Neglected Domains Used in Malspam to Evade SPF and DMARC Security Protections
Cybersecurity researchers have found that bad actors are continuing to have success by spoofing sender email addresses as part of various malspam campaigns. Faking the…
Author: Cybernoz
Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens
Hackers are trying to exploit CVE-2024-52875, a critical CRLF injection vulnerability that leads to 1-click remote code execution (RCE) attacks in GFI KerioControl firewall product. KerioControl…
Medical billing firm Medusind discloses breach affecting 360,000 people
Medusind, a leading billing provider for healthcare organizations, is notifying hundreds of thousands of individuals of a data breach that exposed their personal and health…
US Cyber Trust Mark logo for smart devices is coming
The White House announced the launch of the US Cyber Trust Mark which aims to help buyers make an informed choice about the purchase of…
Over 4,000 backdoors hijacked by registering expired domains
Over 4,000 abandoned but still active web backdoors were hijacked and their communication infrastructure sinkholed after researchers registered expired domains used for commanding them. Some of…
German court finds hacked EncroChat phone evidence inadmissible
A Berlin court has raised questions over whether data from 120 million messages obtained by police hacking an encrypted phone service can continue to be…
U.S. CISA adds Oracle WebLogic Server and Mitel MiCollab flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Oracle WebLogic Server and Mitel MiCollab flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini January 08, 2025 U.S. Cybersecurity and Infrastructure Security…
Meta replaces fact-checking with community notes post ‘Cultural Tipping Point’
Meta replaces fact-checking with community notes post ‘Cultural Tipping Point’ Pierluigi Paganini January 08, 2025 Meta is replacing its fact-checking program with a “community notes”…
Dell Update Package Framework Vulnerability Let Attackers Escalate Privileges
A critical security vulnerability has been identified in Dell’s Update Package (DUP) Framework, potentially exposing systems to privilege escalation and denial-of-service attacks. The vulnerability tracked…
Custom software and silicon set to define next-gen chips
Confidence in the semiconductor industry’s ability to meet demand is being hindered by geopolitical tensions, international trade restrictions and the push for sovereignty, according to…
How initial access brokers (IABs) sell your users’ credentials
Even if you haven’t looked into the methods of initial access brokers (IABs), you’ve almost certainly read about their handiwork in recent cyber-attacks. These specialized…
CISA Warns of Three Vulnerabilities Actively Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding three critical vulnerabilities that are currently being exploited in the wild. These…