Cybernoz - Cybernoz

Patchwork Targets Turkish Defense Firms with Spear-Phishing Using Malicious LNK Files

Jul 25, 2025Ravie LakshmananMalware / Threat Intelligence The threat actor known as Patchwork has been attributed to a new spear-phishing campaign targeting Turkish defense contractors…

July 25, 2025 Cybernoz 3 min read

CyberSecurityDive

Treasury sanctions North Koreans involved in IT-worker schemes

Listen to the article 2 min This audio is auto-generated. Please let us know if you have feedback. The U.S. Department of the Treasury on…

July 25, 2025 Cybernoz 2 min read

CyberSecurityNews

How AI Is Redefining Threat Detection In The Cloud Era

Every second, AWS processes 1.2 billion API calls. Each one triggers a security check. That’s not just impressive it’s the backbone of what might be…

July 25, 2025 Cybernoz 4 min read

GBHackers

Beware of Fake Error Pages Deploying Platform-Specific Malware on Linux and Windows Systems

Wiz Research has uncovered an active cryptomining campaign, dubbed Soco404, that exploits misconfigurations in PostgreSQL databases and other cloud services to deploy platform-specific malware on…

July 25, 2025 Cybernoz 3 min read

TheHackerNews

U.S. Sanctions Firm Behind N. Korean IT Scheme; Arizona Woman Jailed for Running Laptop Farm

Jul 25, 2025Ravie LakshmananCybercrime / Insider Threat The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned a North Korean front company…

July 25, 2025 Cybernoz 3 min read

Cyberscoop

US offers $15 million reward for info on North Korean nationals involved in global criminal network

The State Department announced Thursday it will pay up to $15 million for information leading to the arrest of seven North Korean nationals accused of…

July 25, 2025 Cybernoz 2 min read

CyberSecurityNews

Critical VMware Tools VGAuth Vulnerabilities Enable Full System Access for Attackers

Two critical vulnerabilities in the VMware Guest Authentication Service (VGAuth) component of VMware Tools allow local attackers to escalate privileges from any user account to…

July 25, 2025 Cybernoz 2 min read

GBHackers

Hackers Use Weaponized .HTA Files to Infect Victims with Red Ransomware

CloudSEK’s TRIAD team uncovered an active development site deploying Clickfix-themed malware linked to the Epsilon Red ransomware. This variant deviates from traditional clipboard-based command injection…

July 25, 2025 Cybernoz 3 min read

Mix

Remote Code Execution in Microsoft SharePoint (CVE-2025-53770) — API Security

On July 19, 2025, a critical remote code execution (RCE) vulnerability (CVE-2025-53770, also referred to as ToolShell) was publicly disclosed, impacting on-premises Microsoft SharePoint Server…

July 25, 2025 Cybernoz 3 min read

CyberSecurityNews

Microsoft Copilot Rooted to Gain Unauthorized Root Access to its Backend System

A critical security vulnerability has been discovered in Microsoft Copilot Enterprise, allowing unauthorized users to gain root access to its backend container. This vulnerability poses…

July 25, 2025 Cybernoz 3 min read

GBHackers

Fake Indian Banking Apps on Android Steal Login Credentials from Users

A malicious Android application has been uncovered, impersonating legitimate Indian banking apps to orchestrate credential theft, surveillance, and unauthorized financial transactions. This malware employs a…

July 25, 2025 Cybernoz 3 min read

TheHackerNews

Cyber Espionage Campaign Hits Russian Aerospace Sector Using EAGLET Backdoor

Jul 25, 2025Ravie LakshmananCyber Espionage / Malware Russian aerospace and defense industries have become the target of a cyber espionage campaign that delivers a backdoor…

July 25, 2025 Cybernoz 2 min read