April 30, 2023 Mac malware-for-hire steals passwords and cryptocoins, sends “crime logs” via Telegram These malware peddlers are specifically going after Mac users. The hint's in the name: "Atomic macOS Stealer", or AMOS for short. Naked Security
April 28, 2023 Google wins court order to force ISPs to filter botnet traffic CryptBot criminals are alleged to have plundered browser passwords, illicitly-snapped screenshots, cryptocurrency account data, and more. Naked Security
April 27, 2023 S3 Ep132: Proof-of-concept lets anyone hack at will When Doug says, "Happy Remote Code Execution Day, Duck"... it's irony. For the avoidance of all doubt :-) Naked Security
April 27, 2023 Update 2: Increased exploitation of PaperCut drawing blood around the Internet A recent remote code execution (RCE) vulnerability is increasingly in use to deliver Cobalt Strike and other remote management software, along with multiple ransomware threats – what you need to know about CVE-2023-27350 (and now CVE-2023-39143 Security Operations
April 26, 2023 Google leaking 2FA secrets – researchers advise against new “account sync” feature for now You waited 13 years for this feature in Google Authenticator. Now researchers are advising you to wait a while longer, just in case... Naked Security
April 25, 2023 PaperCut security vulnerabilities under active attack – vendor urges customers to patch If you have the product, but you haven't patched - well, the crooks have now landed, so please don't delay. Do it today... Naked Security
April 25, 2023 Everything Everywhere All At Once: The 2023 Active Adversary Report for Business Leaders A deep dive into over 150 incident-response cases reveals both attackers and defenders picking up the pace Threat Research
April 24, 2023 Double zero-day in Chrome and Edge – check your versions now! Wouldn't it be handy if there were a single version number to check for in every Chromium-based browser, on every supported platform? Naked Security
April 21, 2023 VMware patches break-and-enter hole in logging tools: update now! You know jolly well/What we're going to say/And that's "Do not delay/Simply do it today." Naked Security