What are LOLBins? How to Detect Malicious Threats
LOLBin stands for “Living Off the Land Binaries,” tools that are pre-installed as part of an operating system. LOLBins are not malicious in themselves but…
Author: Cybernoz
Ex-data analyst stole company data in $2.5M extortion scheme
A North Carolina man was found guilty of extorting a D.C.-based technology company while still being employed as a data analyst contractor. While a Justice…
AstraZeneca Data Breach – LAPSUS$ Group Allegedly Claims Access to Internal Data
The notorious hacking collective LAPSUS$ has resurfaced, allegedly claiming responsibility for a significant data breach involving the multinational pharmaceutical and biotechnology company AstraZeneca. The threat…
Getting the Threat Model Right
When a Magecart payload hides inside the EXIF data of a dynamically loaded third-party favicon, no repository scanner will catch it – because the malicious…
US, Germany, Canada disrupt botnets
Law enforcement agencies in the United States, Germany and Canada have carried out an operation to take down infrastructure used by four major botnets that…
Oracle fixes critical RCE flaw CVE-2026-21992 in Identity Manager
Oracle fixes critical RCE flaw CVE-2026-21992 in Identity Manager Pierluigi Paganini March 22, 2026 Oracle fixed a critical severity flaw, tracked as CVE-2026-21992, enabling unauthenticated…
Anthropic ban heralds new era of supply chain risk — with no clear playbook
“You need a full AI security solution,” he tells CSO, arguing that AI systems are dynamic, with models, data, and behaviors that change over time,…
PerfMon! What Is It Good For?
In his hit song “War,” Motown singer Edwin Starr asked a poignant question: “War, huh, yeah, what is it good for?” Well, from a purple…
VoidStealer malware steals Chrome master key via debugger trick
An information stealer called VoidStealer uses a new approach to bypass Chrome’s Application-Bound Encryption (ABE) and extract the master key for decrypting sensitive data stored…
DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover
A new exploit kit for Apple iOS devices designed to steal sensitive data from is being wielded by multiple threat actors since at least November…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 89
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter New Payload ransomware –…
Your MFA isn’t broken — it’s being bypassed, and your employees can’t tell the difference
2. We trust session cookies too much Once MFA is completed, most organisations treat the resulting session as sacred. The user proved who they are,…