, the company reportedly rebranded to Digital14 in 2019, then to CPX in 2021. Digital14 and CPX did not respond to requests for comment.

Idan Nurick, the CEO and cofounder at Paragon, says that “as a matter of principle, Paragon maintains the confidentiality of its clients, as well as technology providers, and the company does not disclose any information pertaining to these entities.”

Vladimir Katalov, the CEO, cofounder, and co-owner of Elcomsoft, confirmed that his company is a Corellium customer. 

‘Puzzling’ Claims

The leaked document, prepared in 2021, according to an included timeline, mirrors Apple’s arguments against Corellium, which it accused of violating its copyright and the Digital Millennium Copyright Act by re-creating a virtual version of iOS. While Apple has never publicly presented the evidence that’s contained in the document against Corellium, the tech giant accused Corellium in its lawsuit of helping researchers develop zero-day exploits and spyware for governments around the world, hinting that this was one of the main reasons it didn’t approve of Corellium’s practices, apart from alleged copyright infringement.

“Although Corellium paints itself as providing a research tool for those trying to discover security vulnerabilities and other flaws in Apple’s software, Corellium’s true goal is profiting off its blatant infringement,” Apple said in the complaint. “Far from assisting in fixing vulnerabilities, Corellium encourages its users to sell any discovered information on the open market to the highest bidder.”

Corellium has forcefully defended itself against Apple’s claims, saying it sells to “well-known and well-respected financial institutions, government agencies, and security researchers” who use their product for legitimate purposes.

In December 2020, when he dismissed Apple’s copyright infringement claims, US District Judge Rodney Smith, of the Southern District of Florida, sided with Corellium, writing in the order on the parties’ motions for summary judgment that “Apple’s position is puzzling, if not disingenuous.”

“As for Apple’s contention that Corellium sells its product indiscriminately, that statement is belied by the evidence in the record that the company has a vetting process in place (even if not perfect) and, in the past, has exercised its discretion to withhold the Corellium Product from those it suspects may use the product for nefarious purposes,” the judge wrote. “Having reviewed the evidence, the Court does not find a lack of good faith and fair dealing.”

The case took an unexpected turn in August 2021, when Apple and Corellium settled out of court. (The terms of the deal were confidential.) Then, days later, the tech giant filed an appeal, keeping its case against Corellium alive.

Bad Reputations

Even in 2019, NSO Group and DarkMatter had poor reputations in the world of cybersecurity. At the time, there had already been several examples of abuse of NSO Group’s Pegasus spyware, particularly against journalists in Mexico. Ronald Deibert, the director of the Citizen Lab, a digital rights watchdog housed at the University of Toronto's Munk School that has investigated companies like NSO Group for years, said in March 2019 that there was a “mountain of evidence that NSO Group’s surveillance technology is being abused by its clients, and the company is either unwilling or unable to perform the type of due diligence to prevent that from happening.” 

Both Apple and Microsoft have called NSO Group “21st-century mercenaries.”

Gorton has publicly denied selling Corellium’s products to DarkMatter and NSO Group and said Corellium does not sell to companies in the Middle East.

“We have definitely rejected customers who have approached us. I’m sure you can imagine DarkMatter, NSO Group have all reached out and we just politely declined, we don’t sell to that region,” she said during a November 2021 interview with the _Decipher_ podcast. 

In the interview, she sold her company’s mission as positive and uncontroversial, saying that Corellium can be used to help researchers find bugs and report them to companies like Apple, something that companies like NSO Group, DarkMatter, Paragon, Pwnzen, Cellebrite, and Elcomsoft don’t do. Gorton added that hunting for security bugs is “kind of exactly what we wanted to see the platform used for.”

In the past, other Corellium executives and founders have repeatedly downplayed the possibility that bad actors could use its software. When asked whether he was worried that Corellium customers could use the product to find bugs and develop exploits that would then be used by governments, David Wang, one of the company’s cofounders, told _Forbes_ in 2018 that the company would be “selective in who we choose to do business with.” 

Wang did not respond to WIRED’s request for comment. 

In the podcast interview, Gorton has also fielded questions about how Corellium vets its customers to avoid selling to bad actors and that the company takes this process “very seriously,” selling only in the Asia-Pacific, European Union, and North America regions, and researching companies they don’t recognize. “We err on the side of caution,” she said.

The leaked document includes a 2021 email from Steve Dyer, the vice president of sales and business development at Corellium, to Gorton. In the email, Dyer explains the process for vetting “current and future cloud customers” as they submit requests for trials online. Part of the process, Dyer wrote, is to check that the companies are not from countries sanctioned by the US government, such as North Korea, Sudan, Syria, and Russia. (While Elcomsoft is headquartered in Russia, the company is not sanctioned by the US government.) 

“China has been added to the list for auto-denied trials,” Dyer wrote. 

Last year, the US government added NSO Group to a federal blocklist, preventing any US companies and individuals from doing business with the spyware company. In correspondence with WIRED, Corellium said it voluntarily refused to sell its software to NSO Group “more than two years before the United States Department of Commerce placed NSO Group on its Entity List.”

Nevertheless, Corellium’s engagement with these controversial companies may change the cybersecurity community’s view that Apple’s lawsuit is a case of an entitled tech giant going after a scrappy startup with an innovative product that it doesn’t like. 

John Scott-Railton, a senior researcher at the Citizen Lab, says the Corellium sales department’s outreach to NSO Group and DarkMatter is “a potentially cynical act” given the nature of those companies. “At that point, Corellium and everyone else knew exactly who NSO Group was and what they would do with that kind of technology and the people that would inevitably be harmed,” Scott-Railton says. “It raises questions about their ethics, their judgment, or both.”

Zach Edwards, an independent privacy and security researcher, says that “sensitive technology cannot be haphazardly sold to any company, in any country in the world.”

“While Corellium is a reverse-engineering tool that doesn't intrinsically create risks through its sale, the core purpose of the tool is to reverse malware,” Edwards says. “And if you sell the product to malware developers in countries averse to Western interests, we should assume that this tool will be used to improve malware.”

A person who tried Corellium in the past, who asked to remain anonymous because they were not allowed to speak to the press, says that “given what’s happening in the world today, you shouldn’t be dealing with Russian companies,” such as Elcomsoft. 

Elcomsoft’s CEO Katalov says that “the decision to work with a company based in Russia is a personal choice.”

“Please rest assured that we still strive to provide the best software and services, and trying to keep good relationships with our customers all over the world,” he adds. “We will just keep doing our job, making the world a safer place and battling the crime.”

Adrian Sanabria, a cybersecurity veteran, says that it’s not surprising that “groups interested in creating iOS exploits would be using a platform designed for iOS security research.” 

“For me, the core takeaway is that Apple created the need for platforms like Corellium by not providing the tools, access, and transparency the market needs and desires,” he says.

Danger Zones

Some of the organizations and companies linked to Corellium in the document come from countries seen as controversial by most people in the cybersecurity community in the West, including Alex Stamos, who acted as an expert witness for Corellium in the lawsuit against Apple.  

“I personally don’t believe it would be ethical to sell exploits to Saudi Arabia,” Stamos, the director of Stanford University’s Internet Observatory, said during testimony he provided in the lawsuit between Apple and Corellium, which is quoted in the document.  

Stamos also expressed doubts about selling products to the United Arab Emirates, whose government had a close relationship with DarkMatter. “The UAE has been shown to use malware and exploits to spy on journalists and suppress local dissent,” Stamos said. 

In response to the document’s revelations, Stamos says he doesn’t think “it's appropriate for Apple to use copyright law to try to stop security research, and I don't think it's responsible for Corellium to offer their product to companies known to create malicious software for authoritarian states.”

The document also includes the logos of alleged Corellium customers and companies linked to it. As well as the companies previously mentioned, the document includes the logo of Azimuth, a provider of advanced hacking tools to the intelligence and law enforcement agencies of the so-called Five Eyes. Other logos include the Centre for Strategic Infocomm Technologies of Singapore, or CSIT, as well as the logo of an academic institution in Saudi Arabia called the Center of Excellence in Information Assurance (COEIA), housed at the King Saud University. 

CSIT executives did not respond to a request for comment. Other than the logo of the COEIA, the document also shows a 2019 email titled “invitation to Corellium” sent to the organization. The COEIA did not respond to a request for comment.

The legal battle between Apple and Corellium is ongoing. Late last month, the two companies appeared at a hearing before the Eleventh Circuit of the US Court of Appeals in Florida. Apple’s lawyer, Melissa Sherry, argued that Corellium’s product is just a slightly tweaked version of iOS that’s not transformative enough not to be fair use. Corellium attorney Kevin Russell said the product helps users “shed light on the functionality of the Apple operating system” and is, therefore, fair use.

“I don't think there's a genuine dispute that the purpose of the product is to explore the unprotected functionality of the system's software,” he said. “What people do with that knowledge is the subject of another statute.”

A Leak Details Apple's Secret Dirt on Corellium, a Trusted Security Startup

By Owais Sultan
ASR Technology (aka Automated speech recognition) is a type of speech recognition technology that can be used to…
This is a post from HackRead.com Read the original post: What is ASR Technology and Where Can It Develop?

ASR Technology (aka Automated speech recognition) is a type of speech recognition technology that can be used to recognize and transcribe spoken words. This type of technology is often used in mobile devices, such as smartphones, and can be used to perform tasks such as hands-free voice control or dictation.

ASR technology is constantly evolving and improving, with new applications being developed all the time. This article will explore some of the potential future applications of ASR technology, as well as the challenges that need to be overcome for these applications to become a reality.

**Current application of ASR technology**

There are many different ways that ASR technology can be used in its current form. Some of the most common applications include:

**Automated Transcription**

Some of the best transcription services use ASR technology to automatically transcribe audio and video files. This can be used for a range of purposes, such as creating transcripts of interviews or lectures.

**Voice Control of Mobile Devices**

This is perhaps the most well-known use of ASR technology. Many smartphones and other mobile devices now come with voice control features that allow users to perform tasks such as making phone calls, sending texts, and opening apps.

ASR technology can also be used in other devices, such as smart TVs and home assistants such as Amazon Echo and Google Home.

Here are some potential future applications of ASR technology:

**Real-time Translation**

One potential future application of ASR technology is real-time translation. This would allow two people to have a conversation in different languages, with the ASR system translating the speech in real-time.

Currently, remote translation is an effective tool, and it will become even more valuable for international business meetings, phone calls, and travelers who wish to communicate with locals in their destination.

**Transcribe Doctor-patient Conversations**

Another potential application could be in the niche of medical applications for ASR technology. For example, ASR could be used to transcribe doctor-patient conversations, which would then be stored in the patient’s medical record.

This would be a valuable tool for keeping accurate records of patients’ treatments and progress. ASR could also be used to transcribe dictated notes from doctors, which would again be stored in the patient’s record.

**Makes accessibility easy to implement**

ASR can also help to make different types of content more accessible. For example, ASR can be used to generate subtitles for videos or podcasts or to create audio versions of text-based content. This would make this content more accessible for people with hearing impairments or who are visually impaired.

ASR can also be used to create transcripts of lectures or speeches, which would again make this content more accessible for people with hearing impairments.

**The Challenges That Need to Be Overcome****To Reach Its Full Potential**

One of the challenges that need to be overcome for ASR technology to reach its full potential is the development of more accurate and reliable speech recognition algorithms. Currently, ASR systems are often unable to correctly recognize words if there is background noise or if the speaker has an accent. This means that the technology is not yet ready for real-world applications such as translation or transcription, where accuracy is essential.

**The Issue of Privacy**

Another challenge that needs to be addressed is the issue of privacy. ASR systems need to be able to transcribe speech without recording or storing any personal information about the speaker. This is a difficult task, as ASR systems need to be able to identify individual voices in order to transcribe speech accurately.

**The High Cost**

One more challenge is the high cost of ASR technology for the developers. This may be a potential obstacle in the way of ASR becoming widely used. In order to improve this technology and be one step ahead of the competition, a lot of money has to be invested in research and development.

**Cyber Attacks**

The last challenge is the threat of cyber-attacks. ASR systems store a lot of data, which makes them a potential target for hackers. This data can include personal information about the users of the ASR system, as well as recordings of their speech. This data could be used to exploit the users of the ASR system or to impersonate them.

**Conclusion**

It’s understandable why tech giants like Google, Amazon, IBM, and Microsoft are all interested in ASR technology. The potential applications of this technology are many and varied, and it is clear that ASR is going to play a big role in our lives in the future.

Despite the challenges, ASR technology shows a lot of promise for the future. With continued development, it is likely that ASR will become an essential part of our lives, making many tasks easier and more convenient.

1.  Fields of application of artificial intelligence
2.  4 Security Flaws Affected Voice Recognition Technology
3.  Smart-Glove Can Translate Sign Language Into Text and Speech

Owais takes care of Hackread's social media from the very first day. At the same time He is pursuing for chartered accountancy and doing part time freelance writing.

What is ASR Technology and Where Can It Develop?

Google Cloud last week disclosed that it identified 34 different hacked release versions of the Cobalt Strike tool in the wild, the earliest of which shipped in November 2012.
The versions, spanning 1.44 to 4.7, add up to a total of 275 unique JAR files, according to findings from the Google Cloud Threat Intelligence (GCTI) team. The latest version of Cobalt Strike is version 4.7.2.
Cobalt

Google Cloud last week disclosed that it identified 34 different hacked release versions of the Cobalt Strike tool in the wild, the earliest of which shipped in November 2012.

The versions, spanning 1.44 to 4.7, add up to a total of 275 unique JAR files, according to findings from the Google Cloud Threat Intelligence (GCTI) team. The latest version of Cobalt Strike is version 4.7.2.

Cobalt Strike, developed by Fortra (née HelpSystems), is a popular adversarial framework used by red teams to simulate attack scenarios and test the resilience of their cyber defenses.

It comprises a Team Server that acts as the command-and-control (C2) hub to remotely commandeer infected devices and a stager that's designed to deliver a next-stage payload called the Beacon, a fully-featured implant that reports back to the C2 server.

Given its wide-ranging suite of features, unauthorized versions of the software have been increasingly weaponized by many a threat actor to advance their post-exploitation activities.

"While the intention of Cobalt Strike is to emulate a real cyber threat, malicious actors have latched on to its capabilities, and use it as a robust tool for lateral movement in their victim's network as part of their second-stage attack payload," Greg Sinclair, a reverse engineer at Google's Chronicle subsidiary, said.

In a bid to tackle this abuse, GCTI has released a set of open source YARA Rules to flag different variants of the software used by malicious hacking groups.

The idea is to "excise the bad versions while leaving the legitimate ones untouched," Sinclair said, adding "our intention is to move the tool back to the domain of legitimate red teams and make it harder for bad guys to abuse."

Found this article interesting? Follow THN on Facebook, Twitter __ and LinkedIn to read more exclusive content we post.

Google Identifies 34 Cracked Versions of Popular Cobalt Strike Hacking Toolkit in the Wild

By Habiba Rashid
According to Microsoft, the Royal ransomware is now being spread by a threat actor known as DEV-0569.
This is a post from HackRead.com Read the original post: Royal Ransomware: New Threat Uses Google Ads and Cracked Software

On November 17th, Microsoft Security Threat Intelligence tracked activity from a threat actor known as DEV-0569 regarding the development of new tools to deliver the Royal ransomware. 

Although Microsoft still uses a temporary ‘DEV-####’ designation for it, meaning that they are unsure about its origin or identity, the group is believed to consist of ex-Conti members. 

“Observed DEV-0569 attacks show a pattern of continuous innovation, with regular incorporation of new discovery techniques, defense evasion, and various post-compromise payloads, alongside increasing ransomware facilitation,” the Microsoft Security Threat Intelligence team said in an analysis.

Traced back to August 2022, the group typically relies on malvertising, phishing link vectors, fake forum pages, and blog comments. They also direct users to a malware downloader called BATLOADER, posing as various legitimate software installers such as TeamViewer, Adobe Flash Player, and Zoom or updates embedded in spam emails. 

BATLOADER posing as a TeamViewer installer

When BATLOADER is launched, it uses MSI Custom Actions to launch malicious PowerShell activity or run batch scripts to aid in disabling security solutions and lead to the delivery of various encrypted malware payloads that are decrypted and launched with PowerShell commands.

BATLOADER also appears to share overlaps with another malware called Zloader. A recent analysis of the strain by eSentire and VMware called out its stealth and persistence, in addition to its use of search engine optimization (SEO) poisoning to lure users to download the malware from compromised websites or attacker-created domains. 

In their blog post, Microsoft security researchers mentioned some of the recently observed changes in the group’s delivery method. This includes the use of contact forms on targeted organizations’ websites to deliver phishing links, hosting fake installer files on seemingly legitimate software download sites, and expansion of their malvertising technique through Google Ads. 

1.  Gootloader exploits websites via SEO to spread ransomware
2.  Google Fails To Remove “App Developer” Behind Malware Scam
3.  Malicious Office documents make up 43% of all malware downloads
4.  Google Drive accounted for 50% of malicious Office docs downloads
5.  Research sector targeted in spear phishing attack using Google Drive

In one particular campaign, DEV-0569 sent a message to targets using the contact form on these targets’ websites, posing as a national financial authority. When a contracted target responds via email, the threat actor replies with a message containing a link to BATLOADER, hence successfully luring the target into its trap. 

Also utilized is a tool known as NSudo to launch programs with elevated privileges and impair defenses by adding registry values that are designed to disable antivirus solutions.

Their expansion strategy by employing Google Ads to spread BATLOADER, however, seems to have made the biggest difference in the diversification of the DEV-0569’s distribution vectors. This enabled it to reach more targets and deliver malware payloads. 

“Since DEV-0569’s phishing scheme abuses legitimate services, organizations can also leverage mail flow rules to capture suspicious keywords or review broad exceptions, such as those related to IP ranges and domain-level allow lists,” Microsoft said.

I am a cyber security writer and one of my favourite games is Minecraft. I also really like obscure cat memes and during my free time, if I'm not found hanging around in Discord voice channels with my friends, I'm probably cycling and taking pictures of random cats on the street.

Royal Ransomware: New Threat Uses Google Ads and Cracked Software

A vulnerability classified as problematic was found in Iridium Intelligence bad_ip WP Plugin. Affected by this vulnerability is an unknown functionality of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-214039.

CVE-2022-4072

Plus: Google’s location snooping ends in a $391 million settlement, Russian code sneaks into US government apps, and the World Cup apps set off alarms.

It was a truly wild week in the tech industry as new details emerged about the FTX cryptocurrency exchange's collapse and Elon Musk drove an ever-increasing number of Twitter employees out of the company. Cryptocurrency tracers have been scrambling to understand what happened to nearly half a billion dollars worth of cryptocurrency that was pulled out of FTX last weekend. It seems that some of it may have been seized by government authorities in the Bahamas, but the mystery is still unraveling. 

Meanwhile, the wheels have increasingly been coming off the bus at Twitter. Earlier this week, for example, some users weren't receiving vital two-factor authentication codes sent over SMS, and it's unclear whether the problem has been fully resolved. With its staffing shortages and so much upheaval, we took a look at what the impacts would be if Twitter suffered a massive data breach or another major security attack in this precarious moment.

New research indicates that telehealth sites too often put addiction patient data at risk, with tracking tech lurking on substance-abuse-focused websites. And we've got part four in the series “The Hunt for the Dark Web’s Biggest Kingpin,” which chronicles the rise and fall of dark web marketplace AlphaBay. This installment tells how law enforcement agents in the Dutch National High-Tech Crime Unit took over and ran the dark web marketplace Hansa and follows US and Thai police as they were closing in on AlphaBay's kingpin, Alpha02, on the brink of attempting a dramatic arrest.

But wait, there’s more! Each week, we highlight the news we didn’t cover in-depth ourselves. Click on the headlines below to read the full stories. And stay safe out there.

A significant hack-and-leak operation in Moldova has released alleged Telegram correspondence of at least two politicians, leading to scandal and allegations of corruption. The site, called “Moldova Leaks,” has also threatened to release more data on government officials and politicians. The site published alleged messages from Moldova's minister of justice, Sergiu Litvinenco, and defense and national security adviser to the president Dorin Recean in the past two weeks. Some of the conversations imply that other Moldovan officials have won rigged elections or have been installed improperly in their positions, and the leaks particularly seem targeted at undermining anti-corruption officials. Moldova's pro-Russian political opposition has been quick to spread allegations based on the leaks that Litvinenco, Recean, and others must be removed from office. 

The Moldovan Justice Ministry said the leaked data is stolen, but it added that some of it has been manipulated. Litvinenco and other officials in Moldova's government have said that Russia is behind the operation. "The purpose of this fake is to divert the public's attention from the real problems faced by criminal groups in the Republic of Moldova and their connections with foreign services," Litvinenco wrote on Facebook. At the end of October, _The Washington Post_ reported on efforts by Russia's FSB security agency to undermine Moldova's pro-European government.

Google will pay a total of $391.5 million to 40 US states following an investigation related to the tech giant's user location tracking practices. The probe, a collaboration between state attorneys general, looked at whether Google had deceived users and obfuscated its location-tracking activities. “Consumers thought they had turned off their location tracking features on Google, but the company continued to secretly record their movements and use that information for advertisers,” Oregon attorney general Ellen Rosenblum told _The Washington Post_. "We settled an investigation with 40 US state attorneys general based on outdated product policies that we changed years ago,” Google wrote in a blog post about the agreement on Monday. “As well as a financial settlement, we will be making updates in the coming months to provide even greater controls and transparency over location data.”

Thousands of mobile apps in the Google Play and Apple App Store include code modules from a company called Pushwoosh that claims to be based in Washington, DC, but that Reuters reports is actually based in Russia. The Centers for Disease Control and Prevention incorporated Pushwoosh code into seven of its public apps and removed the service after learning of Reuters' findings. The CDC said that it had been misled about where Pushwoosh was headquartered. In March, the US Army also removed an app used by soldiers at a prominent US combat training base because it incorporated Pushwoosh code. In marketing materials and US regulatory filings, the company claims to be based in California, Maryland, or DC, but it actually pays taxes in Russia and is headquartered in Novosibirsk in Siberia. The company apparently had roughly 40 employees and reported revenue of 143,270,000 rubles (about $2.4 million) in 2021. Though it is unclear if Pushwoosh ever abused its position in apps distributed in the US or elsewhere, the Russian government has a track record of conducting “software supply chain” attacks for intelligence gathering as well as destructive attacks on its enemies.

Data and privacy regulators in Norway, France, and Germany have all warned that World Cup attendees should not download Qatar’s two World Cup apps or should do so on a wiped device if necessary. Officials warn that the apps are invasive, collecting significantly more data than they should and more than they claim to in their privacy policies. “One of the apps collects data on whether and with which number a telephone call is made,” Germany’s data protection commission said in an alert this week. “The other app actively prevents the device on which it is installed from going into sleep mode. It is also obvious that the data used by the apps not only remain locally on the device but are also transmitted to a central server.” World Cup events begin this weekend.

A Destabilizing Hack-and-Leak Operation Hits Moldova

A developing threat activity cluster has been found using Google Ads in one of its campaigns to distribute various post-compromise payloads, including the recently discovered Royal ransomware.
Microsoft, which spotted the updated malware delivery method in late October 2022, is tracking the group under the name DEV-0569.
"Observed DEV-0569 attacks show a pattern of continuous innovation, with

A developing threat activity cluster has been found using Google Ads in one of its campaigns to distribute various post-compromise payloads, including the recently discovered Royal ransomware.

Microsoft, which spotted the updated malware delivery method in late October 2022, is tracking the group under the name **DEV-0569**.

"Observed DEV-0569 attacks show a pattern of continuous innovation, with regular incorporation of new discovery techniques, defense evasion, and various post-compromise payloads, alongside increasing ransomware facilitation," the Microsoft Security Threat Intelligence team said in an analysis.

The threat actor is known to rely on malvertising to point unsuspecting victims to malware downloader links that pose as software installers for legitimate apps like Adobe Flash Player, AnyDesk, LogMeIn, Microsoft Teams, and Zoom.

The malware downloader, a strain referred to as BATLOADER, is a dropper that functions as a conduit to distribute next-stage payloads. It has been observed to share overlaps with another malware called ZLoader.

A recent analysis of BATLOADER by eSentire and VMware called out the malware's stealth and persistence, in addition to its use of search engine optimization (SEO) poisoning to lure users to download the malware from compromised websites or attacker-created domains.

Alternatively, phishing links are shared through spam emails, fake forum pages, blog comments, and even contact forms present on targeted organizations' websites.

"DEV-0569 has used varied infection chains using PowerShell and batch scripts that ultimately led to the download of malware payloads like information stealers or a legitimate remote management tool used for persistence on the network," the tech giant noted.

"The management tool can also be an access point for the staging and spread of ransomware."

Also utilized is a tool known as NSudo to launch programs with elevated privileges and impair defenses by adding registry values that are designed to disable antivirus solutions.

The use of Google Ads to deliver BATLOADER selectively marks a diversification of the DEV-0569's distribution vectors, enabling it to reach more targets and deliver malware payloads, the company pointed out.

It further positions the group to serve as an initial access broker for other ransomware operations, joining the likes of malware such as Emotet, IcedID, Qakbot.

"Since DEV-0569's phishing scheme abuses legitimate services, organizations can also leverage mail flow rules to capture suspicious keywords or review broad exceptions, such as those related to IP ranges and domain-level allow lists," Microsoft said.

Found this article interesting? Follow THN on Facebook, Twitter __ and LinkedIn to read more exclusive content we post.

Microsoft Warns of Hackers Using Google Ads to Distribute Royal Ransomware

Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Creative Mail plugin <= 1.5.4 on WordPress.

*   Details
*   Reviews
*   Installation
*   Support
*   Development

Creative Mail was designed specifically for WordPress and WooCommerce.

Our intelligent (and super fun) email editor simplifies email marketing campaign creation and pulls your WordPress blog posts, website images and WooCommerce products right into your email content. Leads from your WordPress website, ecommerce store and contact forms are automatically captured and routed into our included Contacts CRM and synced with your email marketing lists.

It’s perfect for automatic blog post syndication, newsletters and announcements, event promotion, WooCommerce product specials, retargeting ecommerce shoppers, sending postcards, providing updates and more.

Create awesome email marketing campaigns right from your WordPress Admin Dashboard that are all powered by the award-winning & rock-solid reliability of Constant Contact.

**CREATIVE MAIL IS:**

1.  Incredibly easy WordPress email marketing
2.  Deeply connected to your website & WooCommerce store
3.  Accessed from within your WP Admin Dashboard
4.  Automatically syncing your contacts and building your marketing lists
5.  Powered by the reliability superior deliverability of Constant Contact
6.  Fun, which makes life way better

**VIEW OUR DETAILED FEATURES****WOOCOMMERCE & WORDPRESS INTEGRATION:**

Turn your WooCommerce store and your WordPress site into efficient marketing engines. All ecommerce contacts and form entries are all captured in our included CRM and synced automatically with Creative Mail.

*   **Enhanced Ecommerce:** WooCommerce store customers and ecommerce interactions are all captured automatically within your email marketing list. Retarget and re-engage your customers. Sell more stuff.
*   **Beautiful Transactional Emails:** Standard WooCommerce triggered emails can be replaced to match your branding and style. Build one, and then all your other WooCommerce emails managed by Creative will inherit the same branded look. Hey, style matters.
*   **Jetpack Forms Integration:** Collect, sync, and manage opt-in subscribers directly from Jetpack forms into Creative Mail.
*   **Build Better Branding:** Creative Mail includes our free LogoBuilder and image editing suite to enhance your brand.
*   **Amazing Stock Images:** You get free access to the completely integrated photo library (in addition to your own WordPress media library) to make amazing email marketing campaigns with award-winning images.
*   **Get Better Deliverability:** Other email marketing solutions require complex SMTP solutions, external gateways or have you sending from their less than stellar IPs. As a result, your emails can get bounced or never delivered. Creative Mail is an all-in-one solution that uses Constant Contact’s rock solid infrastructure, for superior deliverability. Boom! ‘nuff said.
*   **Live Support:** With our paid plans (Awesome & Ultimate) you get access to phone and chat support to help you get answers from real live, helpful humans. Imagine that!

**OPT-IN EMAIL FORMS:**

*   **Jetpack Newsletter Form:** Jetpack has a JMML (join my mailing list) Newsletter Signup form. When activated, contacts who sign up for your Newsletter through the Jetpack form are brought right into your Newsletter email marketing list. Easy-peasy.
*   **Other WordPress Website Forms:** Creative Mail detects the current website forms used on your site, and automatically adds contacts to your email marketing lists. Automagically awesome!
*   **Creative Mail Form:** If you are not using a form on your site, you can easily add your Creative Mail Gutenberg form to start collecting email addresses of your site visitors

**EMAIL AUTOMATIONS:**

*   **Scheduled Sends:** Schedule the time and date of outgoing email marketing campaigns based on your business or organization’s preferences.
*   **Single-Step Triggered Emails:** Replace your non-branded WooCommerce order notification triggered emails with on-brand Creative Mail emails for deeper customer engagement.
*   **Abandoned Cart:** With Creative Mail and a WooCommerce store you can send emails to customers who abandon their WooCommerce shopping cart. They’ll get an email that reminds them of the items they were considering before they left.
*   **Multi-Step Marketing Journeys:** Develop sophisticated CLM (that’s marketing speak for – customer lifecycle marketing) campaigns by leveraging our “if this, then that” campaign automation engine that responds to a customer’s actions, birthdays or purchases. Welcome your customers with email automation.

**ANALYTICS & INSIGHTS:**

*   **Realtime Email Marketing Statistics:** Bounces, opens, clicks, forwards, complaints, unsubscribes and more are easily tracked and managed. Be a control freak, it’s OK.
*   **Marketing Campaign Mapview:** With our mapview you can see who’s opening your emails on what devices on an awesome, interactive visual map.

**CONTACTS CRM:**

*   **Contact Lists:** Within the Creative Mail Contacts CRM you can quickly and easily manage all your Contacts, Subscribers and Unsubscribes.
*   **Contact Activity:** Drill into the purchases and behaviors of your contacts.
*   **List Sources:** You’ll know where your contacts come from whether it’s a manual entry, your Jetpack forms, WooCommerce Store, or another defined source.
*   **Custom Labels:** Further refine your marketing by adding custom labels to subscribers or customers (ex. Truck Buyers, Concert Attendee, Dog Owners, etc.).

**IMPORT & EXPORT:**

*   **Contacts Sync & Import:** No need anymore for complex integrations between your WordPress site and your email marketing provider. With Creative Mail it all simply works with WordPress out of the box. We do the heavy lifting to sync and import your Jetpack, WordPress, WooCommerce and most used Contact form plugins contacts automatically.
*   **Import & Export Via CSV:** Import bulk email marketing lists (limits may apply), add subscribers one by one, or export your contacts into a CSV file.

**CAMPAIGNS:**

*   **AI Emails:** Forget templates, let our A.I. build your email marketing campaigns for you. Pull in WordPress posts or WooCommerce products for sale, and you’re good to go. Let our robots do your bidding!
*   **Email Campaign Creation:** Build your email marketing campaigns in seconds from your WordPress admin dashboard.
*   **Awesome Deliverability:** All email marketing campaigns are sent and delivered by the award-winning power of Constant Contact technology. We got you.
*   **Automated Email Marketing:** Send multistep email campaigns automatically, with triggers you define, whether that’s based on time, a customer birthday or behavioral actions. Create a flow to welcome your customers and send a special discount and reminder on their birthday.

**EMAIL LIST MANAGEMENT:**

*   **Contact List Growth:** Creative Mail collects leads from Jetpack forms or the top WordPress lead capture forms and adds them directly to your email lists.
*   **Automate Emails:** With our “Welcome” email trigger you can send a Creative Mail welcome email series to new subscribers and blog readers.
*   **Auto List Updater:** Creative Mail automatically updates your contact lists for unsubscribes.

**ADD ONS**

*   **Social Campaigns:** Connect your social media accounts with your Creative Mail account to share your newsletters with your followers on social.
*   **Marketing Calendar:** With your socials connected we give you an overview of all the newsletters and posts that you’ve sent and scheduled. An easy overview to engage with your audience.
*   **Booking:** Set up Bookings for your business with the Bookings tool. Give clients and customers an easy, quick way to set up appointments with you.
*   **LogoBuilder:** Create an amazing logo for your business or social with LogoBuilder and add it to your email campaigns.

**TERMS OF SERVICE & PRIVACY NOTICE**

On behalf of our lawyers (seriously, they’re nice people), please feel free to review our:

Creative Mail by Constant Contact Terms of Service  
Creative Mail by Constant Contact Privacy Notice

This plugin provides 1 block.

*   Creative Mail Let your contact subscribe to a mailing list for creative mail.

*   Go to your admin dashboard
*   Click the “Plugins” menu on the left side navigation bar
*   Click on “Add New”
*   Search for “Creative”
*   Click “Install Now”
*   Click “Activate”
*   You will be redirected to Creative Mail where you can set up your account

**Requirements**

*   Your website or blog must be using WordPress.org version 4.6 or higher on your server.
*   The plugin can be installed on regular WordPress environments and also on WordPress.com sites.

**What does the Creative Mail plugin do?**

The Creative mail plugin allows you to create awesome email marketing campaigns right from your WordPress Admin Dashboard that are all powered by the award-winning & rock-solid reliability of Constant Contact.  
Our intelligent (and super fun) email editor simplifies email marketing campaign creation and pulls your WordPress blog posts, website images and WooCommerce products right into your email content. Leads from your WordPress website, ecommerce store and contact forms are automatically captured and routed into our included Contacts CRM and synced with your email marketing lists.  
It’s perfect for automatic blog post syndication, newsletters and announcements, event promotion, WooCommerce product specials, retargeting ecommerce shoppers, sending postcards, providing updates and more.

**Are coding skills needed to use Creative Mail?**

Creative Mail is built for non-developers, you don’t even need to fill in API keys. If you know how to install a plugin on your website, you are good to go! You will have your images, blog posts and products from your WordPress site available to make campaigns without having to lift a finger.

**What is available for free with CreativeMail?**

With Creative Mail you can send campaigns to your contacts for free. Promote your blog articles, WooCommerce products, events and much more with your followers. Advanced functionality like sending Welcome series Automations and WooCommerce order notifications are part of a paid plan.  
You can see the overview of all the features per plan on our plans page.

**What forms can I use in combination with Creative mail?**

You can add the Creative Mail Form to your site to gather contacts and add contacts automatically to a specific list.  
Creative Mail also integrated with one of the form builders below. For those you can easily activate Contact Synchronization:  
– Jetpack forms  
– Contact form 7  
– WPForms lite and WPForms  
– Newsletter  
– Gravity forms  
– Elementor  
– Ninja forms  
– Caldera Forms  
– Formidable

**Does Creative Mail support ecommerce stores?**

Creative mail is fully integrated with WooCommerce, which enables you to share your WooCommerce products via email campaigns. You can also replace your non-branded WooCommerce order notification triggered emails with on-brand Creative Mail emails for deeper customer engagement. Build one, and then all your other WooCommerce emails managed by Creative Mail will inherit the same branded look. Hey, style matters.

I built a new website on WordPress for a new business. I'm starting with free plugins until I get the ball rolling. Creative Mail by Constant Contact was already in my dashboard with a free subscription option. It is the only newsletter email option available if you use the included WPForms contact forms (also included in initial install). Unlike any other plugin I've used, Creative Mail functions outside your dashboard. It doesn't link to WPForms even after telling it that's what you're using. In addition to creating a Constant Contact account & adding WP Forms to your settings, you have to go back to your dashboard & click a button in WP Forms that then asks you to log in to Creative Mail to give it permission to connect with WP Forms. This permission doesn't exist on the Creative Mail account. I couldn't get past this, because I couldn't log in (even though I was already logged in having just signed up). When signing up, it wanted my name, address, email address, & then to create a password (no user name selection). I tried every variation of my name or email address with my password (I have a generator & only have to copy the password, so no typos). It couldn't find me. I clicked that I forgot my username & got an email saying my user name was... ce- & a string of 26 alpha-numeric characters. That also didn't work. Their support page offers number for 2 issues: account suspension & enabling debugging. I got a support number from the chat bot. When you call, they want your phone number associated with the account. That was never included, so it didn't find me but put me on hold for the "next available" agent. After 15 minutes, it hung up on me. I waited a while & tried again. This time, I waited on hold for over 40 minutes before hanging up. WordPress should remove this from the plugins. WP Forms should allow you to use some other plugin (there's a long list available with paid subscriptions). This is a most disreputable business practice & has all the ear-markings of a scam. Don't take just my word for it. Read some of the other 1 star reviews.

Excellent produit, avec un système très simple à comprendre.

I love it.its very easy to use.that helps a lot.thsnk u

It is a very good program

This is an awesome plugin!

Haven't had a chance to use it

Read all 315 reviews

“Creative Mail – Easier WordPress & WooCommerce Email Marketing” is open source software. The following people have contributed to this plugin.

Contributors

*    Constant Contact

*   1.6.3 – Hotfix: Fixed a bug where the plugin was not working on some servers.
*   1.6.2 – Security updates and removal of Unsupported Plugin (Caldera Forms)
*   1.6.1 – Security update
*   1.6.0 – Security update, Bug fixes and Support to sync Address Fields for Contact Form 7
*   1.5.4 – Migration to WordPress version 6.0.2 and Checkout mail templates update
*   1.5.3 – README update
*   1.5.2 – Small bug fix for PHP versions previous to 7.1
*   1.5.1 – Fix outdated PHP classes
*   1.5.0 – Fix WooCommerce product lists, improved WooCommerce order workflows and improved contact management.
*   1.4.9 – Fixes regarding WooCommerce and Contact Sync Updates.
*   1.4.8 – Redirect to main CreativEmail templates page when user has abandoned cart template deactivated. Fix sync error with contact form 7. Added automation trigger for customer buying products.
*   1.4.7 – Fix currency type being shown in “Abandoned Cart” emails for WooCommerce.
*   1.4.6 – Add phone number handling for Jetpack Forms. Bug fixes.
*   1.4.5 – This version contains a fix for Creative mail customers who also use the Bluehost WebsiteBuilder functionality to build their WordPress site.
*   1.4.4 – Add support for ‘return to shop’ urls
*   1.4.3 – Updated brand name.
*   1.4.2 – Fixed a crash that could occur when using the elementor contact sync.
*   1.4.1 – Fixed several bugs
*   1.4.0 – Added gutenberg contact form block CreativeMail
*   1.3.9 – Include notice when you have enabled a password protection plugin.
*   1.3.8 – Fixes an issue with WooCommerce recommendations.
*   1.3.7 – Fixes an issue specific to PHP 7.4
*   1.3.6 – Improved integrations with WooCommerce to support features like Abandoned Cart emails.
*   1.3.5 – Addresses two small issues where some relative URLs would not work for WP installs in subdirectories.
*   1.3.4 – Improved initial contact sync: we can now import all your contacts without any limits!
*   1.3.3 – Direct access to Creative Mail features from the left side nav in WP Admin.
*   1.3.2 – Fixes an issue where the contact sync might cause a critical error.
*   1.3.1 – Add the ability to show the amount of recovered revenue via abandoned carts.
*   1.3.0 – Support for abandoned cart emails
*   1.2.4 – Introduces a ‘Reset’ button on the settings page for accounts that are stuck.
*   1.2.3 – Fixes an issue where the banner would show up again after being dismissed.
*   1.2.2 – Introduction of multistep automations and fixes a couple of small issues in the CreativeMail widgets
*   1.2.1 – Fixes an issue where some users would experience an issue where our UI was blocked by pop-up blockers.
*   1.2.0 – Context aware notifications, add support for Ninja forms, add support for Caldera forms

Tag

#intel