Legacy Solutions Have Become a Cyber Defense Problem
The cyber defense community is at a crossroads that is magnified by cyber criminals’ adoption of AI and ransomware-as-a-service. With year-after-year of the IBM Cost…
Author: Cybernoz
Modular Malware Suite Sold by Threat Actors Through Public Storefront Domains
A threat actor operating under the moniker Cyber Products has established a public-facing storefront at cyberproducts[.]io to distribute their modular malware suite, dubbed Cyber Stealer.…
Hackers Abuse Microsoft 365 Direct Send to Deliver Internal Phishing Emails
A new Proofpoint report reveals how attackers are using Microsoft 365’s Direct Send and unsecured SMTP relays to send internal-looking phishing emails. The latest research…
‘Highly evasive’ Vietnamese-speaking hackers stealing data from thousands of victims in 62+ nations
Vietnamese-speaking hackers are carrying out a “highly evasive, multi-stage operation” to steal information from thousands of victims in more than 62 countries, researchers said in…
Proton fixes Authenticator bug leaking TOTP secrets in logs
Proton fixed a bug in its new Authenticator app for iOS that logged users’ sensitive TOTP secrets in plaintext, potentially exposing multi-factor authentication codes if the…
Claude Vulnerabilities Let Attackers Execute Unauthorized Commands With its Own Help
Two high-severity vulnerabilities in Anthropic’s Claude Code could allow attackers to escape restrictions and execute unauthorized commands. Most remarkably, Claude itself unwittingly assisted in developing…
Mind the Middle – Cyber Defense Magazine
In an era where digital threats can cripple a business overnight, where threat actors can use AI to customize and automate attacks at scale, and…
Surge in Threat Actor Exploitation Attempts Serves as Early Warning of Emerging Cyber Vulnerabilities
Researchers have discovered a continuous relationship between increases in threat actor activity and the eventual disclosure of new Common Vulnerabilities and Exposures (CVEs) in corporate…
Ransomware Attack on Phone Repair and Insurance Company Cause Millions in Damage
The sudden emergence of the Royal ransomware in early 2023 marked a significant escalation in cyber threats targeting service providers across Europe. Exploiting unpatched VPN…
Multifaceted Cyber-Attacks Require a Unified Defense Approach
Gone are the days of attacks hitting a single product or vulnerability. Today, we’re seeing the increasing use of multi-vector attacks and multi-stage approaches. For…
Details emerge on BlackSuit ransomware takedown
BlackSuit’s technical infrastructure was seized in a globally coordinated takedown operation last month that authorities touted as a significant blow in the fight against cybercrime.…
Threat Actors Using AI to Scale Operations, Accelerate Attacks and Attack Autonomous AI Agents
The cybersecurity landscape has witnessed an unprecedented evolution as threat actors increasingly weaponize artificial intelligence to amplify their attack capabilities and target the very AI…