Lapsus$ hackers took SIM-swapping attacks to the next level
The U.S. government released a report after analyzing simple techniques, e.g. SIM swapping, used by the Lapsus$ extortion group to…
MoustachedBouncer hackers use AiTM attacks to spy on diplomats
A cyberespionage group named 'MoustachedBouncer' has been observed using adversary-in-the-middle (AitM) attacks at ISPs to hack foreign embassies in Belarus.…
Heard At RSAC 2023 – Protecting the Protectors
Some Personal Risks to Individual Cybersecurity Practitioners Are Elevated Because Of The Work They Do. Is It Time for Workplace…
Heard At RSAC 2023 – Protecting the Protectors
Some Personal Risks to Individual Cybersecurity Practitioners Are Elevated Because Of The Work They Do. Is It Time for Workplace…
New PaperCut critical bug exposes unpatched servers to RCE attacks
PaperCut recently fixed a critical security vulnerability in its NG/MF print management software that allows unauthenticated attackers to gain remote code…
Google explains how Android malware slips onto Google Play Store
The Google Cloud security team acknowledged a common tactic known as versioning used by malicious actors to slip malware on…
Fake FlipperZero sites promise free devices after completing offer
A site impersonating Flipper Devices promises a free Flipper Zero after completing an offer but only leads to shady browser…
Russian hackers target govt orgs in Microsoft Teams phishing attacks
Microsoft says a hacking group tracked as APT29 and linked to Russia's Foreign Intelligence Service (SVR) targeted dozens of organizations…
Threat actors abuse Google AMP for evasive phishing attacks
Security researchers are warning of increased phishing activity that abuses Google Accelerated Mobile Pages (AMP) to bypass email security measures…
P2PInfect server botnet spreads using Redis replication feature
Threat actors are actively targeting exposed instances of the Redis open-source data store with a peer-to-peer self-replicating worm with versions…