Brickstone malware used to steal U.S. orgs’ data for over a year
Suspected Chinese hackers have used the Brickstorm malware in long-term persistence espionage operations against U.S. organizations in the technology and...
Read more →Author: Cybernoz
New North Korean IT Worker With Innocent Job Application Get Access to Organization’s Network
In recent months, a sophisticated threat actor leveraging North Korean IT worker employment fraud has surfaced, demonstrating how social engineering...
Read more →
Attackers Bypass EDR by Using In-Memory PE Loaders Delivered via Malicious Downloads
Security researchers have discovered a wave of attacks that use in-memory PE loaders to slip past endpoint detection and response (EDR) systems....
Read more →
ShadowV2 Botnet Uses Misconfigured AWS Docker for DDoS-For-Hire Service
Cybersecurity researchers at Darktrace have identified a new botnet called ShadowV2 is structured as a DDoS-for-hire service, offering attackers an...
Read more →
SolarWinds fixes critical Web Help Desk RCE vulnerability (CVE-2025-26399)
SolarWinds has fixed yet another unauthenticated remote code execution vulnerability (CVE-2025-26399) in Web Help Desk (WHD), its popular web-based IT...
Read more →
The Blind Spot Fueling Payment Skimmer Attacks
Think payment iframes are secure by design? Think again. Sophisticated attackers have quietly evolved malicious overlay techniques to exploit checkout...
Read more →
Jaguar Land Rover Cyberattack Halts Production Until Oct 1
Jaguar Land Rover (JLR) has announced an extension of its production shutdown until October 1, 2025, following a major cyberattack...
Read more →
PyPI urges users to reset credentials after new phishing attacks
The Python Software Foundation has warned victims of a new wave of phishing attacks using a fake Python Package Index...
Read more →
Hackers Can Compromise Chromium Browsers in Windows by Loading Arbitrary Extensions
Chromium-based browsers, including Chrome, Edge, and Brave, manage installed extensions via JSON preference files stored under %AppData%GoogleUser DataDefaultPreferences (for domain-joined machines)...
Read more →
Geopolitical Cyber Threats in 2024: Navigating Emerging Risks with OSINT (Open-Source Intelligence)
Geopolitical tensions worldwide can have a foreseeable impact on an organisation’s physical operations, but they can also heighten the risk...
Read more →
Attackers Use Domain Fronting to Tunnel Malicious Traffic via Google Meet, YouTube and Chrome Update Servers
Attackers have discovered a way to exploit Google’s core services, Google Meet, YouTube, Chrome update servers and more using a...
Read more →
Hacks And Identity Theft Hit Harder Than Ever. Consumers Are Prime Targets.
24 Sep Hacks And Identity Theft Hit Harder Than Ever. Consumers Are Prime Targets. Posted at 08:52h in Blogs by...
Read more →