July 8, 2024 at 08:01AM Cybercriminals have evolved from traditional Living Off The Land (LOTL) attacks to Living Off the Cloud (LOTC) tactics, exploiting trusted cloud services’ APIs to remotely control botnets and conceal malicious activity. To mitigate these risks, organizations should adopt a zero-trust approach, control access to cloud services, implement granular activity control, … Read more
January 6, 2024 at 11:46AM Malware is exploiting an undocumented Google Chrome API to generate new authentication cookies from stolen ones. Multiple malware operations are using this technique to gain access to users’ Google accounts through the API, and Google has downplayed the severity of the issue. The company urges affected users to take precautionary … Read more
October 16, 2023 at 04:37AM Discord’s content delivery network (CDN) is being exploited by threat actors to distribute the Lumma Stealer malware, which steals user credentials. The malware is spread through direct messages, offering victims Discord Nitro boost in exchange for assistance and prompting them to download a file. Lumma Stealer can steal cryptocurrency wallets … Read more