Author: Cybernoz

Sophos Firewall Code Injection Flaw: Let Attackers Execute Code
13
Dec
2023

Sophos Firewall Code Injection Flaw: Let Attackers Execute Code

A critical security flaw has been discovered in the Sophos Firewall User Portal and Webadmin, allowing hackers to execute malicious…

13
Dec
2023

Drata unveils Third-Party Risk Management offering to help security teams identify risks

Drata announced its Third-Party Risk Management (TPRM) offering, empowering customers to identify, evaluate, and monitor third-party risks in one centralized…

How ransomware gangs use the tech media against their victims
13
Dec
2023

How ransomware gangs use the tech media against their victims

Cyber criminals traditionally and understandably shied away from publicity, but over the past few years, ransomware gangs have inverted this…

Hackers Abuse OAuth Applications to Automated Finacial Attacks
13
Dec
2023

Hackers Abuse OAuth Applications to Automated Finacial Attacks

OAuth (Open Authorization) is an industry-standard protocol that allows third-party applications to access a user’s data without exposing login credentials. …

cloudsecops
13
Dec
2023

34 Vulnerabilities & Critical 0-Day Fixed

Microsoft has released their patches for December 2023 as part of their Patch Tuesday. In this release, they have patched…

Analyze Malware Network Traffic
13
Dec
2023

How to Analyze Malware’s Network Traffic in A Sandbox

Malware analysis encompasses a broad range of activities, including examining the malware’s network traffic. To be effective at it, it’s…

Microsoft’s Christmas present for cyber teams: no zero-days
13
Dec
2023

Microsoft’s Christmas present for cyber teams: no zero-days

After a year that has seen no end of critical vulnerabilities in Microsoft products and services, Redmond has delivered an…

OAuth for Cryptocurrency Mining
13
Dec
2023

Microsoft Warns of Hackers Exploiting OAuth for Cryptocurrency Mining and Phishing

Dec 13, 2023NewsroomCryptocurrency / Threat Analysis Microsoft has warned that adversaries are using OAuth applications as an automation tool to…

Snatch Ransomware Group Claims The FDVA Cyber Attack
13
Dec
2023

UK Ministry Of Defence Fined For Afghan Evacuation Data Breach

The UK Ministry of Defence (MoD) is now grappling with a £350,000 (approximately $440,000) fine imposed by the Information Commissioner’s…

13
Dec
2023

EOL Sophos firewalls get hotfix for old but still exploited vulnerability (CVE-2022-3236)

Over a year has passed since Sophos delivered patches for a vulnerability affecting Sophos Firewalls (CVE-2022-3236) that was being actively…

Cyber Attack
13
Dec
2023

Major Cyber Attack Paralyzes Kyivstar

Dec 13, 2023NewsroomCyber Attack / Geopolitics Ukraine’s biggest telecom operator Kyivstar has become the victim of a cyber attack, disrupting…

NCSC warns over ‘enduring’ LockBit threat
13
Dec
2023

Critical UK infrastructure a ‘hostage of fortune’ to ransomware

There is a high risk of a genuinely catastrophic ransomware attack occurring against a critical national infrastructure (CNI) target in…