On April 16, 2025, millions of users worldwide found themselves unable to access Zoom, the widely used video conferencing platform, due to a critical outage that lasted nearly two hours. The disruption, which began at 11:25 AM PDT and was…
Category: EN
Linux Kernel Vulnerability Let Attackers Escalate Privilege – PoC Released
A newly discovered vulnerability, CVE-2024-53141, in the Linux kernel’s IP sets framework has exposed a critical security flaw that allows local attackers to escalate privileges and potentially gain root access. The vulnerability, assigned a CVSS score of 7.8, uncovered by…
Why Your Castle Isn’t Enough: Security Must Look Beyond the Perimeter
The traditional “castle-and-moat” model of cybersecurity is outdated. Firewalls, endpoint protection and segmentation are all still important. But if you think they’re enough to stop today’s threats, think again. From where I sit, the biggest risks aren’t storming the gates.…
Gain Legends International Suffers Security Breach – Customers Data Stolen
Gain Legends International, a prominent name in sports, entertainment, and venue management, has confirmed a significant cybersecurity breach that has compromised the personal information of an undisclosed number of customers and associates. The incident was first identified on November 9,…
Unlock the Power of Financial Quantification of Cyber Risk
In today’s complex threat landscape, gut feelings and disparate risk scores are no longer sufficient for effective cyber risk management. Organizations need concrete, data-driven insights to make informed decisions, prioritize security investments, and ultimately, protect their bottom line. This is…
Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader
A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader. “Attackers increasingly rely on such complex delivery mechanisms to evade detection, bypass traditional sandboxes, and ensure successful payload delivery and execution,” Palo…
When Security Gets Too Complicated: A Return to Basics
In the cybersecurity industry, we’ve become obsessed with complexity. Every conference showcase features dazzling new AI-infused solutions, quantum-resistant algorithms, and blockchain-secured systems promising to revolutionize our defenses. Vendors pitch increasingly sophisticated tools with astronomical price tags, and leadership teams eagerly…
XorDDoS Malware Upgrade Enables Creation of Advanced DDoS Botnets
Cisco Talos has uncovered significant advancements in the XorDDoS malware ecosystem, revealing a multi-layered infrastructure enabling sophisticated distributed denial-of-service (DDoS) attacks through a new “VIP version” of its controller and a centralized command system. Between November 2023 and February 2025,…
Researchers Uncover Stealthy Tactics and Techniques of StrelaStealer Malware
Cybersecurity experts have recently shed light on the sophisticated operations of StrelaStealer, also known by its alias Strela, revealing a suite of stealthy tactics employed in its information theft campaigns. This malware, spotlighted by IBM Security X-Force for its association…
PoC Released for Linux Kernel Vulnerability Allowing Privilege Escalation
A security vulnerability, tracked as CVE-2024-53141, has recently come to light in the Linux kernel’s ipset component. This flaw enables out-of-bounds (OOB) write on the kernel heap, which threat actors can exploit to execute arbitrary code with elevated privileges. Security researchers…
SpyMax Android Spyware: Full Remote Access to Monitor Any Activity
Threat intelligence experts at Perplexity uncovered an advanced variant of the SpyMax/SpyNote family of Android spyware, cleverly disguised as the official application of the Chinese Prosecutor’s Office (检察院). This malicious software was targeting Chinese-speaking users in mainland China and Hong…
KeyPlug Malware Server Leak Exposes Fortinet Firewall and VPN Exploitation Tools
Cybersecurity researchers have stumbled upon a treasure trove of operational tools and scripts linked to the KeyPlug malware, associated with the threat group RedGolf, also known as APT41. The server, which was inadvertently exposed for less than 24 hours, provided…
Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035)
CVE-2021-20035, an old vulnerability affecting Sonicwall Secure Mobile Access (SMA) 100 series appliances, is being exploited by attackers. Sonicwall confirmed it by updating the original security advisory to reflect the new state of play, and by changing the description of…
Cybersecurity Talent Gap
I love my job This isn’t said sarcastically or trying to convince myself. I genuinely love my job. I love my company and coworkers and the ability to help clients. I think I have the best job out there and…
U.S. CISA adds Apple products and Microsoft Windows NTLM flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple products and Microsoft Windows NTLM flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple products and Microsoft Windows NTLM vulnerabilities to its Known Exploited…
How Security Analyst Using Memory Forensics Tools To Enhance Advanced Incident Response
Memory forensics has become an indispensable component of modern incident response strategies, enabling security teams to detect and analyze sophisticated threats that would otherwise remain hidden. Unlike traditional disk forensics, memory analysis provides insights into running processes, network connections, and…
How To Use YARA Rules To Identify Financial Sector Targeted Attacks
The financial sector faces increasingly sophisticated cyber threats, with system intrusion remaining the leading attack pattern for the third consecutive year. Advanced Persistent Threat (APT) groups specifically target financial institutions using various tools, techniques, and procedures. YARA rules provide a…
Web Server Hardening Best Practices For Organizations Across Industries
Web server hardening is a critical security process that reduces an organization’s attack surface and helps defend against ransomware, malware, and other cyberthreats. In today’s threat landscape, web servers are prime targets for attackers as they often serve as the…
In Other News: 4chan Hacked, Android Auto-Reboot, Nemesis Admin Charged
Noteworthy stories that might have slipped under the radar: 4chan hacked, auto-reboot security feature coming to Android, Iranian administrator of Nemesis charged in US. The post In Other News: 4chan Hacked, Android Auto-Reboot, Nemesis Admin Charged appeared first on SecurityWeek.…
AMD Warns Of $800m Charge From US Chip Restrictions On China
Another big name chip maker expects a hefty financial charge, after the US tightened rules over exporting chips to China This article has been indexed from Silicon UK Read the original article: AMD Warns Of $800m Charge From US Chip…