Mandrake Spyware Resurges With New Advanced Evasion
The Android spyware known as Mandrake has made a significant resurgence with a new variant. This Mandrake spyware has been discovered hidden in five seemingly…
Author: Cybernoz
Coding practices: The role of secure programming languages
Safety and quality are not features that can be added through testing — they must be integral to the design. Opting for a safer or…
Review: Action1 – Simple and powerful patch management
Although endpoint anti-malware and other security controls are now standard at the operating system level, keeping all endpoint software up-to-date and secure remains an open…
Securing remote access to mission-critical OT assets
In this Help Net Security interview, Grant Geyer, Chief Strategy Officer at Claroty, discusses the prevalent vulnerabilities in Windows-based engineering workstations (EWS) and human-machine interfaces…
Insecure file-sharing practices in healthcare put patient privacy at risk
Healthcare organizations continue to put their business and patients at risk of exposing their most sensitive data, according to Metomic. 25% of publicly shared files…
Proofpoint’s Email Protection Service Exploited to Send Millions of Phishing Emails
A massive phishing campaign dubbed “EchoSpoofing” has exploited a critical vulnerability in Proofpoint’s email protection service, allowing cybercriminals to send millions of perfectly spoofed phishing…
Ransomware Gangs Exploiting VMware ESXi Authentication Bypass Flaw
Microsoft researchers have found a critical vulnerability in VMware’s ESXi hypervisors. Ransomware operators are using this problem to attack systems. This vulnerability, CVE-2024-37085, allows threat…
Hacker Scrapes and Publishes 100,000-Line CrowdStrike IoC List
USDoD hacker scrapes and leaks a 100,000-line Indicator of Compromise (IoC) list from CrowdStrike, revealing detailed threat intelligence data. The leak, posted on Breach Forums,…
U.S. Department Of Justice Urges Court To Reject TikTok Appeal
The U.S. Department of Justice has asked an appeals court to reject legal challenges to a law requiring ByteDance, TikTok’s Chinese parent company, to divest…
ACCC shifts support for broadband tax on 4G and 5G fixed wireless – Telco/ISP
The ACCC has made a case for the ‘broadband tax’ on NBN-equivalent services to be expanded to 4G and 5G fixed wireless, after years of…
UNC4393 Adapts Techniques After QAKBOT Takedown
The threat actor group UNC4393, known for deploying BASTA ransomware, has undergone continuous changes in its tactics since mid-2022. Researchers have tracked over 40 UNC4393…
Ransomware Actors Exploit VMware ESXi Bug: Microsoft
Microsoft researchers have observed multiple ransomware operators exploiting a recently patched vulnerability in ESXi hypervisors to gain full administrative control over domain-joined ESXi servers. This…