A landscape forever altered? The LockBit takedown one year on
Wednesday 19 February 2025 marked the first anniversary of Operation Cronos, a multinational cyber law enforcement action led by the UK’s National Crime Agency (NCA)…
Author: Cybernoz
CL0P Ransomware Launches Large-Scale Attacks on Telecom and Healthcare Sectors
The notorious CL0P ransomware group has intensified its operations in early 2025, targeting critical sectors such as telecommunications and healthcare. Known for its sophisticated tactics,…
AI-Powered Deception is a Menace to Our Societies
Wherever there’s been conflict in the world, propaganda has never been far away. Travel back in time to 515 BC and read the Behistun Inscription,…
Salt Typhoon Hackers Exploit Cisco vulnerability to Gain Device Access on US.Telecom Networks
A highly advanced threat actor, dubbed “Salt Typhoon,” has been implicated in a series of cyberattacks targeting major U.S. telecommunications networks, according to a report…
U.S. CISA adds Craft CMS and Palo Alto Networks PAN-OS flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Craft CMS and Palo Alto Networks PAN-OS flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini February 21, 2025 U.S. Cybersecurity and Infrastructure…
New Darcula 3.0 Tool Generates Phishing Kits to Mimic Global Brands
The cybercriminal group behind the notorious “darcula-suite” platform has unveiled its latest iteration, darcula 3.0, which introduces groundbreaking capabilities for creating phishing kits targeting any…
Adversary-in-the-Middle Hackers Exploit Vulnerabilities to Deploy Advanced Malware
Cybercriminals are increasingly leveraging sophisticated Adversary-in-the-Middle (AiTM) phishing techniques, enabled by the rise of Phishing-as-a-Service (PhaaS) ecosystems. These operations target financial institutions globally, bypassing multi-factor…
CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks
Feb 21, 2025Ravie LakshmananWeb Security / Vulnerability A high-severity security flaw impacting the Craft content management system (CMS) has been added by the U.S. Cybersecurity…
Null-AMSI Bypasses Security For Remote Access
Cyble Research and Intelligence Labs (CRIL) has uncovered a stealthy campaign that uses malicious LNK files disguised as seemingly innocent wallpapers to deliver AsyncRAT—an infamous…
Atlassian fixed critical flaws in Confluence and Crowd
Atlassian fixed critical flaws in Confluence and Crowd Pierluigi Paganini February 21, 2025 Australian software firm Atlassian patched 12 critical and high-severity flaws in Bamboo,…
Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks
Feb 21, 2025Ravie LakshmananNetwork Security / Vulnerability Cisco has confirmed that a Chinese threat actor known as Salt Typhoon gained access by likely abusing a…
Fujitsu’s £600m-plus prize with His Majesty’s ‘cash cow’ in 2025
Fujitsu could land over half a billion pounds in contracts from HMRC alone this year as the UK public sector continues to reward the supplier,…