Finding Minhook in a sideloading attack – and Sweden too
Multifaceted changes in TTPs illustrate what researchers see when they start digging
Similar Posts
Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
Bys sTim Starks reports: A hacker working on behalf of the Sinaloa drug cartel infiltrated cameras and phones to track an FBI official in Mexico investigating the drug lord El Chapo, then used data from that surveillance to kill and intimidate potential sources and witnesses the agent was meeting with, a Justice Department watchdog report revealed….
NYDFS Secures $2 Million Cybersecurity Settlement with Healthplex, Inc.
Bys sThere is an update to a phishing incident in 2021 that impacted more than 89,000 people with Healthplex dental insurance. DataBreaches notes that the NYDFS settlement announced below is not the first settlement stemming from this incident. In December 2023, the NY Attorney General’s Office announced a $400,000 settlement with Healthplex. Both the 2023 and……
The Death of the Security Checkbox: BAS Is the Power Behind Real Defense
Bys sSecurity doesn’t fail at the point of breach. It fails at the point of impact. That line set the tone for this year’s Picus Breach and Simulation (BAS) Summit, where researchers, practitioners, and CISOs all echoed the same theme: cyber defense is no longer about prediction. It’s about proof. When a new exploit drops, scanners…
Apache ActiveMQ Flaw Exploited to Deploy DripDropper Malware on Cloud Linux Systems
Bys sThreat actors are exploiting a nearly two-year-old security flaw in Apache ActiveMQ to gain persistent access to cloud Linux systems and deploy malware called DripDropper. But in an unusual twist, the unknown attackers have been observed patching the exploited vulnerability after securing initial access to prevent further exploitation by other adversaries and evade detection, Red…
No need to hack when it’s leaking: Brandt Kettwick Defense edition
Bys sA recent survey of 500 U.S. law firms by Proton reported that one in five law firms were targeted in a cyberattack in the past year, and 8% of law firms (39% of those who reported a cyberattack) reported losing data or suffering exposure. To make matters even worse, Proton found that 65% weren’t familiar with…
Researchers Uncover GPT-4-Powered MalTerminal Malware Creating Ransomware, Reverse Shell
Bys sCybersecurity researchers have discovered what they say is the earliest example known to date of a malware with that bakes in Large Language Model (LLM) capabilities. The malware has been codenamed MalTerminal by SentinelOne SentinelLABS research team. The findings were presented at the LABScon 2025 security conference. In a report examining the malicious use of…