Phishing-as-a-service operation uses DNS-over-HTTPS for evasion
A newly discovered phishing-as-a-service (PhaaS) operation that researchers call Morphing Meerkat, has been using the DNS over HTTPS (DoH) protocol to…
Telegram captcha tricks you into running malicious PowerShell scripts
Threat actors on X are exploiting the news around Ross Ulbricht to direct unsuspecting users to a Telegram channel that…
Biden’s Cybersecurity EO Leaves Trump a Comprehensive Blueprint for Defense
New order mandates securing the federal software supply chain and communications networks, as well as deploying AI tools to protect…
MikroTik botnet uses misconfigured SPF DNS records to spread malware
A newly discovered botnet of 13,000 MikroTik devices uses a misconfiguration in domain name server records to bypass email protections and…
Malicious ads push Lumma infostealer via fake CAPTCHA pages
A large-scale malvertising campaign distributed the Lumma Stealer info-stealing malware through fake CAPTCHA verification pages that prompt users to run…
Sitting Ducks DNS attacks let hackers hijack over 35,000 domains
Threat actors have hijacked more than 35,000 registered domains in so-called Sitting Ducks attacks that allow claiming a domain without…
Don’t Let Your Domain Name Become a “Sitting Duck”
More than a million domain names -- including many registered by Fortune 100 firms and brand protection companies -- are…
Chinese Forced-Labor Ring Sponsors Football Clubs, Hides Behind Stealth Tech
An illegal gambling empire fueled by modern-day slavery is being propped up by high-profile sponsorships — and defended with sophisticated…
Revolver Rabbit gang registers 500,000 domains for malware campaigns
A cybercriminal gang that researchers track as Revolver Rabbit has registered more than 500,000 domain names for infostealer campaigns that…
Muddling Meerkat hackers manipulate DNS using China’s Great Firewall
A new cluster of activity tracked as "Muddling Meerkat" is believed to be linked to a Chinese state-sponsored threat actor's manipulation…