After leveraging a zero-day within a third-party app to compromise a BeyondTrust AWS account asset, attackers proceeded to exploit the asset to secure an infrastructure API key that was then utilized to control another AWS account for managing Remote Support infrastructure, according to BeyondTrust’s investigation.
Nearly 1,000 fake Reddit and WeTransfer pages are being used to spread Lumma Stealer malware, a Sekoia.io researcher reported this…
Phishing campaigns leveraging Cloudflare domains more than doubled between 2023 and 2024, Fortra revealed in a report published Monday. Cloudflare’s…
Ransomware criminals in 2024 stooped to new lows and high-level black hat trade craft. Targets included critical industries such as…
