CISA Kicks Off Cybersecurity Awareness Month With New Program
To celebrate the 20th Cybersecurity Awareness Month, CISA has launched a new program, meant to promote four critical actions that businesses and individuals can take…
Author: Cybernoz
OpenRefine’s Zip Slip Vulnerability Could Let Attackers Execute Malicious Code
Oct 02, 2023THNVulnerability / Cyber Attack A high-severity security flaw has been disclosed in the open-source OpenRefine data cleanup and transformation tool that could result…
Cybersecurity Solutions: Need Of The Hour
In today’s hyper-connected digital landscape, the phrase “better safe than sorry” couldn’t be more fitting. Cybersecurity isn’t just a buzzword; it’s an absolute necessity for…
Recently Patched TeamCity Vulnerability Exploited to Hack Servers
In-the-wild exploitation of a critical vulnerability in JetBrains’ TeamCity continuous integration and continuous deployment (CI/CD) server started just days after the availability of a patch…
Malicious npm & PyPi Packages Exfiltrate SSH Keys From Server
JavaScript and Python both have their own package repositories called npm (Node Package Manager) and PyPi (Python Package Index), respectively. They act as key centers…
Threat Hunting with MITRE ATT&CK
Cybercriminal tactics continue to grow in number and advance in ability; in response, many organisations have seen the need to reach a security posture where…
Lazarus impersonated Meta recruiter to breach Spanish aerospace firm
Operators of the North Korea-linked Lazarus APT obtained initial access to the network of an aerospace company in Spain last year after a successful spearphishing…
Silverfort Open Sources Lateral Movement Detection Tool
Identity protection provider Silverfort has announced the open source release of a lateral movement detection tool. Called LATMA (Lateral Movement Analyzer), the tool was designed…
North Korean Lazarus targeted a Spanish aerospace company
North Korea-linked Lazarus targeted a Spanish aerospace company Pierluigi Paganini October 02, 2023 North Korea-linked APT group Lazarus impersonated Meta’s recruiters in an attack against…
Cisco Patches IOS software Zero-day Exploited in Attacks
Cisco has issued fixes to address a vulnerability in the GET VPN feature of IOS and IOS XE software that has been exploited in attacks.…
Cyber Attack on Louisiana Vehicle Owners data and Royal Family Website crash by Russia
Louisiana vehicle owners’ data was leaked in a massive cyber-attack A massive cyber-attack has exposed the personal data of Louisiana vehicle owners, marking what appears…
New Malware-as-a-Service Threat Emerges in the Cybercrime Underground
Oct 02, 2023THNCyber Threat / Malware Cybersecurity experts have discovered yet another malware-as-a-service (MaaS) threat called BunnyLoader that’s being advertised for sale on the cybercrime…