From fake Chrome download pages spreading SpyNote malware to stealthy attacks on Fortinet devices and dangling DNS exploits, cyber criminals are getting creative. Meanwhile, Volt Typhoon shows China’s long game in infiltrating U.S. infrastructure. This episode dives into the hidden threats lurking behind legitimate facades.
Read MoreFrom fake toll smishing attacks and job scam malware to tax-themed phishing and compromised npm packages, cybercriminals are pulling out all the psychological stops. This episode exposes how attackers prey on urgency, trust, and tax season chaos to deploy malware like BeaverTail, Tropidoor, and Remcos. Tune in to learn how to spot the tricks before they drain your data—or your crypto wallet.
Read MoreThis week we talk about [00:36] a new banking/crypto trojan stealing credentials and taking over phones, then [11:21] a new dropper malware that uses a bunch of techniques to avoid detection, then [18:18] how hackers stealing malchimp sessions and using it for phishing and finally [23:12] FireFox and Chrome have a serious vulnerability currently being exploited.
Read MoreThis week we talk about [00:36] We talk about a new Remote Access Trojan (RAT) that uses Telegram as it’s command and control server, then [07:56] we talk about how DigiCert made a mistake and needed to revoke certificates and the chaos that causes, but why it’s needed, then [16:21] we talk about how criminals once again are utilizing CloudFlare’s free tunnel service to once again get around security controls and compromise systems and finally [22:44] how the rise of fake profiles on LinkedIN are being used to gain information that could be used again you.
Read MoreThis week we talk about [00:36] how Citrix is warning its customers to be aware of this integrated third party tool, then [07:55] we finally learn the identity of the main member of LockBit, Then we talk about [14:04] Dell had one of their sites…
Read MoreThis week we talk about [00:36] how a major player in the website protection game, get’s hacked, [09:13] A Russian hacker group is using vulnerabilites from December to gain access to your account, [16:20] Mastadon has a critical vulnerability, can…
Read MoreThis week we talk about [00:36] an Outlook vulnebility that leaks a hashed password to places it shouldn’t, then [06:32] The US government doesn’t need warrants for your information they just pay data brokers, [13:58] The NoName…
Read MoreOn my return for 2024, we talk about [00:36] how a Russia backed group hacked Microsoft’s top leaders email account, [09:25] VMWare sounds the alarm about their latest critical vCenter vulnerability that’s currently being used in attacks, [16:00] How…
Read MoreThis week we talk about [00:36] ownCloud let’s it users know it’s found 3 critical vulnerabilites in some of it’s software, [06:57] A school app based in India was leaking personal student data due to misconfiguration, [12:15] Microsoft takes a…
Read MoreThis week we talk about [00:36] We talk about how some security researchers were able to extract a RSA key from signing errors, [07:27] How a now defunt shadowy hack-for-hire group was behind a bunch of attacks, [15:11] Vulnerabilities in some AL and…
Read More
Recent Comments