Critical ruby-saml Vulnerabilities Allow Attackers to Bypass Authentication
A critical security vulnerability has been identified in the ruby-saml library, a popular tool used for Single Sign-On (SSO) via...
Read more →Author: Cybernoz
Lazarus Hackers Exploiting IIS Servers to Deploy ASP-based Web Shells
Researchers have identified a series of sophisticated attacks by the notorious Lazarus group targeting South Korean web servers. The threat...
Read more →
A New Era of Attacks on Encryption Is Starting to Heat Up
Over the past decade, encrypted communication has become the norm for billions of people. Every day, Signal, iMessage, and WhatsApp...
Read more →
Lazarus Group Weaponizes IIS Servers for Deploying Malicious ASP Web Shells
The notorious Lazarus group has been identified as leveraging compromised IIS servers to deploy malicious ASP web shells. These sophisticated...
Read more →
United States Charges Developer of LockBit Ransomware Group
Rostislav Panev, a 51-year-old dual Russian and Israeli national, has been extradited to the United States on charges related to...
Read more →
Ongoing Cyber Attack Mimic Booking.com to Spread Password-Stealing Malware
Microsoft Threat Intelligence has identified an ongoing phishing campaign that began in December 2024, targeting organizations in the hospitality industry...
Read more →
Microsoft365 Themed Attack Leveraging OAuth Redirection for Account Takeover
Two sophisticated phishing campaigns were observed targeting Microsoft 365 users by exploiting OAuth redirection vulnerabilities combined with brand impersonation techniques. ...
Read more →
Decrypting Akira Ransomware on Linux/ESXi Without Paying Hackers
A team successfully decrypted an instance of the Akira ransomware on Linux/ESXi systems without succumbing to the hackers’ demands. This...
Read more →
Decrypting Linux/ESXi Akira Ransomware Files Without Paying Ransomware
A cybersecurity researcher has successfully broken the encryption used by the Linux/ESXI variant of the Akira ransomware, enabling data recovery...
Read more →
U.S. Charges LockBit Ransomware Developer in Cybercrime Crackdown
The U.S. Department of Justice has charged Rostislav Panev, a dual Russian and Israeli national, for his role as a...
Read more →
CISA Releases Security Advisory on 13 Industrial Control System Threats
CISA issued thirteen Industrial Control Systems (ICS) advisories, highlighting current security issues and vulnerabilities in various systems. These advisories are...
Read more →
New MassJacker Malware Targets Piracy Users, Hijacking Cryptocurrency Transactions
Mar 14, 2025Ravie LakshmananSoftware Security / Cybercrime Users searching for pirated software are the target of a new malware campaign...
Read more →