Secure Cyber Labs | Cybersecurity Resources by DrewNet Cybersecurity

The Akira ransomware group has been experimenting with new tools, bugs, and attack surfaces, with demonstrated success in significant sectors. ​ ​ ​Read More

A public dataset and platform-agnostic analysis tool aim to help organizations in the fight against Apple-targeted malware, which researchers say has lacked proper attention. ​ ​ ​Read More

A kitchen-sink approach to building containers has loaded many with vulnerabilities. A handful of companies are trying to slim them down to address the issue. ​ ​ ​Read More

A self-replicating attack led to a tidal wave of malicious packages in the NPM registry, targeting tokens for the tea.xyz protocol. ​ ​ ​Read More

The North Korean threat actors behind the Contagious Interview campaign have once again tweaked their tactics by using JSON storage services to stage malicious payloads. “The threat actors have recently resorted to utilizing JSON storage services like JSON Keeper, JSONsilo, and npoint.io to host and deliver malware from trojanized code projects, with the lure,” NVISO…

Amazon Web Services VP Sara Duffer highlights the top lessons she brought back to her security role after taking part in Amazon’s shadow program. ​ ​ ​Read More

A Russian-speaking threat behind an ongoing, mass phishing campaign has registered more than 4,300 domain names since the start of the year. The activity, per Netcraft security researcher Andrew Brandt, is designed to target customers of the hospitality industry, specifically hotel guests who may have travel reservations with spam emails. The campaign is said to…

In 2025, employees are still using weak passwords. Instead of forcing an impossible change, security leaders are working around the problem. ​ ​ ​Read More

Post Content ​ ​ ​Read More

South America’s largest country is notorious for banking malware attacks; Maverick self-terminates if its targeted user is based outside Brazil. ​ ​ ​Read More