Week in review: MITRE ATT&CK v17.0 released, PoC for Erlang/OTP SSH bug is public
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Released: MITRE ATT&CK v17.0, now with ESXi attack TTPsMITRE has…
Author: Cybernoz
A Comprehensive Review of BlackFog’s ADX Platform for Ransomware Defense
The evolving ransomware landscape and the growing threat of data exfiltration. Ransomware is more than just a cyberthreat—in recent years it has evolved into a…
Storm-1977 Hits Education Clouds with AzureChecker, Deploys 200+ Crypto Mining Containers
Apr 27, 2025Ravie LakshmananKubernetes / Cloud Security Microsoft has revealed that a threat actor it tracks as Storm-1977 has conducted password spraying attacks against cloud…
Enhancing Blue Team Defense: The Power of AI
AI is transforming cybersecurity on both sides of the battle. As threat actors use AI to enhance and amplify their attacks, the Blue Teams responsible…
Why Managed File Transfer (MFT) Is Essential for Autonomous IT Operations
Technology teams are under more pressure than ever to deliver measurable business success. In practice, this means supporting hybrid computing and fostering robust security controls…
African multinational telco giant MTN disclosed a data breach
African multinational telco giant MTN Group disclosed a data breach Pierluigi Paganini April 26, 2025 African multinational telecommunications company MTN Group disclosed a data breach…
Inception Jailbreak Attack Bypasses ChatGPT, DeepSeek, Gemini, Grok, & Copilot
A pair of newly discovered jailbreak techniques has exposed a systemic vulnerability in the safety guardrails of today’s most popular generative AI services, including OpenAI’s…
Threat Actors Registered 26k+ Domains Mimic Brands to Trick Users
In a significant escalation of digital deception tactics, threat actors have registered over 26,000 domains in March 2025 alone, designed to impersonate legitimate brands and…
How deepfake “doctors” peddle bogus cures on TikTok
Look out for AI-generated ‘TikDocs’ who exploit the public’s trust in the medical profession to drive sales of sketchy supplements 25 Apr 2025 • ,…
Critical ScreenConnect Vulnerability Let Attackers Inject Malicious Code
ConnectWise has released an urgent security patch for its ScreenConnect remote access software to address a serious vulnerability that could allow attackers to execute malicious…
New AI-Generated ‘TikDocs’ Exploits Trust in the Medical Profession to Drive Sales
AI-generated medical scams across TikTok and Instagram, where deepfake avatars pose as healthcare professionals to promote unverified supplements and treatments. These synthetic “doctors” exploit public…
Critical Craft CMS RCE 0-Day Vulnerability Exploited in Attacks to Steal Data
According to security researchers at CERT Orange Cyberdefense, a critical remote code execution (RCE) vulnerability in Craft CMS is actively being exploited to breach servers…