Security News

In what's a case of an operational security lapse, the operator behind a new information stealer called Styx Stealer leaked data from their own computer, including details related to the clients, profit information, nicknames, phone numbers, and email addresses. Styx Stealer, a derivative of the Phemedrone Stealer, is capable of stealing browser data, instant messenger sessions from Telegram and Discord, and cryptocurrency wallet information, cybersecurity company Check Point said in an analysis.

The entire database for the notorious BreachForums v1 hacking forum was released on Telegram Tuesday night, exposing a treasure trove of data, including members' information, private messages,...

Claims to have taken down two colossal networks, with 'Secondary Infektion' schooling 'Spamouflage' Russia appears to be "better" at running online trolling campaigns aimed at pushing its...

North Korean nation-state actors affiliated with the Reconnaissance General Bureau have been attributed to the JumpCloud hack following an operational security blunder that exposed their actual IP address. The intrusion directed against JumpCloud took place on June 22, 2023, as part of a sophisticated spear-phishing campaign that leveraged the unauthorized access to breach fewer than five customers and less than 10 systems in what's called a software supply chain attack.

A hacking unit of North Korea's Reconnaissance General Bureau was linked to the JumpCloud breach after the attackers made an operational security mistake, inadvertently exposing their real-world IP addresses. While North Korean state hackers are known for using commercial VPN services to mask their IP addresses and actual locations, during the JumpCloud attack, the VPNs they were using failed and exposed their location in Pyongyang while connecting to a victim's network.

In this one, we'll dive into operations security threats to the supply chain. How are people threatening the vaccine supply chain?

Microsoft on Wednesday released another report detailing the activities and the methods of the threat actor behind the attack on IT management solutions firm SolarWinds, including their malware delivery methods, anti-forensic behavior, and operational security. In its latest report on the SolarWinds attack, which it tracks as Solorigate, Microsoft explains how the attackers got from the Sunburst malware to the Cobalt Strike loaders, and how they kept the components separated as much as possible to avoid being detected.

New research from Sophos takes an exhaustive look at the Baldr password stealer.

A 34-year-old North Korean national has been charged by U.S. authorities over his alleged involvement in the cyberattacks carried out by the Lazarus Group. An affidavit filed by an FBI special...

Security Compass announced it has expanded on operational security (OpSec) requirements available in the SD Elements’ knowledge library, with support for Microsoft Azure and other application...