Nigerian man sentenced to 26+ years in real estate phishing scams
Nigerian man Sentenced to 26+ years in real estate phishing scams Pierluigi Paganini November 04, 2024 Nigerian Kolade Ojelade gets 26 years in U.S. for…
Author: Cybernoz
Data of 500,000 stolen in July ransomware attack
The City of Columbus, Ohio, notified 500,000 individuals that a ransomware gang stole their personal and financial information in a July 2024 cyberattack. Ohio’s capital…
Hackers Using AV/EDR Tool “EDRSandBlast” To Bypass Endpoints
AV, anti-malware, and EDR are tools that are primarily used to detect and prevent cyber-attacks. While the AV/EDR bypass tools are designed to evade detection…
Sophisticated Phishing Attack Targeting Ukraine Military Sectors
The Ukrainian Cyber Emergency Response Team discovered a targeted phishing campaign launched by UAC-0215 against critical Ukrainian infrastructure, including government agencies, key industries, and military…
Critical Flaws in Ollama AI Framework Could Enable DoS, Model Theft, and Poisoning
Nov 04, 2024Ravie LakshmananVulnerability / Cyber Threat Cybersecurity researchers have disclosed six security flaws in the Ollama artificial intelligence (AI) framework that could be exploited…
Critical QNAP Zero-day Flaw in QuRouter Patched, Update Now!
QNAP Systems, Inc., a leading provider of network-attached storage (NAS) and networking solutions, has released a critical security update for its QuRouter devices, addressing a…
Massive Midnight Blizzard Phishing Attack Using Weaponized RDP Files
Researchers warn of ongoing spear-phishing attacks by Russian threat actor Midnight Blizzard targeting individuals in various sectors. The attacks involve sending signed RDP configuration files…
Scammers Use DocuSign API to Evade Spam Filters with Phishing Invoices
Scammers are exploiting DocuSign’s APIs to send realistic fake invoices, primarily targeting security software like Norton. This phishing technique bypasses traditional email spam filters by…
A Call For Cybersecurity Awareness Month All Year Round
On the last day of Cybersecurity Awareness Month (CAM), Oct. 31, Cybersecurity Ventures released “Hackerpocalypse: The Human Risk”, on its Cybercrime Magazine YouTube channel. “Apocalypse” has come…
Millions of Synology NAS devices vulnerable to zero-click attacks (CVE-2024-10443)
Synology has released fixes for an unauthenticated “zero-click” remote code execution flaw (CVE-2024-10443, aka RISK:STATION) affecting its popular DiskStation and BeeStation network attached storage (NAS)…
TechUK calls for government support to help UK datacentre market reach growth potential
The datacentre sector could become one of the fastest-growing industries in the UK, but doing so will require greater collaboration between industry and decision-makers at…
MediaTek Smartphone Chipsets Vulnerabilities Let Attackers Escalate Privileges
Recent security bulletins have disclosed high-severity vulnerabilities in MediaTek smartphone chipsets, which could enable attackers to escalate privileges and gain unauthorized access to the affected…