CyberSecure Specialist

26 Nov

Meet Rey, the Admin of ‘Scattered Lapsus$ Hunters’

Information, Insights

A prolific cybercriminal group that calls itself “Scattered LAPSUS$ Hunters” has dominated headlines this year by regularly stealing data from and publicly mass extorting dozens of major corporations. But the tables seem to have turned somewhat for “Rey,” the moniker chosen by the technical operator and public face of the hacker group: Earlier this week, Rey confirmed his real life identity and agreed to an interview after KrebsOnSecurity tracked him down and contacted his father.…

Read More
26 Nov

MDR is the answer – now, what’s the question?

Information

Business Security Why your business needs the best-of-breed combination of technology and human expertise Steven Connolly 24 Nov 2025  •  , 4 min. read When I was in my mid-teens, I decided to get a job in a small local garage to learn how to maintain cars in preparation for owning my own. Years later, I was fortunate enough to have a company car. One day, it indicated that the oil was low and needed…

Read More
24 Nov

Is Your Android TV Streaming Box Part of a Botnet?

Information, Insights

On the surface, the Superbox media streaming devices for sale at retailers like BestBuy and Walmart may seem like a steal: They offer unlimited access to more than 2,200 pay-per-view and streaming services like Netflix, ESPN and Hulu, all for a one-time fee of around $400. But security experts warn these TV boxes require intrusive software that forces the user’s network to relay Internet traffic for others, traffic that is often tied to cybercrime activity…

Read More
24 Nov

​​Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications​

Attacks, Insights, Malware

CISA is aware of multiple cyber threat actors actively leveraging commercial spyware to target users of mobile messaging applications (apps).1 These cyber actors use sophisticated targeting and social engineering techniques to deliver spyware and gain unauthorized access to a victim’s messaging app, facilitating the deployment of additional malicious payloads that can further compromise the victim’s mobile device.   These cyber actors use tactics such as: Phishing and malicious device-linking QR codes to compromise victim accounts…

Read More
21 Nov

The OSINT playbook: Find your weak spots before attackers do

Information

Here’s how open-source intelligence helps trace your digital footprint and uncover your weak points, plus a few essential tools to connect the dots Mario Micucci 20 Nov 2025  •  , 5 min. read Whatever the reason, we spend vast amounts of time online, tapping into the untold expanse of information, communication and resources. Sometimes, the challenge isn’t finding some data, but knowing what’s relevant, real and worth trusting. Anyone working with information needs to be…

Read More
21 Nov

PlushDaemon compromises network devices for adversary-in-the-middle attacks

Information

ESET researchers provide insights into how PlushDaemon performs adversary-in-the-middle attacks using a previously undocumented network implant that we have named EdgeStepper, which redirects all DNS queries to an external, malicious hijacking node, effectively rerouting the traffic from legitimate infrastructure used for software updates to attacker-controlled infrastructure. Key points in this blogpost: We analyzed the network implant EdgeStepper to understand how PlushDaemon attackers compromise their targets. We provide an analysis of LittleDaemon and DaemonicLogistics, two downloaders…

Read More
20 Nov

Mozilla Says It’s Finally Done With Two-Faced Onerep

Information, Insights

In March 2024, Mozilla said it was winding down its collaboration with Onerep — an identity protection service offered with the Firefox web browser that promises to remove users from hundreds of people-search sites — after KrebsOnSecurity revealed Onerep’s founder had created dozens of people-search services and was continuing to operate at least one of them. Sixteen months later, however, Mozilla is still promoting Onerep. This week, Mozilla announced its partnership with Onerep will officially…

Read More
19 Nov

The Cloudflare Outage May Be a Security Roadmap

Information, Insights

An intermittent outage at Cloudflare on Tuesday briefly knocked many of the Internet’s top destinations offline. Some affected Cloudflare customers were able to pivot away from the platform temporarily so that visitors could still access their websites. But security experts say doing so may have also triggered an impromptu network penetration test for organizations that have come to rely on Cloudflare to block many types of abusive and malicious traffic. At around 6:30 EST/11:30 UTC…

Read More
19 Nov

CISA Releases Guide to Mitigate Risks from Bulletproof Hosting Providers

Attacks, Insights, Malware

Today, Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the U.S. National Security Agency, U.S. Department of Defense Cyber Crime Center, U.S. Federal Bureau of Investigation, and international partners, released the guide Bulletproof Defense: Mitigating Risks from Bulletproof Hosting Providers to help Internet Service Providers (ISPs) and network defenders mitigate cybercriminal activity enabled by Bulletproof Hosting (BPH) providers. A BPH provider is an internet infrastructure provider that knowingly leases infrastructure to cybercriminals. These providers…

Read More
19 Nov

What if your romantic AI chatbot can’t keep a secret?

Information

Does your chatbot know too much? Here’s why you should think twice before you tell your AI companion everything. Phil Muncaster 17 Nov 2025  •  , 4 min. read In the movie “Her” the film’s hero strikes up an ultimately doomed romantic relationship with a sophisticated AI system. At the time of its release in 2013, such a scenario was firmly in the realms of science fiction. But with the emergence of generative AI (GenAI)…

Read More