Fake CrowdStrike job offer emails target devs with crypto miners
CrowdStrike is warning that a phishing campaign is impersonating the cybersecurity company in fake job offer emails to trick targets…
Ditch The Cloud Security Labels to Nail Detection and Response
Today’s cloud security categories don’t do practitioners any favors when it comes to identifying the key requirements for detection and…
Hackers abuse Avast anti-rootkit driver to disable defenses
A new malicious campaign is using a legitimate but old and vulnerable Avast Anti-Rootkit driver to evade detection and take…
Canadian Authorities Arrest Attacker Who Stole Snowflake Data
The suspect, tracked as UNC5537, allegedly bragged about hacking several Snowflake victims on Telegram, drawing attention to himself.
Massive SMS stealer campaign infects Android devices in 113 countries
A malicious campaign targeting Android devices worldwide utilizes thousands of Telegram bots to infect devices with SMS-stealing malware and steal…
French police push PlugX malware self-destruct payload to clean PCs
The French police and Europol are pushing out a "disinfection solution" that automatically removes the PlugX malware from infected devices…
Attackers Planted Millions of Imageless Repositories on Docker Hub
The purported metadata for each these containers had embedded links to malicious files.
Cybercriminals pose as LastPass staff to hack password vaults
LastPass is warning of a malicious campaign targeting its users with the CryptoChameleon phishing kit that is associated with cryptocurrency…
US Health Dept warns hospitals of hackers targeting IT help desks
The U.S. Department of Health and Human Services (HHS) warns that hackers are now using social engineering tactics to target…
Attackers Exploit Microsoft Security-Bypass Zero-Day Bugs
The Water Hydra cyberattacker group is one adversary using the zero-days to get past built-in Windows protections.