OilRig Hackers Exploiting Microsoft Exchange Server To Steal Login Details
OilRig hackers (aka Earth Simnavaz, APT34, OilRig) is a cyber espionage group that was linked to “Iranian” interests. This APT group primarily targets energy, governmental,…
Author: Cybernoz
TrickMo Malware Attacking Android Devices To Steal Unlock Patterns And PINs
The recent discovery of the TrickMo Banking Trojan variant by Cleafy has prompted further investigation, where researchers have identified 40 variants, 16 droppers, and 22…
Transforming Security Testing With AI: Benefits and Challenges
Security testing plays a critical role in ensuring that applications are protected against vulnerabilities and attacks. In times when cyber attacks like data breaches and…
Supply Chain Attack Leveraging Entry Points in PyPI, npm, Ruby Gems & NuGet
A sophisticated supply chain attack has been identified, leveraging entry points in popular open-source package repositories, including PyPI (Python), npm (JavaScript), Ruby Gems, and NuGet…
CoreWarrior Malware Attacking Windows Machines With Self-replication Capabilities
Malware targeting Windows machines continues to be a significant threat. While these threats could be in various forms like viruses, worms, and ransomware. These malicious…
The War on Passwords Is One Step Closer to Being Over
The password-killing tech known as “passkeys” have proliferated over the last two years, developed by the tech industry association known as the FIDO Alliance as…
Zero-day Flaws Exposed EV Chargers to Shutdowns and Data Theft
NCC Group experts share details of how they exploited critical zero-day vulnerabilities in Phoenix Contact EV chargers (electric vehicles chargers) at 44con, demonstrating the cybersecurity…
Cyble Vulnerability Intelligence Reports New Cyberattacks
Cyble’s Vulnerability Intelligence unit has spotlighted a series of cyberattacks targeting critical vulnerabilities in various software systems, including the Ruby SAML library, D-Link NAS devices,…
Popular Java Framework pac4j Vulnerable To RCE Attacks
A critical security vulnerability has been identified in the popular Java security framework, pac4j, specifically affecting versions prior to 4.0. This vulnerability tracked as CVE-2023-25581,…
Researchers Win $70K for Reporting Zero-Day Flaws in EV Chargers
NCC Group experts share details of how they exploited critical zero-day vulnerabilities in Phoenix Contact EV chargers (electric vehicles chargers) at 44con, demonstrating the cybersecurity…
Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems
Cybersecurity researchers have found that entry points could be abused across multiple programming ecosystems like PyPI, npm, Ruby Gems, NuGet, Dart Pub, and Rust Crates…
A Hacker’s Journey Through Crime And Redemption
“I was born into an outlaw family,” said Eddie Miro, when he recently came on the Cybercrime Magazine Podcast and told us his deeply personal story.…