SonicWall SSLVPN access control flaw is now exploited in attacks
SonicWall is warning that a recently fixed access control flaw tracked as CVE-2024-40766 in SonicOS is now “potentially” exploited in attacks, urging admins to apply patches…
Author: Cybernoz
What is ACK Piggybacking?-Definition, Attack Types & Prevention
Piggybacking is a term relevant to computer networking and cybersecurity. It describes techniques that aim to optimize data transmission and, conversely, unauthorized access to networks.…
The NSA Has a Podcast—Here’s How to Decode It
The spy agency that dared not speak its name is now the Joe Rogan of the SIGINT set. And the pod’s actually worth a listen.…
Unfilled Cybersecurity Jobs Can Lead To Utter Chaos
06 Sep Unfilled Cybersecurity Jobs Can Lead To Utter Chaos Posted at 09:03h in Blogs by Di Freeze This week in cybersecurity from the editors…
$27M Stolen, $1.2B Crypto Thefts In 2024
The decentralized finance (DeFi) ecosystem has been rocked by another major security breach. Penpie, a protocol built on the Pendle platform, suffered a hack on…
Gamaredon Campaign Targets Ukrainian Military Personnel
A sophisticated spear-phishing campaign orchestrated by the Gamaredon APT group has emerged as a threat to Ukrainian military personnel. Cyble Research and Intelligence Labs (CRIL)…
Therapy Sessions Exposed by Mental Health Care Firm’s Unsecured Database
Thousands of people’s highly sensitive health details, including audio and video of therapy sessions, were openly accessible on the internet, new research has revealed. The…
PoC Exploit Released for Linux Kernel Vulnerability that Allows Root Access
Google Released a Proof-of-Concept (PoC) for a critical security vulnerability, identified as CVE-2024-26581, which has been discovered in the Linux kernel and poses significant risks…
Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195)
For the fourth time in the last five months, Apache OFBiz users have been advised to upgrade their installations to fix a critical flaw (CVE-2024-45195)…
MSP/MSSP Security Strategies for 2025
The 2024 State of the vCISO Report continues Cynomi’s tradition of examining the growing popularity of virtual Chief Information Security Officer (vCISO) services. According to…
Critical Apache OFBiz RCE Vulnerability Patched CVE-2024-45195
Popular open-source enterprise Resource Planning (ERP) system, Apache OFBiz, recently discovered harboring a critical Remote Code Execution (RCE) vulnerability. Tracked as CVE-2024-45195, the Apache OFBiz…
Linux Pluggable Authentication Modules Abused to Create Backdoors
The Group-IB Digital Forensics and Incident Response (DFIR) team has uncovered a novel technique that exploits Linux’s Pluggable Authentication Modules (PAM) to create persistent backdoors…