This content originally appeared on DEV Community and was authored by FJRG2007 γ
Dymo has identified a critical vulnerability affecting the Public Prosecution Office of the Sultanate of Oman. Our monitoring systems detected unauthorized access to their email servers, which are currently being exploited to send fraudulent cryptocurrency-related campaigns. These emails are dispatched from legitimate addresses within the institution, granting them apparent authenticity and making detection by conventional security filters difficult, thereby significantly increasing the risk to potential victims worldwide.
This is not the first time we have uncovered such an incident. Several months ago, we reported a similar vulnerability in the highest police authority of Ecuador, which also allowed malicious actors to misuse official infrastructure for illicit purposes. These cases reveal a worrying pattern of weaknesses in protecting critical infrastructures within governmental organizations across different countries.
The vulnerability has been formally reported to the Public Prosecution Office of the Sultanate of Oman, along with a series of technical recommendations to mitigate the breachβs impact and prevent future exploitation.
At Dymo, we reaffirm our commitment to global cybersecurity and responsible disclosure of vulnerabilities that threaten the integrity and trust of public and private institutions worldwide. Incidents like these highlight the urgent need to strengthen protective measures in state organizations increasingly exposed to cyber threats.
Cybersecurity #Phishing #Fraud #Government #Oman #Ecuador #Dymo #Vulnerability #ResponsibleDisclosure #DigitalSecurity
This content originally appeared on DEV Community and was authored by FJRG2007 γ