New Go-based Backdoor GoGra Targets South Asian Media Organization
Aug 07, 2024Ravie LakshmananCloud Security / Cyber Espionage An unnamed media organization in South Asia was targeted in November 20233 using a previously undocumented Go-based…
Author: Cybernoz
Securing data in GCP: A Computer Weekly Downtime Upload podcast
Listen to this podcast We speak to Google’s director of product management for confidential computing about ensuring the protection of data in use How do…
Roundcube flaws allow easy email account compromise (CVE-2024-42009, CVE-2024-42008)
Two cross-site scripting vulnerabilities (CVE-2024-42009, CVE-2024-42008) affecting Roundcube could be exploited by attackers to steal users’ emails and contacts, email password, and send emails from…
National Public Data Faces Lawsuit, 3Bn People Likely Exposed
A lawsuit has been filed against National Public Data, a background check service owned by Jerico Pictures Inc, for an alleged data breach that could…
New Android spyware LianSpy relies on Yandex Cloud to avoid detection
New Android spyware LianSpy relies on Yandex Cloud to avoid detection Pierluigi Paganini August 07, 2024 A previously unknown Android Spyware, dubbed LianSpy, has been…
Firefox Patches Multiple High Severity Vulnerabilities
Mozilla has released Firefox 129, addressing multiple high-severity vulnerabilities. These patches are critical for enhancing the browser’s security and protecting users from potential exploits. Detailed…
New Zola Ransomware Using Multiple Tools to Disable Windows Defender
Seemingly new ransomware, Zola, is the newest version of the Proton family that appeared in March 2023. This rebranding highlights the unbroken trend of ransomware’s…
Veza introduces Access AI to streamline risk management and access control
Veza has released Access AI, a generative AI-powered solution to maintain the principle of least privilege at enterprise scale. With Access AI, security and identity…
UK’s Data Regulator Proposed £6M Fine To Advanced Software Over 2022 NHS Ransomware Incident
The British data and privacy watchdog plans to fine Advance Software in millions over the 2022 ransomware incident that crippled healthcare services across the country.…
Microsoft 365 Anti-phishing Feature Bypassed Using CSS Style Tags
Phishing is the most effective method for an attacker to infiltrate an organization. Several attack methods and techniques are available for an attacker to send…
Cequence Unified API Protection defends against attacks targeting AI applications
Cequence introduced advancements to its Unified API Protection (UAP) platform, specifically tailored to support the secure use of AI applications like Generative AI and Large…
A complete guide to exploiting advanced SSRF vulnerabilities
SSRF—short for Server-Side Request Forgery—vulnerabilities are amongst one of the most impactful web security vulnerabilities. Even though they are less commonly found on targets they…