Hackers Weaponizing MinIO Storage System Flaws
Recent reports indicate two vulnerabilities relating to information disclosure and remote code execution in MinIO, and their proof of concept was publicly disclosed. Threat actors…
Category: CyberSecurityNews
Holiday Season Cyber Alert: Reflectiz Declares War on Magecart
Reflectiz, a cybersecurity company specializing in continuous web threat management, offers an exclusive, fully remote solution to battle Magecart web-skimming attacks, a popular cyberattack involving…
Common Tactics Used by Threat Actors to Weaponize PDFs
In the vast and complex world of cybersecurity, danger often hides in the most unsuspecting corners, stalking stealthily where our guard is least prepared. While…
Payload Encrypter that Hide Malware Binaries
AttackCrypt, an open-source “crypter,” was recently used by cybercriminals to hide malware binaries and avoid antivirus detection. A crypter is a kind of software that can encrypt,…
What is Zero Trust Data Access? Comprehensive Guide
Zero Trust Data Access (ZTDA) constitutes a fundamental aspect of the wider Zero Trust security framework, which entails limiting data access. The Zero Trust security…
AI-Based Honeypot to Engage Attackers as Real System
A honeypot is a trap on a network that lures and studies cyber-attack techniques of threat actors, alerting defenders to unauthorized access attempts. Though Honeypots…
Freecycle Urges Users to Change Passwords Following Data Breach
Freecycle, a popular online platform for giving away and receiving free items, reported a significant data breach. The Freecycle Network (TFN) is a nonprofit organization…
Hackers Exploit Pre-Authentication RCE Flaws in Adobe ColdFusion
Adobe ColdFusion is a Java-based, commercial web app development platform using CFML for server-side programming. ColdFusion is primarily known for its tag-based approach, which is…
Vulnerability in IBM Security Verify Let Attacker Extract Sensitive Information
Multiple Information Disclosure vulnerabilities were discovered in the IBM Security Verify Information Queue, which can reveal several internal product details. This information can then be…
Apple Opens Application for Security Research Device Program
Apple launched the Security Research Device (SRD) program, enabling security researchers to examine the security features of a specially-built hardware variant of the iPhone 14…
Earth Estries Group Hack Govt Agencies & Tech Companies
A new sophisticated cyber espionage group named Earth Estries, which overlaps notorious threat group FamousSparrow, was unveiled. The group has been active since 2020 and…
Hackers Attacking MSSQL Servers To Deploy Ransomware
Recently, threat actors have been utilizing brute force attacks to compromise exposed MSSQL databases to distribute the FreeWorld ransomware. This attack campaign, dubbed DB#JAMMER, is notable,…