Cloud engineer gets 2 years for wiping ex-employer’s code repos
Miklos Daniel Brody, a cloud engineer, was sentenced to two years in prison and a restitution of $529,000 for wiping the code repositories of his…
Month: December 2023
Lazarus exploit Log4Shell vulnerability to deliver novel RAT malware
North Korea-backed group Lazarus has been spotted exploiting the Log4Shell vulnerability (CVE-2021-44228) and novel malware written in DLang (i.e., the memory-safe D programming language). “This…
Hackers Planting Credit Card Skimmers Using Google Tag Manager
Recently, it has been reported that Magecart Veteran ATMZOW has found 40 new domains of Google Tag Manager. As a result, thousands of websites have…
Recruiters, beware of cybercrooks posing as job applicants!
Recruiters are being targeted via spear-phishing emails sent by cybercrooks impersonating job applicants, Proofpoint researchers are warning. “The tone and content of the emails suggest…
Stealing Browser Passwords & Cookies
A new malicious campaign, Editbot Stealer, was discovered in which threat actors use WinRAR archive files with minimal detection to perform a multi-stage attack. Threat…
Toyota Ransomware Attack Exposes Customers Personal Data
Toyota Financial Services (TFS) notifies customers after a data breach that exposed personal and sensitive financial information. In a limited number of locations, including Toyota…
The sound of you typing on your keyboard could reveal your password
As if password authentication’s coffin needed any more nails, researchers in the UK have discovered yet another way to hammer one in. The technique, developed…
Non-Human Access is the Path of Least Resistance: A 2023 Recap
Dec 12, 2023The Hacker NewsCybersecurity / GenAI Security 2023 has seen its fair share of cyber attacks, however there’s one attack vector that proves to…
Info Stealer Targeting Social Media Users
A new menace has emerged on the dark web— the Editbot stealer. Recently discovered by Cyble Research and Intelligence Labs (CRIL), this Python-based information stealer…
“Pool Party” process injection techniques evade EDRs
SafeBreach researchers have discovered eight new process injection techniques that can be used to covertly execute malicious code on Windows systems. Dubbed “Pool Party” because…
New MrAnon Stealer Malware Targeting German Users via Booking-Themed Scam
Dec 12, 2023NewsroomCryptocurrency / Cyber Attack A phishing campaign has been observed delivering an information stealer malware called MrAnon Stealer to unsuspecting victims via seemingly…
What Is CloudSecOps? – Definition, Types & Best Practices Guide
Cloud security is becoming a central part of any organization’s cybersecurity strategy. However, in most organizations, the teams managing cloud operations work separately from those…