30,000 Devices in Germany Discovered with Pre-installed Malware “Badbox”
The Federal Office for Information Security (BSI) in Germany has taken decisive action against a wave of malware-infected digital picture frames and media players connected…
Author: Cybernoz
CISA Warns of Cleo 0-Day Vulnerability Exploited by Ransomware Gangs
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a critical vulnerability in Cleo’s file transfer software being actively exploited by…
New HeartCrypt Packer-as-a-Service (PaaS) Protecting Malware From Antivirus
A new packer-as-a-service (PaaS) called HeartCrypt has emerged as a powerful tool for malware operators to evade antivirus detection. Developed in July 2023 and launched…
Yahoo Terminates Their Entire Red Team From The “Team Paranoids”
Yahoo has laid off around 25% of its cybersecurity team, known as “The Paranoids,” over the past year, according to information obtained by Cyber Security News.…
Hackers Scanning RDP Services Especially Port 1098 For Exploitation
There is a significant surge in scanning activities targeting Remote Desktop Protocol (RDP) services, with a particular focus on port 1098/TCP. Over the past two…
CISA warns water facilities to secure HMI systems exposed online
CISA and the Environmental Protection Agency (EPA) warned water facilities today to secure Internet-exposed Human Machine Interfaces (HMIs) from cyberattacks. HMIs are dashboards or user…
FTC warns of online task job scams hooking victims like gambling
The Federal Trade Commission (FTC) warns about a significant rise in gambling-like online job scams, known as “task scams,” that draw people into earning cash…
How Crypto and Blockchain Organizations Manage Complex Attack Surfaces With Competitive Security Testing Programs
There are three factors that differentiate crypto and blockchain organizations from other industries; their attack surfaces, their most common vulnerabilities, and the amount they spend…
Auto parts giant LKQ says cyberattack disrupted Canadian business unit
Automobile parts giant LKQ Corporation disclosed that one of its business units in Canada was hacked, allowing threat actors to steal data from the company.…
CISA confirms critical Cleo bug exploitation in ransomware attacks
CISA confirmed today that a critical security vulnerability in Cleo Harmony, VLTrader, and LexiCom file transfer software is being exploited in ransomware attacks. This flaw…
German agency BSI sinkholed a botnet of 30,000 devices infected with BadBox
German agency BSI sinkholed a botnet of 30,000 devices infected with BadBox Pierluigi Paganini December 13, 2024 The German agency BSI has sinkholed a botnet…
How a Privilege Escalation Led to Unrestricted Admin Account Creation in Shopify
In a privilege escalation attack, an attacker gains elevated rights, permissions, or entitlements beyond the intended level associated with their identity, account, or device. Systems…