2024 CVE Review – “Critical, High, Medium” Position Shifting in Cybersecurity
As the calendar turns to 2025, cybersecurity professionals are taking stock of key trends in Common Vulnerabilities and Exposures (CVEs) from the previous year, revealing…
Author: Cybernoz
W3 Total Cache Plugin Vulnerability Let Attackers Gain Unauthorized Access to Sensitive Data
A significant security vulnerability has been identified in the W3 Total Cache plugin for WordPress, affecting all versions up to and including 2.8.1. This critical…
Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws
Jan 16, 2025Ravie LakshmananEndpoint Security / Ransomware Cybersecurity researchers have detailed an attack that involved a threat actor utilizing a Python-based backdoor to maintain persistent…
0-Click RCE Vulnerability in Samsung Smartphones Let Attackers Trigger OOB Write – Technical Analysis
Google Security researchers have disclosed a critical vulnerability, tagged as CVE-2024-49415, affecting Samsung smartphones last year and reported to Samsung with a 90-day deadline to…
New CISA-Microsoft Playbook Enhances Cyber Threat Detection
The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Office of Management and Budget (OMB), the Office of the National Cyber Director (ONCD),…
Microsoft Patches Outlook Zero-Click RCE Exploited Via Email
Microsoft issued a critical security patch addressing a newly discovered vulnerability in Outlook, designated as CVE-2025-21298. This flaw, characterized as a zero-click remote code execution…
CISA Released Guide to Microsoft Expanded Cloud Playbook
The Cybersecurity and Infrastructure Security Agency (CISA) has released the “Microsoft Expanded Cloud Logs Implementation Playbook.” This guide is geared towards enabling organizations to effectively…
North Korea targeting software developers with Malware
Lazarus Group, a notorious hacking collective believed to be funded by North Korea’s government, is now shifting its focus to target software developers and freelancers…
US blacklists Chinese companies over TSMC chips in Huawei processor – Hardware – Networking
The Biden administration added more than two dozen Chinese entities to a US-restricted trade list, including Zhipu AI, a developer of large language models, and…
How CISOs can elevate cybersecurity in boardroom discussions
Ross Young is the CISO in residence at Team8 and the creator of the OWASP Threat and Safeguard Matrix (TaSM). In this interview, he shares…
Apple Opens Applications for Information Security Internship
If you’re a tech-savvy student eager to start career in cyber security, Apple has just announced an exciting opportunity for students passionate about Information Security.…
Hackers Released 15,000+ Unique Fortigate Firewall Configs
A hacking collective known as the “Belsen Group” has released over 15,000 unique FortiGate firewall configurations online. The data dump, reportedly obtained by exploiting a…