It Looks Like a School Bathroom Smoke Detector. A Teen Hacker Showed It Could Be an Audio Bug
To hack the Halo 3C, they found that if they could connect to one over the network it was installed on, they could brute-force guess…
Author: Cybernoz
VexTrio TDS Deploys Malicious VPN Apps on Google Play and App Store
VexTrio, a sophisticated threat actor known for operating a massive traffic distribution system (TDS), has expanded its malicious activities by deploying fake VPN applications on…
RubyGems Malware Attack Weaponizes 60+ Packages to Steal Credentials from Social Media and Marketing Tools
Threat actors began slipping malicious code into legitimate RubyGems packages, disguising infostealers as social media automation tools in early 2023. Over the past two years,…
Saas Security Best Practices – Cyber Defense Magazine
Software as a Service (SaaS) is the prevalent software distribution model in the tech industry. Whether you are a young startup founder or a mature…
PyPI Released Advisory to Prevent ZIP Parser Confusion Attacks on Python Package Installers
In recent months, security researchers have uncovered a novel attack vector targeting Python package installers through ambiguities in the ZIP archive format. By exploiting discrepancies…
Future-Proofing SMBs With Managed Security Services
08 Aug Future-Proofing SMBs With Managed Security Services Posted at 08:04h in Blogs by Taylor Fox This week in cybersecurity from the editors at Cybercrime…
RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes
A fresh set of 60 malicious packages has been uncovered targeting the RubyGems ecosystem by posing as seemingly innocuous automation tools for social media, blogging,…
US Confirms Shutdown of BlackSuit Ransomware That Hacked Over 450 Organizations
U.S. authorities have announced the successful dismantling of the BlackSuit ransomware operation, a notorious group linked to attacks on more than 450 organizations worldwide. The…
Record-Breaking GreedyBear Attack Uses 650 Hacking Tools to Steal $1M from Victims
The threat actor group dubbed GreedyBear has orchestrated an industrial-scale operation blending malicious browser extensions, executable malware, and phishing infrastructure to siphon over $1 million…
150 Fake Crypto Wallet Extensions Found on Firefox Marketplace
A sophisticated and large-scale cybercrime campaign, named GreedyBear, has been exposed for stealing at least a million dollars from cryptocurrency users. The research, carried out…
What Attackers Are Doing With Them
When an organization’s credentials are leaked, the immediate consequences are rarely visible—but the long-term impact is far-reaching. Far from the cloak-and-dagger tactics seen in fiction,…
Microsoft 365 apps to soon block file access via FPRPC by default
Microsoft has announced that the Microsoft 365 apps for Windows will start blocking access to files via the insecure FPRPC legacy authentication protocol by default…