AI Ransomware Threat to increase in two years says UK GCHQ
The UK’s GCHQ cyber arm, the National Cyber Security Centre (NCSC), is warning of an imminent surge in AI-based ransomware threats over the next two…
Author: Cybernoz
Stack Identity expands its plaform with ITDR to tackle shadow access and shadow identities
Stack Identity has unveiled the expansion of the Identity Access Risk Management Platform with identity threat detection and response (ITDR) to tackle shadow access and…
How to lock out your ex-partner from your smart home
Stalkers can use all kinds of apps, gadgets, devices, and phones to spy on their targets, which are often their ex-partners. Unfortunately, while they no…
Google Kubernetes Misconfig Lets Any Gmail Account Control Your Clusters
Jan 24, 2024NewsroomCloud Security / Kubernetes Cybersecurity researchers have discovered a loophole impacting Google Kubernetes Engine (GKE) that could be potentially exploited by threat actors…
IR35: Contractors call for off-payroll rules to be scrapped in Spring Budget 2024
IT contractors are among the freelance workers calling on the government to consider scrapping the controversial IR35 off-payroll working rules in the March 2024 Spring…
Tesla hacked, 24 zero-days demoed at Pwn2Own Automotive 2024
Security researchers hacked a Tesla Modem and collected awards of $722,500 on the first day of Pwn2Own Automotive 2024 for three bug collisions and 24…
Python based WIREFIRE web shell Attacking Ivanti VPN
Recently, QuoIntelligence’s research team unearthed a previously undetected variant of the notorious WIREFIRE web shell, a Python-based implant targeting compromised Ivanti Connect Secure (ICS) VPN…
When the Enemy Is DDoS, Holistic Protection Is a Must
An infinite variety of attack methods require customizable solutions. By Sean Newman, VP/Product Management, Corero Sun Tzu was an exceptional general, strategist, and philosopher, and…
Hackers Deploy Malicious npm Packages to Steal SSH Key
Two malicious npm packages were discovered on the npm open source package manager, which leverages GitHub to store stolen Base64-encrypted SSH keys obtained from developer…
Keeping SaaS Data Under Wraps
A case study on how a $10B global media firm significantly improved SaaS security posture Media firms in the business of image and reputation don’t…
Artificial Intelligence Heightens Ransomware Threat, UK Cyber Security Center Warns
The report outlines that Artificial Intelligence (AI), currently utilized by cybercriminals, is lowering entry barriers for less experienced threat actors, including hackers-for-hire and hacktivists. In…
PoC exploit for easily exploitable Fortra GoAnywhere MFT vulnerability released (CVE-2024-0204)
Proof-of-concept (PoC) exploit code for a critical vulnerability (CVE-2024-0204) in Fortra’s GoAnywhere MFT solution has been made public, sparking fears that attackers may soon take…