Publishers Spotlight: SquareX
I was thrilled to catch up with SquareX during Black Hat USA 2024. SquareX is a cybersecurity startup that specializes…
Junkyard Gem: 1984 Mitsubishi Montero Sport
Mitsubishi first began selling Cordias, Tredias, Starions and Trucks in the United States for the...
Cybercrime Rapper Sues Bank over Fraud Investigation
In January, KrebsOnSecurity wrote about rapper Punchmade Dev, whose music videos sing the praises of a cybercrime lifestyle. That story…
China’s APT41 Targets Taiwan Research Institute for Cyber Espionage
The state-sponsored Chinese threat actor gained access to three systems and stole at least some research data around computing and…
Is your password policy working? Key cybersecurity KPIs to measure
Are your password policies having a positive impact on the cybersecurity posture of your org? Learn more from Specops Software…
Misconfigured Selenium Grid servers abused for Monero mining
Threat actors are exploiting a misconfiguration in Selenium Grid, a popular web app testing framework, to deploy a modified XMRig tool…
Feds Warn of North Korean Cyberattacks on US Critical Infrastructure
The Andariel group is targeting critical defense, aerospace, nuclear, and engineering companies for data theft, the FBI, NSA, and others…
French police push PlugX malware self-destruct payload to clean PCs
The French police and Europol are pushing out a "disinfection solution" that automatically removes the PlugX malware from infected devices…
Chinese hackers deploy new Macma macOS backdoor version
The Chinese hacking group tracked as 'Evasive Panda' was spotted using new versions of the Macma backdoor and the Nightdoor…
Fake CrowdStrike repair manual pushes new infostealer malware
CrowdStrike is warning that a fake recovery manual to repair Windows devices is installing a new information-stealing malware called Daolpu.…