Sophos Firewall Code Injection Flaw: Let Attackers Execute Code
A critical security flaw has been discovered in the Sophos Firewall User Portal and Webadmin, allowing hackers to execute malicious code remotely. The vulnerability enables…
Author: Cybernoz
Drata unveils Third-Party Risk Management offering to help security teams identify risks
Drata announced its Third-Party Risk Management (TPRM) offering, empowering customers to identify, evaluate, and monitor third-party risks in one centralized and integrated platform. Third-party risk…
How ransomware gangs use the tech media against their victims
Cyber criminals traditionally and understandably shied away from publicity, but over the past few years, ransomware gangs have inverted this longstanding trope and are now…
Hackers Abuse OAuth Applications to Automated Finacial Attacks
OAuth (Open Authorization) is an industry-standard protocol that allows third-party applications to access a user’s data without exposing login credentials. This standard protocol facilitates secure…
34 Vulnerabilities & Critical 0-Day Fixed
Microsoft has released their patches for December 2023 as part of their Patch Tuesday. In this release, they have patched more than 34 vulnerabilities and…
How to Analyze Malware’s Network Traffic in A Sandbox
Malware analysis encompasses a broad range of activities, including examining the malware’s network traffic. To be effective at it, it’s crucial to understand the common…
Microsoft’s Christmas present for cyber teams: no zero-days
After a year that has seen no end of critical vulnerabilities in Microsoft products and services, Redmond has delivered an early Christmas bonus to cyber…
Microsoft Warns of Hackers Exploiting OAuth for Cryptocurrency Mining and Phishing
Dec 13, 2023NewsroomCryptocurrency / Threat Analysis Microsoft has warned that adversaries are using OAuth applications as an automation tool to deploy virtual machines (VMs) for…
UK Ministry Of Defence Fined For Afghan Evacuation Data Breach
The UK Ministry of Defence (MoD) is now grappling with a £350,000 (approximately $440,000) fine imposed by the Information Commissioner’s Office (ICO) due to the…
Major Cyber Attack Paralyzes Kyivstar
Dec 13, 2023NewsroomCyber Attack / Geopolitics Ukraine’s biggest telecom operator Kyivstar has become the victim of a cyber attack, disrupting customer access to mobile and…
Critical UK infrastructure a ‘hostage of fortune’ to ransomware
There is a high risk of a genuinely catastrophic ransomware attack occurring against a critical national infrastructure (CNI) target in the UK at any moment,…
German Energy Agency Targeted By LockBit
The reputed German Energy Agency, Dena, has allegedly fallen prey to the notorious LockBit ransomware group. The Dena cyberattack came to light via a post…