Security News

Styx Stealer Creator's OPSEC Fail Leaks Client List and Profit Details
2024-08-21 11:10

In what's a case of an operational security lapse, the operator behind a new information stealer called Styx Stealer leaked data from their own computer, including details related to the clients, profit information, nicknames, phone numbers, and email addresses. Styx Stealer, a derivative of the Phemedrone Stealer, is capable of stealing browser data, instant messenger sessions from Telegram and Discord, and cryptocurrency wallet information, cybersecurity company Check Point said in an analysis.

BreachForums v1 database leak is an OPSEC test for hackers
2024-07-24 04:00

The entire database for the notorious BreachForums v1 hacking forum was released on Telegram Tuesday night, exposing a treasure trove of data, including members' information, private messages,...

Meta reckons China's troll farms could learn proper OpSec from Russia's fake news crews
2023-08-30 00:58

Claims to have taken down two colossal networks, with 'Secondary Infektion' schooling 'Spamouflage' Russia appears to be "better" at running online trolling campaigns aimed at pushing its...

North Korean Nation-State Actors Exposed in JumpCloud Hack After OPSEC Blunder
2023-07-25 14:46

North Korean nation-state actors affiliated with the Reconnaissance General Bureau have been attributed to the JumpCloud hack following an operational security blunder that exposed their actual IP address. The intrusion directed against JumpCloud took place on June 22, 2023, as part of a sophisticated spear-phishing campaign that leveraged the unauthorized access to breach fewer than five customers and less than 10 systems in what's called a software supply chain attack.

JumpCloud hack linked to North Korea after OPSEC mistake
2023-07-24 17:12

A hacking unit of North Korea's Reconnaissance General Bureau was linked to the JumpCloud breach after the attackers made an operational security mistake, inadvertently exposing their real-world IP addresses. While North Korean state hackers are known for using commercial VPN services to mask their IP addresses and actual locations, during the JumpCloud attack, the VPNs they were using failed and exposed their location in Pyongyang while connecting to a victim's network.

Combatting OpSec threats to our COVID-19 vaccination efforts: What can we do?
2021-06-24 05:30

In this one, we'll dive into operations security threats to the supply chain. How are people threatening the vaccine supply chain?

Microsoft Details OPSEC, Anti-Forensic Techniques Used by SolarWinds Hackers
2021-01-21 15:25

Microsoft on Wednesday released another report detailing the activities and the methods of the threat actor behind the attack on IT management solutions firm SolarWinds, including their malware delivery methods, anti-forensic behavior, and operational security. In its latest report on the SolarWinds attack, which it tracks as Solorigate, Microsoft explains how the attackers got from the Sunburst malware to the Cobalt Strike loaders, and how they kept the components separated as much as possible to avoid being detected.

Baldr malware unpicked with a little help from crooks’ bad opsec
2019-08-06 13:00

New research from Sophos takes an exhaustive look at the Baldr password stealer.

Opsec Mistakes Allowed U.S. to Link North Korean Man to Hacks
2018-09-07 09:00

A 34-year-old North Korean national has been charged by U.S. authorities over his alleged involvement in the cyberattacks carried out by the Lazarus Group. An affidavit filed by an FBI special...

Security Compass expands support for OpSec, adding Microsoft Azure to its knowledge library
2018-09-06 18:29

Security Compass announced it has expanded on operational security (OpSec) requirements available in the SD Elements’ knowledge library, with support for Microsoft Azure and other application...