The Dumbest Thing in Security This Week: Russia Can’t Math
In a year marked by unprecedented disinformation and cyberattacks, at least we can all come together and laugh at Russia’s math skills. A Russian court…
Author: Cybernoz
Synology hurries out patches for zero-days exploited at Pwn2Own
Synology, a Taiwanese network-attached storage (NAS) appliance maker, patched two critical zero-days exploited during last week’s Pwn2Own hacking competition within days. Midnight Blue security researcher…
Email Phishing Playbook for Efficient Phishing Handling
Let’s not sugarcoat it: phishing is one of the most effective ways cybercriminals worm their way into your network. Why? Simple. As Stephanie Carruthers, a…
LottieFiles confirmed a supply chain attack on Lottie-Player
LottieFiles confirmed a supply chain attack on Lottie-Player Pierluigi Paganini November 01, 2024 LottieFiles confirmed a supply chain attack on Lottie-Player, and threat actors targeted…
LastPass warns of fake support centers trying to steal customer data
LastPass is warning about an ongoing campaign where scammers are writing reviews for its Chrome extension to promote a fake customer support phone number. However,…
EMERALDWHALE Steals 15,000+ Cloud Credentials, Stores Data in S3 Bucket
Operation EMERALDWHALE compromises over 15,000 cloud credentials, exploiting exposed Git and Laravel files. Attackers use compromised S3 buckets for storage, increasing the risks of phishing…
Medusa Ransomware attack impacts 1.8 million patients
In what could potentially be the largest data breach in the history of pathology labs in the United States, the Medusa Ransomware group has reportedly…
1,000+ web shops infected by “Phish ‘n Ships” criminals who create fake product listings for in-demand products
Researchers at the Satori Threat Intelligence and Research team have published their findings about a group of cybercriminals that infect legitimate web shops to create…
CISA looks to global collaboration as fraught US election begins
The United States’ Cybersecurity and Infrastructure Security Agency (CISA) this week launched a two-year International Strategic Plan – its first ever – aligning with domestic…
1 Million Vulnerable Fortinet, SonicWall Devices Exposed
Nearly 1 million Fortinet and SonicWall devices with actively exploited vulnerabilities are exposed on the internet, according to Cyble’s weekly vulnerability report published today. The…
DDoS site Dstat.cc seized and two suspects arrested in Germany
The Dstat.cc DDoS review platform has been seized by law enforcement, and two suspects have been arrested after the service helped fuel distributed denial-of-service attacks for…
AI, Fake Hosting, and Psychological Warfare
U.S. and Israeli cybersecurity agencies have published a new advisory attributing an Iranian cyber group to targeting the 2024 Summer Olympics and compromising a French…