Clouded judgement: Resilience, risk and the rise of repatriation
When Amazon Web Services (AWS) launched its cloud services in 2006, it offered a utopian computing vision of agility, cost-efficiency and freedom from clunky legacy…
Author: Cybernoz
Stealthy backdoor found hiding in SOHO devices running Linux
SecurityScorecard’s STRIKE team has uncovered a network of compromised small office and home office (SOHO) devices they’re calling LapDogs. The threat is part of a…
Windows Snipping Tool Now Lets Users Export Captures as GIFs
Microsoft has rolled out a significant update to its popular Snipping Tool, introducing the ability to export screen recordings as animated GIFs—a feature long requested…
Medical device cyberattacks push hospitals into crisis mode
22% of healthcare organizations have experienced cyberattacks that directly impacted medical devices, according to RunSafe Security. Three-quarters of these incidents disrupted patient care, including 24%…
Amazon EKS Vulnerabilities Exposes Sensitive AWS Credentials and Escalate Privileges
Summary 1. Overprivileged containers can steal AWS credentials by targeting the 169.254.170.23:80 endpoint through packet sniffing and API spoofing attacks. 2. Attackers use tcpdump to…
Critical Meshtastic Flaw Allows Attackers to Decrypt Private Messages
A severe cryptographic vulnerability in the popular open-source Meshtastic project allows attackers to decrypt private messages and hijack nodes across LoRa mesh networks. This flaw…
Review: Redefining Hacking – Help Net Security
Redefining Hacking takes a look at how red teaming and bug bounty hunting are changing, especially now that AI is becoming a bigger part of…
NCSC Warns of ‘UMBRELLA STAND’ Malware Attacking Fortinet FortiGate Firewalls
The UK’s National Cyber Security Centre (NCSC) has issued a critical warning about a sophisticated malware campaign dubbed “UMBRELLA STAND” that specifically targets internet-facing Fortinet…
Amazon EKS Flaws Expose AWS Credentials and Enable Privilege Escalation
Recent research has uncovered critical security flaws in Amazon Elastic Kubernetes Service (EKS) that could expose sensitive AWS credentials and enable privilege escalation within cloud…
How CISOs can justify security investments in financial terms
In this Help Net Security interview, John Verry, Managing Director at CBIZ, discusses how insurers and financial risk professionals evaluate cybersecurity maturity through different lenses.…
CoinMarketCap Doodle Image Vulnerability Lets Attackers Run Malicious Code via API Call
CoinMarketCap, the globally recognized cryptocurrency data aggregator, experienced a significant security incident when a vulnerability in its homepage doodle image was exploited to inject malicious…
Quantum risk is already changing cybersecurity
A new report from the Cyber Threat Alliance warns that the era of quantum risk is already underway, and security teams need to stop treating…