CISA confirms critical Cleo bug exploitation in ransomware attacks
CISA confirmed today that a critical security vulnerability in Cleo Harmony, VLTrader, and LexiCom file transfer software is being exploited in ransomware attacks. This flaw…
Author: Cybernoz
German agency BSI sinkholed a botnet of 30,000 devices infected with BadBox
German agency BSI sinkholed a botnet of 30,000 devices infected with BadBox Pierluigi Paganini December 13, 2024 The German agency BSI has sinkholed a botnet…
How a Privilege Escalation Led to Unrestricted Admin Account Creation in Shopify
In a privilege escalation attack, an attacker gains elevated rights, permissions, or entitlements beyond the intended level associated with their identity, account, or device. Systems…
Citrix shares mitigations for ongoing Netscaler password spray attacks
Citrix Netscaler is the latest target in widespread password spray attacks targeting edge networking devices and cloud platforms this year to breach corporate networks. In March,…
The New Jersey Drone Mystery May Not Actually Be That Mysterious
Across New Jersey, reports of mysterious drone sightings have been rising for weeks, with people contacting authorities and posting on social media about aerial vehicles…
Canadian Eyecare Firm Care1 Exposes 2.2TB of Patient Records
SUMMARY Cybersecurity researcher Jeremiah Fowler discovered an unprotected Care1 database with over 4.8 million patient records. Exposed data included names, addresses, medical histories, and Personal…
390,000+ WordPress Credentials Stolen via Malicious GitHub Repository Hosting PoC Exploits
Dec 13, 2024Ravie LakshmananCyber Attack / Malware A now-removed GitHub repository that advertised a WordPress tool to publish posts to the online content management system…
Decoding the end of the decade: What CISOs should watch out for
It’s that time of year where we, in the industry, attempt to be cyber soothsayers. A tall order – even more so when you’re trying…
Russian cyberspies target Android users with new spyware
Russian cyberspies Gamaredon has been discovered using two Android spyware families named ‘BoneSpy’ and ‘PlainGnome’ to spy on and steal data from mobile devices. According…
Serhiy Tokarev Explains Why Health Tech Startups Are Worth Investing In
Health Tech is booming, projected to grow from $312.92B in 2024 to $981.23B by 2032. Serhiy Tokarev highlights its social and business impact, with AI,…
Russia blocks Viber in latest attempt to censor communications
Russian telecommunications watchdog Roskomnadzor has blocked the Viber encrypted messaging app, used by hundreds of millions worldwide, for violating the country’s legislation. “Access to the…
Critical OpenWrt Vulnerability Exposes Devices to Malicious Firmware Injection
Dec 13, 2024The Hacker NewsLinux / Vulnerability A security flaw has been disclosed in OpenWrt’s Attended Sysupgrade (ASU) feature that, if successfully exploited, could have…