Chinese cyberspies use new SSH backdoor in network device hacks
A Chinese hacking group is hijacking the SSH daemon on network appliances by injecting malware into the process for persistent access and covert operations. The…
Author: Cybernoz
3 SOC Challenges Solved by Threat Intelligence
An organization’s cyber security operation center (SOC) is a unit in charge of cyber threat prevention and mitigation. Within this framework, several critical tasks imply…
Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’? – Krebs on Security
The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled, English-language cybercrime forums with millions of users that trafficked…
Cybercriminals Exploiting HTTP Client Tools to Hijack Microsoft 365 Accounts
A recent report by Proofpoint has revealed an alarming trend of cybercriminals exploiting HTTP client tools to target Microsoft 365 accounts. These tools, originally designed…
Insider Threat Program Modernization: Trends, Technologies, and Whole-Person Risk Assessment
Insider threat management remains a top priority for organizations as insider incidents rise. Insider threats encompass a broad spectrum of malicious activities, from data theft…
Quantum datacentre deployments: How they are supporting evolving compute projects
Put lots of qubits together and you have quantum computing, requiring datacentres that can support it. A quantum datacentre though is not just about having…
7-Zip MotW bypass exploited in zero-day attacks against Ukraine
A 7-Zip vulnerability allowing attackers to bypass the Mark of the Web (MotW) Windows security feature was exploited by Russian hackers as a zero-day since…
New Tiny FUD Attacking macOS Users Bypassing Antivirus and Security Tools
A new, highly sophisticated malware known as Tiny FUD has been identified, targeting macOS users with advanced evasion techniques that allow it to bypass traditional…
Android Security Update Fixes Linux Kernel RCE Flaw Allow Read/Write Access
On February 3, 2025, Google published its February Android Security Bulletin, which addresses a total of 47 vulnerabilities affecting Android devices. Among these, a critical…
New ValleyRAT Malware Variant Spreading via Fake Chrome Downloads
Morphisec uncovers a new ValleyRAT malware variant with advanced evasion tactics, multi-stage infection chains, and novel delivery methods targeting systems. Cybersecurity researchers at Morphisec Threat…
New AI “agents” could hold people for ransom in 2025
A paradigm shift in technology is hurtling towards us, and it could change everything we know about cybersecurity. Uhh, again, that is. When ChatGPT was…
All change: Weighing up the options for enterprises as open source licences evolve
Potentially heralding a fundamental shift in definitions of open source, HashiCorp moved to more restrictive licensing for infrastructure-as-code (IaaS) tool Terraform in 2023. The Cloud…