QR codes bypass browser isolation for malicious C2 communication
Mandiant has identified a novel method to bypass contemporary browser isolation technology and achieve command-and-control C2 operations. [...]
Hackers increasingly use Winos4.0 post-exploitation kit in attacks
Hackers are increasingly targeting Windows users with the malicious Winos4.0 framework, distributed via seemingly benign game-related apps. [...]
Black Basta ransomware poses as IT support on Microsoft Teams to breach networks
The BlackBasta ransomware operation has moved its social engineering attacks to Microsoft Teams, posing as corporate help desks contacting employees…
It’s Time to Sound the Alarm on SMB Cyber Threats
There’s an unnerving secret many of us in cybersecurity have noticed. And if you think your company is “too small”…
Embargo ransomware escalates attacks to cloud environments
Microsoft warns that ransomware threat actor Storm-0501 has recently switched tactics and now targets hybrid cloud environments, expanding its strategy…
Infostealers Waltz Through macOS to Grab Crypto Wallets, Browser Creds
Ironically, Macs' lower risk profile may make them more susceptible to any given threat than the average Windows or Linux…
China’s APT41 Targets Taiwan Research Institute for Cyber Espionage
The state-sponsored Chinese threat actor gained access to three systems and stole at least some research data around computing and…
Don’t Let Your Domain Name Become a “Sitting Duck”
More than a million domain names -- including many registered by Fortune 100 firms and brand protection companies -- are…
CrowdStrike: ‘Content Validator’ bug let faulty update pass checks
CrowdStrike released a Preliminary Post Incident Review (PIR) on the faulty Falcon update explaining that a bug allowed bad data…
The Not-So-Secret Network Access Broker x999xx
Most accomplished cybercriminals go out of their way to separate their real names from their hacker handles. But among certain…