New Malware With Stealthy Tactics
Cyble Research and Intelligence Labs (CRIL) has recently unearthed a sophisticated shellcode loader named Jellyfish Loader, marking a new development in cyber threat detection. This…
Author: Cybernoz
Microsoft finally fixes Outlook alerts bug caused by December updates
Microsoft has finally fixed a known Outlook issue, confirmed in February, which was triggering incorrect security alerts after installing the December security updates for Outlook…
BMW Hong Kong Faces Major Data Breach: 14,000 Customer Records Exposed
BMW Hong Kong has reportedly suffered a data breach affecting approximately 14,000 customers. The leak, which came to light on July 16, 2024, has exposed…
MirrorFace Attacking Organizations Exploiting Vulnerabilities
MirrorFace threat actors have been targeting media, political organizations, and academic institutions since 2022, shifting focus to manufacturers and research institutions in 2023. The attack…
ZDI Slams Microsoft for Not Crediting It in Last Week’s Patch Tuesday
Microsoft faces backlash from Zero Day Initiative (ZDI) and security researchers over lack of transparency in vulnerability disclosure especially during its last week’s Patch Tuesday.…
Iranian Hackers Deploy New BugSleep Backdoor in Middle East Cyber Attacks
The Iranian nation-state actor known as MuddyWater has been observed using a never-before-seen backdoor as part of a recent attack campaign, shifting away from its…
Medius Appoints Fahmi Megdiche As CISO
Medius, a global leader in AP automation and spend management solutions, has announced the appointment of Fahmi Megdiche as its new Chief Information Security Officer…
Apache HugeGraph-Server RCE Vulnerability Under Active Attack
Attackers are actively exploiting a critical remote code execution (RCE) vulnerability in Apache HugeGraph-Server, which is tracked as CVE-2024-27348. The vulnerability affects versions 1.0.0 to…
HardBit Ransomware Using Passphrase Protection To Evade Detection
In 2022, HardBit Ransomware emerged as version 4.0. Unlike typical ransomware groups, this ransomware doesn’t use leak sites or double extortion. Their tactics include data…
Threat Prevention & Detection in SaaS Environments
Identity-based threats on SaaS applications are a growing concern among security professionals, although few have the capabilities to detect and respond to them. According to…
Massive hyperscaler GenAI spend raises questions on costs
The latest Gartner worldwide IT spending forecast shows that the analyst firm expects a 7.5% increase in spending compared to 2023. Total spending on IT…
Multiple Netgear Vulnerabilities Let Attackers Bypass Authentication
NETGEAR has released an update to the firmware to address a high-severity authentication bypass vulnerability that currently affects CAX30 models. The attacker exploiting this flaw…