Biztonsági szemle

Android remote access trojan SpyNote has been deployed through fraudulent Google Play websites on newly registered domains as part of a new attack campaign, reports Infosecurity Magazine.

Targeted cyberattacks were discovered by Darktrace researchers to have been obscured by threat actors through spam bombing attacks against email systems, according to SiliconAngle.

Atomic, Exodus wallets subjected to malicious npm package attack Attackers have been looking to compromise users of the Atomic and Exodus cryptocurrency wallets through the new "pdf-to-office" npm package spoofing a PDF to Microsoft Word document...

BleepingComputer reports that trojanized removable drives have been harnessed by the Russian state-sponsored threat operation Gamaredon, also known as Shuckworm, to distribute a new GammaSteel information-stealing malware variant in an attack...

Moroccan cybercrime operation Atlas Lion which sets its sights on major retailers, restaurants, and other gift card-giving organizations has been integrating their virtual machines into targeted entities' cloud domains via breached credentials to...

At CyberArk IMPACT 25, former CISA director Jen Easterly warns that without intelligent identity systems, AI-fueled cyberattacks will outpace defenses.

Domain controllers were breached in more than 78% of human-operated cyberattacks, warned Microsoft.

EC2 instance metadata can include sensitive information such as IAM role credentials.

Gladinet's platform is widely used among managed service providers, and a critical deserialization flaw could put MSP customers in jeopardy.

Managing permissions and authorizations across dozens or hundreds of cloud services and platforms poses significant headaches for companies. An open specification aims to change that.