Tag: PASSWORD

AMOS Stealer Revamped to Serve as a Fully Undetected macOS Threat
Summary: A new version of AMOS Stealer specifically targeting macOS has emerged, effectively evading detection and exploiting system vulnerabilities to exfiltrate sensitive data. This malware circumvents macOS Gatekeeper through user interaction and is designed to steal credentials, cryptocurrency information, and personal files. Security researcher Tonmoy Jitu has detailed its evasion techniques and functionality in a comprehensive analysis.…
Read More
Unveiled the Threat Actors
This article explores various threat actors known for their significant cyber attacks, detailing their origins, techniques, and famous hacks. It categorizes these actors by their affiliations, such as state-sponsored and financially motivated groups, providing insight into their behaviors and methodologies. Affected: Government networks, financial institutions, healthcare, energy sector, retail, hospitality, media, technology, and more.…
Read More
Tempted to Classifying APT Actors: Practical Challenges of Attribution in the Case of Lazarus’s Subgroup
The article discusses the evolution of the Lazarus group, indicating that it has now transformed into a collection of subgroups rather than a single entity. It emphasizes the importance of understanding these subgroups, their tactics, and their individual characteristics for effective cyber defense strategies. Affected: Japan, cryptocurrency sector, defense industry, aviation industry

Keypoints :

The term “Lazarus” has evolved from a singular APT group to multiple subgroups.…
Read More
Shedding Light on the ABYSSWORKER Driver – Elastic Security Labs
The article discusses a financially motivated cybercriminal campaign utilizing a malicious driver known as ABYSSWORKER, which disables endpoint detection and response systems to deploy MEDUSA ransomware. This driver exploits revoked certificates and incorporates various evasion techniques against EDR systems while showcasing its capabilities to manipulate processes and files.…
Read More

Summary: The video discusses the importance of securing company data on unmanaged apps and devices, highlighting that traditional access management (AM) and mobile device management (MDM) solutions fall short. One password introduces Extended Access Management as a solution. Additionally, the video previews the Identiverse 2025 event and delves into current enterprise security news, covering various funding rounds, cyber incidents, and the challenges of integrating AI in security operations.…
Read More
Fake Hiring Challenge for Developers Steals Sensitive Data
Summary: Cyble threat intelligence researchers have identified a malicious GitHub repository posing as a coding challenge that lures developers into downloading a data-stealing backdoor. Targeting Polish-speaking developers, the campaign employs unique methods including using a social media profile for command and control (C&C) activities and geofencing to limit execution.…
Read More
The Crazy Hunter ransomware attack exploited Active Directory misconfigurations and utilized Bring-Your-Own-Vulnerable-Driver (BYOVD) techniques to escalate privileges and distribute ransomware through Group Policy Objects. Despite claims of data exfiltration, forensic investigations found no supporting evidence. This attack resulted in significant operational disruptions and highlighted the importance of proactive threat intelligence in cybersecurity.…
Read More
SQL Injection Exploitation Made Easy: A Practical Guide to SQLMAP
SQL Injection remains a significant vulnerability in web applications, allowing attackers to compromise databases. This guide introduces SQLMAP, a robust tool that automates the detection and exploitation of SQL Injection vulnerabilities through practical examples. Key topics include types of SQL Injection, commands for using SQLMAP effectively, and methods for bypassing security measures like Web Application Firewalls.…
Read More
Summary: Cybersecurity researcher Vitaly Simonovich demonstrated that it is alarmingly easy to bypass safety features in ChatGPT and similar LLM chatbots to produce malware. By engaging in role-play scenarios, he managed to get the AI to create malware capable of breaching Google Chrome’s Password Manager. This raises concerns about the growing threat landscape as generative AI tools become more accessible to potential cybercriminals.…
Read More
Part 2: Validating the Breach Oracle Cloud Denied – CloudSEK’s Follow-Up Analysis
On March 21, 2025, a user claimed to have accessed Oracle Cloud’s login servers, selling sensitive data, including authentication credentials. CloudSEK authenticated the data, warning the community of potential supply chain attacks. Oracle denied any breach, but CloudSEK’s investigation confirmed the exposure of real customer data linked to the compromised servers.…
Read More
How to Balance Password Security Against User Experience
Summary: This article discusses the importance of balancing robust password security with a seamless user experience (UX), highlighting how excessive user friction can lead to risky behaviors. It provides effective strategies, such as using passphrases and offering dynamic feedback, to improve usability while maintaining security. Ultimately, the piece emphasizes that achieving this balance is essential for enhancing cybersecurity without compromising user satisfaction.…
Read More
⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More
Summary: Recent cyber threats highlight vulnerabilities in open-source tools, escalating ad fraud through mobile apps, and advanced ransomware tactics targeting critical defenses. Notably, attacks have leveraged AI, and a supply chain breach at Coinbase exemplifies these risks. A rise in stolen credentials further underscores the urgent need for improved cybersecurity measures.…
Read More
Don’t Click! Fake Chat Used in Meta Business Account Phishing
Summary: A sophisticated phishing campaign targeting Meta/Instagram users has emerged, using fake emails and deceptive chatbots to exploit fears of account suspension. Victims are lured into providing sensitive information through a convincing counterfeit support system. This campaign emphasizes the need for users to remain vigilant and skeptical regarding unsolicited communications.…
Read More
The Art of Wi-Fi Hacking & Protection with Aircrack-ng
This article provides a comprehensive guide on hacking and securing Wi-Fi networks using Aircrack-ng, detailing practical attack techniques and encryption vulnerabilities, as well as prevention strategies. The focus is on educating users about Wi-Fi security to help them protect their networks from potential attacks. Affected: Wi-Fi networks, cybersecurity sector

Keypoints :

Wi-Fi security is critical for protecting against cyber threats.…
Read More
South Korean Organizations Targeted by Cobalt Strike Cat Delivered by a Rust Beacon
Hunt researchers exposed a web server hosting tools linked to an intrusion campaign against South Korean organizations. This server, available for less than 24 hours, encompassed a Rust-compiled Windows executable that deployed Cobalt Strike Cat along with several other open-source tools. The attacker appears to have focused on exploiting vulnerabilities in government and commercial entities.…
Read More