Internet Archive breached again through stolen access tokens
The Internet Archive was breached again, this time on their Zendesk email support platform after repeated warnings that threat actors stole exposed GitLab authentication tokens.…
Author: Cybernoz
Cyber Security News Letter(Weekly) – Data Breaches, Vulnerability & Other Stories
Welcome to this week’s Cybersecurity Newsletter, bringing you the latest updates and insights from the world of cybersecurity. Stay informed and protected with our top…
F5 fixed a high-severity elevation of privilege vulnerability in BIG-IP
F5 fixed a high-severity elevation of privilege vulnerability in BIG-IP Pierluigi Paganini October 20, 2024 Technology firm F5 patches a high-severity elevation of privilege vulnerability…
Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials
Oct 20, 2024Ravie LakshmananVulnerability / Email Security Unknown threat actors have been observed attempting to exploit a now-patched security flaw in the open-source Roundcube webmail…
Week in review: 87k+ Fortinet devices still open to attack, red teaming tool used for EDR evasion
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 87,000+ Fortinet devices still open to attack, are yours among…
Hackers Use Fake ESET Emails to Target Israeli Firms with Wiper Malware
Hackers impersonate ESET in phishing attacks targeting Israeli organizations. Malicious emails, claiming to be from ESET, deliver wiper malware. Security researcher Kevin Beaumont exposes the…
U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini October 19, 2024 U.S. Cybersecurity and Infrastructure Security Agency (CISA)…
Google Scholar has a ‘verified email’ for Sir Isaac Newton
It’s true: Google Scholar profile of the renowned former physicist and polymath, Sir Isaac Newton bears a “verified email” note. According to Google Scholar, Isaac Newton is a…
North Korea-linked APT37 exploited IE zero-day in a recent attack
North Korea-linked APT37 exploited IE zero-day in a recent attack Pierluigi Paganini October 19, 2024 North Korea-linked group APT37 exploited an Internet Explorer zero-day vulnerability…
Microsoft creates fake Azure tenants to pull phishers into honeypots
Microsoft is using deceptive tactics against phishing actors by spawning realistic-looking honeypot tenants with access to Azure and lure cybercriminals in to collect intelligence about them.…
The Unsolvable Problem: XZ and Modern Infrastructure
The ongoing prevalence (and rise) of software supply chain attacks is enough to keep any software developer or security analyst up at night. The recent…
Google Chrome’s uBlock Origin Purge Has Begun
And that’s not all. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read…