Multifactor authentication (MFA) stands as a stalwart defence in today’s cybersecurity landscape. Yet, despite its efficacy, MFA is not impervious to exploitation. Recognizing the avenues through which hackers bypass these defences is crucial for fortifying cybersecurity measures.

Legitimate applications can unwittingly become conduits for malware execution. This is also the case for recent malware loaders which abuse GoTo Meeting, an online meeting software, to deploy Remcos RAT. Their lures include porn downloads, software setup files as well as tax forms with file names in Russian and English language.

Infostealers are one of the most lucrative types of malware employed by criminals. And because this is a tried and tested approach, there are still new players entering this illegal game. The new kid on the block is called "Sharp Stealer", and one of its favourite targets are gamers.

Many people make banking transactions online now. And since mobile devices are one of the most popular and convenient ways to shop and make payments, criminals are naturally drawn to this. A current example of a malware that specifically targets online banking shows how easy it is to fall for malware.

RisePro resurfaces with new string encryption and a bloated MSI installer that crashes reversing tools like IDA. The "gitgub" campaign already sent more than 700 archives of stolen data to Telegram.

At the end of January, a database with an allegedly unprecedented amount of personal information of billions of people appeared online. What does that mean for every one of us? What are the ramifications? Or is it all “more bark than bite”?