One of my hunting rules triggered some suspicious Python code, and, diving deeper, I found an interesting example of DLL side-loading. This technique involves placing a malicious DLL with the same name and export structure as a legitimate DLL in…
Category: EN
Cobalt Strike 4.11 Released with Built-In Evasion Features for Red Teams
Cobalt Strike, a highly advanced threat emulation tool, has released version 4.11, packing a robust suite of features designed to enhance evasion capabilities for red teams. This latest update introduces several novel technologies and improvements, solidifying Cobalt Strike’s position as…
Google Released Open Source Version of OSV-Scanner Tool for Vulnerability Scanning
Google has officially launched OSV-Scanner V2.0.0, a major upgrade to its open-source vulnerability scanning tool. Released on March 17, 2025, this new version represents a significant evolution in helping developers identify and fix security vulnerabilities in their software dependencies. The…
Microsoft Warns of StilachiRAT: A Stealthy RAT Targeting Credentials and Crypto Wallets
Microsoft is calling attention to a novel remote access trojan (RAT) named StilachiRAT that it said employs advanced techniques to sidestep detection and persist within target environments with an ultimate aim to steal sensitive data. The malware contains capabilities to…
Extortion crew threatened to inform Edward Snowden (?!) if victim didn’t pay up
Don’t laugh. This kind of warning shows crims are getting desperate Dark web analysts at infosec software vendor Fortra have discovered an extortion crew named Ox Thief that threatened to contact Edward Snowden if a victim didn’t pay to protect…
GitHub repositories targeted, Apache Tomcat RCE exploit, BEC campaigns target Microsoft 365
23,000 repositories targeted in popular GitHub action Apache Tomcat RCE exploit hits servers—no authentication required Microsoft 365 users targeted in new BEC campaigns Thanks to this week episode sponsor, DeleteMe Data brokers bypass online safety measures to sell your name,…
Thousands of British musicians fall silent over government AI plans
More than 1,000 British musicians have released a groundbreaking protest album titled “Is This What We Want?” Featuring notable artists such as Kate Bush, Annie… The post Thousands of British musicians fall silent over government AI plans appeared first on…
PoC Exploit Released for Linux Kernel Use-After-Free Vulnerability
A proof-of-concept (PoC) exploit has been released for a use-after-free vulnerability in the Linux kernel, identified as CVE-2024-36904. This vulnerability is located in the TCP subsystem of the Linux kernel and is caused by the inet_twsk_hashdance() function inserting the time-wait socket into…
Critical Apache Tomcat RCE Vulnerability Exploited in Just 30hrs of Public Exploit
Security researchers have confirmed that a critical remote code execution (RCE) vulnerability in Apache Tomcat, tracked as CVE-2025-24813, is being actively exploited in the wild. The vulnerability, which enables attackers to take control of servers with a simple PUT request,…
How financial institutions can minimize their attack surface
In this Help Net Security interview, Sunil Mallik, CISO of Discover Financial Services, discusses cybersecurity threats for financial institutions. He also shares insights on balancing compliance with agility, lessons from regulatory audits, and Discover’s approach to risk management and workforce…
Cyber Attack halts a murder shooting trial in American court
To date, we have seen numerous cyberattacks targeting critical infrastructure such as hospitals, power grids, water utilities, and even nuclear plants. However, it’s less common to think about how a digital assault could directly impact the judicial system. Imagine this…
How to Identify Zero-Day Attacks and Their Repercussions
In the ever-evolving landscape of cybersecurity, one of the most alarming and dangerous threats is the Zero-Day attack. These attacks exploit vulnerabilities in software or hardware that are unknown to the vendor or have not yet been patched. Due to…
Denmark Issues Warning on Major Cyber Attacks Targeting Telecom Sector
Denmark has announced a heightened alert status for the telecommunications sector due to an increased threat from cyber attacks. According to a recent threat assessment by the Danish Agency for Social Security, the risk level for cyber espionage against the…
Hackers target AI and crypto as software supply chain risks grow
The growing sophistication of software supply chain attacks is driven by widespread flaws in open-source and third-party commercial software, along with malicious campaigns that specifically target AI and cryptocurrency development pipelines, according to a ReversingLabs report. According to ReversingLabs data,…
Google Launches Open-Source OSV-Scanner for Detecting Security Vulnerabilities
Google has announced the launch of OSV-Scanner V2, an open-source tool designed to enhance vulnerability scanning and remediation across various software ecosystems. This update follows the recent release of OSV-SCALIBR, another powerful tool in the OSV suite, which together form a comprehensive…
Cybersecurity jobs available right now: March 18, 2025
Application Security Expert monday.com | United Kingdom | Hybrid – View job details As an Application Security Expert, you will provide guidance on security best practices and compliance, and undertake security testing. Develop security testing plans and integrate them into…
SOAR vs SIEM: What’s the Difference?
The post SOAR vs SIEM: What’s the Difference? appeared first on AI Security Automation. The post SOAR vs SIEM: What’s the Difference? appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read the original article: SOAR…
UK NHS API Flaw Exposes Critical Mobile Security Risks
A recent vulnerability discovered in an UK National Health Service HS API has once again highlighted the risks associated with insecure mobile application programming interfaces (APIs). The flaw reportedly allowed unauthorized access to sensitive patient data, raising serious concerns about…
ISC Stormcast For Tuesday, March 18th, 2025 https://isc.sans.edu/podcastdetail/9368, (Tue, Mar 18th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, March 18th, 2025…
‘Dead simple’ hijacking hole in Apache Tomcat ‘now actively exploited in the wild’
One PUT request, one poisoned session file, and the server’s yours A trivial flaw in Apache Tomcat that allows remote code execution and access to sensitive files is said to be under attack in the wild within a week of…