Site catering to online criminals has been seized by the FBI
RAMP—the predominantly Russian-language online bazaar that billed itself as the “only place ransomware allowed”—had its dark web and clear web sites seized by the FBI…
Author: Cybernoz
New threat actor, UAT-9921, leverages VoidLink framework in campaigns
Cisco Talos recently discovered a new threat actor, UAT-9921, leveraging VoidLink in campaigns. Their activities may go as far back as 2019, even without VoidLink.…
February 2026 Microsoft Patch Tuesday
2Critical 51Important 1Moderate 0Low Microsoft addresses 54 CVEs in the February 2026 Patch Tuesday released, including six zero-day vulnerabilities that were exploited in the wild…
Top 10 web hacking techniques of 2024
Welcome to the Top 10 Web Hacking Techniques of 2024, the 18th edition of our annual community-powered effort to identify the most innovative must-read web…
Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries
Ravie LakshmananMar 03, 2026Vulnerability / Artificial Intelligence The threat actor behind the recently disclosed artificial intelligence (AI)-assisted campaign targeting Fortinet FortiGate appliances leveraged an open-source,…
Critical Nginx UI flaw CVE-2026-27944 exposes server backups
Critical Nginx UI flaw CVE-2026-27944 exposes server backups Pierluigi Paganini March 08, 2026 Nginx UI flaw CVE-2026-27944 lets attackers download and decrypt server backups without…
Path masquerading: Hide in plain sight
I. INTRODUCTION With low privileges as a normal user, how will you fly under the radar of Endpoint Detection and Response (EDR)? EDR evasion techniques…
Cisco issues emergency patches for critical firewall vulnerabilities
Other vulnerabilities Of the remaining flaws, a further six are rated ‘high’, with CVSS scores of between 7.2 and 8.6. These include the Firewall Management…
County pays $600,000 to pentesters it arrested for assessing courthouse security
Two security professionals who were arrested in 2019 after performing an authorized security assessment of a county courthouse in Iowa will receive $600,000 to settle…
Fall 2025 SOC 1, 2, and 3 reports are now available with 185 services in scope
Amazon Web Services (AWS) is pleased to announce that the Fall 2025 System and Organization Controls (SOC) 1, 2, and 3 reports are now available. The…
Fuzzing a single thread to uncover vulnerabilities
A Cisco Talos researcher worked around the limitations of hardware-level Code Read-out Protection (RDP) on the Socomec DIRIS M-70 gateway by pivoting from physical debugging to a…
2026 Cloud security and AI security risk report
AI adoption is outpacing traditional cyber governance. The “Tenable Cloud and AI Security Risk Report 2026” reveals how overprivileged identities and unmonitored supply chain dependencies…