-
May 2, 2023
A new malware called LOBSHOT is being distributed through Google Ads by impersonating a legitimate remote management software, AnyDesk. The malware, analyzed by cybersecurity experts from Elastic Security Labs. is a remote access trojan that allows threat actors to take… read more »
-
Apr 29, 2023
In March and April 2023, cybersecurity firm TrendMicro discovered a new type of ransomware called Rapture that targets its victims using a minimalistic approach with tools that leave only a minimal footprint behind. This malware was found to have similarities… read more »
-
Apr 29, 2023
A new information stealer for Apple macOS, called Atomic macOS Stealer (AMOS), is being advertised on Telegram for $1,000 per month. According to a recent research from Cyble, the malware can steal various types of information from the victim’s machine,… read more »
-
Apr 26, 2023
Alloy Taurus, a Chinese nation-state group known for attacking telecom companies since at least 2012, has been found to be using a Linux variant of the PingPull backdoor and a new tool called Sword2033, according to cybersecurity company Palo Alto… read more »
-
Apr 25, 2023
North Korea-linked BlueNoroff APT group has been observed by security firm Jamf using a new macOS malware called RustBucket in recent attacks. The RustBucket malware allows operators to download and execute various payloads. The first-stage was contained within an unsigned… read more »
-
Apr 24, 2023
Several years ago, during a SANS course, I discovered TiddlyWiki for the first time. Since then, I have never stopped using it, despite its somewhat dated UI. TiddlyWiki is a highly versatile and customizable personal wiki that allows me to… read more »
-
Apr 21, 2023
Cybercriminals are using a new method called RBAC Buster to create persistent backdoor accounts on Kubernetes clusters and use their resources for Monero crypto-mining. The RBAC (Role-Based Access Control) system is used by admins to define which users or service… read more »
-
Apr 21, 2023
Google has fixed a security flaw called GhostToken that allowed attackers to backdoor Google Cloud Platform (GCP) users’ accounts using malicious OAuth applications installed from the Google Marketplace or third-party providers. According to a research by Astrix Security, after being… read more »