IOCONTROL cyberweapon used to target infrastructure in the US and Isreael
IOCONTROL cyberweapon used to target infrastructure in the US and Isreael Pierluigi Paganini December 14, 2024 Iran-linked threat actors target IoT and OT/SCADA systems in…
Author: Cybernoz
Russian cyberspies target Android users with new spyware
Russian cyberspies Gamaredon has been discovered using two Android spyware families named ‘BoneSpy’ and ‘PlainGnome’ to spy on and steal data from mobile devices. According…
390,000 WordPress accounts stolen from hackers in supply chain attack
A threat actor tracked as MUT-1244 has stolen over 390,000 WordPress credentials in a large-scale, year-long campaign targeting other threat actors using a trojanized WordPress…
U.S. CISA adds Cleo Harmony, VLTrader, and LexiCom flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Cleo Harmony, VLTrader, and LexiCom flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini December 14, 2024 U.S. Cybersecurity and Infrastructure Security Agency…
A complete guide to finding advanced file upload vulnerabilities
File upload vulnerabilities are fun to find, they are impactful by nature and in some cases even result in remote code execution. Nowadays, most developers…
Benefits of Network Monitoring Systems
Maintaining a resilient, secure, and efficient network infrastructure is more important than ever. Network monitoring systems, which encompass both hardware and software tools, play a…
Germany Disrupts BADBOX Malware on 30,000 Devices Using Sinkhole Action
Dec 14, 2024Ravie LakshmananBotnet / Ad Fraud Germany’s Federal Office of Information Security (BSI) has announced that it has disrupted a malware operation called BADBOX…
Password Era is Ending ” Microsoft to Delete 1 Billion Password to Replace “Passkey
In a significant turn towards a passwordless future, Microsoft has announced groundbreaking strides in adopting passkeys, a secure and user-friendly alternative to traditional passwords. With…
Microsoft’s AI Recall Tool Is Still Sucking Up Credit Card and Social Security Numbers
What a week! On Monday, police arrested 26-year-old Luigi Mangione and charged him in the murder of UnitedHealthcare CEO Brian Thompson. Mangione’s five-day run from…
CSC 2025 Predictions: From Surges in AI-Generated Malware to Machine Learning in SOCs
The threat landscape continues to evolve, and companies around the world face escalating risks heading into 2025. As AI enables more malware and phishing campaigns,…
Addressing the Disconnect in External Attack Surface Awareness
External vulnerability scans have become a staple in the cybersecurity toolkit of most organizations. Similar to a penetration test, external scans are designed to discover…
Thai Officials Targeted in Yokai Backdoor Campaign Using DLL Side-Loading Techniques
Dec 14, 2024Ravie LakshmananMalware / Cyber Threat Thai government officials have emerged as the target of a new campaign that leverages a technique called DLL…