Misconfigured Selenium Grid servers abused for Monero mining
Threat actors are exploiting a misconfiguration in Selenium Grid, a popular web app testing framework, to deploy a modified XMRig tool for mining Monero cryptocurrency. Selenium…
Author: Cybernoz
RADIUS Protocol Vulnerability Impacted Multiple Cisco Products
A critical vulnerability in the Remote Authentication Dial-In User Service (RADIUS) protocol has been disclosed, affecting multiple Cisco products. The vulnerability, CVE-2024-3596, allows an on-path…
Microsoft CrowdStrike Software Update leading to Phishing Attacks
A couple weeks ago, an IT outage hit Microsoft Windows 10 and 11 servers shortly after CrowdStrike released a Falcon Sensors software update. Rather than…
The cost of cybersecurity burnout: Impact on performance and well-being
This article includes excerpts from recent reports we covered, providing statistics and insights into the levels of stress and burnout experienced by cybersecurity professionals. Most…
Gh0st RAT Trojan Targets Chinese Windows Users via Fake Chrome Site
Jul 29, 2024NewsroomCybersecurity / Cyber Espionage The remote access trojan known as Gh0st RAT has been observed being delivered by an “evasive dropper” called Gh0stGambit…
Fake Falcon crash reporter installer used to target German Crowdstrike users
Fake Falcon crash reporter installer used to target German Crowdstrike users Pierluigi Paganini July 29, 2024 CrowdStrike warns about a new threat actor targeting German…
How Software Updates Can Lead to Cyber Attacks
In the world of cybersecurity, software updates are a double-edged sword. On one hand, they are crucial for patching vulnerabilities, enhancing features, and improving overall…
Enhancing threat detection for GenAI workloads with cloud attack emulation
Cloud GenAI workloads inherit pre-existing cloud security challenges, and security teams must proactively evolve innovative security countermeasures, including threat detection mechanisms. Traditional cloud threat detection…
Cirrus: Open-source Google Cloud forensic collection
Cirrus is an open-source Python-based tool designed to streamline Google Cloud forensic evidence collection. It can streamline environment access and evidence collection in investigations involving…
Why a strong patch management strategy is essential for reducing business risk
In this Help Net Security interview, Eran Livne, Senior Director of Product Management, Endpoint Remediation at Qualys and Thomas Scheffler, Security Operations Manager of Cintas…
CrowdStrike Outage Leads to Estimated Financial Loss of $5.4 Billion
A recent global IT outage linked to CrowdStrike, a leading cybersecurity company, has resulted in an estimated $5.4 billion in direct financial losses for Fortune…
Whitepaper: DevSecOps Blueprint – Help Net Security
In the DevSecOps Blueprint whitepaper, GitGuardian outlines a robust foundation for building an automated and technology-driven DevSecOps Program that addresses every aspect of the SDLC.…