Spyware Maker NSO Group Is Paving a Path Back Into Trump’s America
Other NSO-connected figures also have close Trump ties: Bryan Lanza, a partner at Mercury Public Affairs, which consulted for the company from 2020 to 2021,…
Month: April 2025
SideCopy APT Hackers Impersonate Government Officials to Deploy Open-Source XenoRAT Tool
The Pakistan-linked Advanced Persistent Threat (APT) group known as SideCopy has significantly expanded its targeting scope since late December 2024. Initially, the group focused on…
National Social Security Fund of Morocco Suffers Data Breach
National Social Security Fund of Morocco Suffers Data Breach Pierluigi Paganini April 09, 2025 Threat actor ‘Jabaroot’ claims breach of National Social Security Fund of…
The Logical Solution to the Civil Union vs. Marriage Debate
The answer is so simple that it may temporarily disorient you. Civil unions are a government function Marriage is a church function In other words,…
BadBazaar and Moonshine malware targets Taiwanese, Tibetan and Uyghur groups, U.K. warns
Two spyware variants are targeting Uyghur, Taiwanese and Tibetan groups and individuals, the U.K.’s National Cyber Security Centre warned in a joint alert Wednesday with…
Will Windows 10 leave enterprises vulnerable to zero-days?
One thing Microsoft has been very public about is Windows 10’s new strategy of releasing patches to update the operating system at different times for…
Police detains Smokeloader malware customers, seizes servers
In follow-up activity for Operation Endgame, law enforcement tracked down Smokeloader botnet’s customers and detained at least five individuals. During Operation Endgame last year, more…
Microsoft Exchange Admin Center Down Globally
Microsoft has confirmed a global outage affecting the Exchange Admin Center (EAC), leaving administrators unable to access critical management tools. The issue, which has been…
Russian APT Hackers Use Device Code Phishing Technique to Bypass MFA
Russian state-backed advanced persistent threat (APT) group Storm-2372 has exploited device code phishing to bypass multi-factor authentication (MFA) and infiltrate high-value targets across governments, NGOs,…
Microsoft’s April 2025 bumper Patch Tuesday corrects 124 bugs
Microsoft’s mighty bundle of 124 April fixes for Common Vulnerabilities and Exposures (CVEs) in its codebase includes 11 that are rated “critical” and two rated…
Hacking and Grinding: The Balance Between Passion and Self Control
I think a lot about what makes people successful, both in a general sense and also on an individual basis. The model I’ve been working…
Subdomain reconnaissance: enhancing a hacker’s EASM
External Attack Surface Management (EASM) is the continuous discovery, analysis, and monitoring of an organization’s public facing assets. A substantial part of EASM is the…