Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) CVE-2025-0411, a Mark-of-the-Web bypass vulnerability in the open-source archiver tool 7-Zip that was fixed in November 2024, has…
Category: EN
10 Best UTM (Unified Threat Management) Firewalls – 2025
Unified Threat Management (UTM) firewall is a comprehensive cybersecurity solution that integrates multiple security functions into a single platform or appliance. It is designed to simplify security management, reduce costs, and provide robust protection against a variety of cyber threats. UTM solutions are especially popular among…
Hackers Use Forked Stealer to Breach Russian Businesses
As of January 2025, there were multiple attacks on Russian organizations across several industries, including finance, retail, information technology, government, transportation, and logistics, all of which have been targeted by BI.ZONE. The threat actors have used NOVA stealer, a…
Youthmanual – 937,912 breached accounts
In January 2019, the Indonesian college and career platform Youthmanual suffered a data breach that exposed 1.1M records of data. The breached included 938k unique email addresses along with extensive personal information including names, genders, dates and places of birth,…
Hackers Compromising IIS Servers to Deploy BadIIS Malware
A widespread campaign targeting Microsoft Internet Information Services (IIS) servers to deploy the BadIIS malware, a tool used for search engine optimization (SEO) fraud and malicious content injection. The campaign, attributed to the Chinese-speaking hacking group DragonRank, has affected over…
Justifying the Investment in Cloud Compliance
Why is Cloud Compliance Investment a Necessity? I often get asked, “Why is cloud compliance investment a necessity?” The answer is simple; it’s all about securing non-human identities (NHIs) and managing secrets. By understanding the importance of NHIs and secrets…
Getting Better at Detecting Cyber Threats
A Question of Preparedness: How Prepared Are You In Detecting Cyber Threats? How confident are you in your organization’s ability in detecting cyber threats? As more and more industries venture on full-scale digitization, the risks associated with cybersecurity also exponentially…
Exciting Advances in Privileged Access Management
Why should we be excited about Privileged Access Management? Have you ever pondered the gravity of the implications of not managing Non-Human Identities (NHIs) and their Secrets in your company’s cybersecurity strategy? The rapid digitization of industries such as healthcare,…
PlayStation Network Down; Outage Leaves Gamers Frustrated
PlayStation Network Down: PSN is experiencing a major outage, affecting account login, online gaming, PlayStation Store, and more.… This article has been indexed from Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News Read the original article: PlayStation Network Down;…
PlayStation Network outage has been going on for over 24 hours
PlayStation Network has been down for nearly a day, with little communication from Sony, leaving players frustrated. PlayStation Network has been down for almost a day all over the world, Sony confirmed it is aware of the global outage, but has…
Hackers Monetize LLMjacking, Selling Stolen AI Access for $30 per Month
LLMjacking attacks target DeepSeek, racking up huge cloud costs. Sysdig reveals a black market for LLM access has… This article has been indexed from Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News Read the original article: Hackers Monetize LLMjacking,…
Crypto Wallet Scam: Not For Free, (Sat, Feb 8th)
I did some research into multisig wallets (cfr “Crypto Wallet Scam”), and discovered that setting up such a wallet on the TRON network comes with a cost: about $23. This article has been indexed from SANS Internet Storm Center, InfoCON:…
Kimsuky APT group used custom RDP Wrapper version and forceCopy stealer
Researchers spotted North Korea’s Kimsuky APT group launching spear-phishing attacks to deliver forceCopy info-stealer malware. Researchers from AhnLab Security Intelligence Center (ASEC) observed North Korea’s Kimsuky APT group conducting spear-phishing attacks to deliver forceCopy info-stealer malware. Kimsuky cyberespionage group (aka ARCHIPELAGO, Black…
DEF CON 32 – From Easy Wins To Epic Challenges: Bounty Hunter Edition
Author/Presenter: Daniel Blaklis Le Gall Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.…
Mastercard to Eliminate 16-Digit Card Numbers by 2030 for Enhanced Security
In a strategic move to combat identity theft and fraud, Mastercard has announced plans to remove the traditional 16-digit card number from credit and debit cards by 2030. Instead, the company will implement tokenization and biometric authentication to enhance…
UK Is Ordering Apple to Break Its Own Encryption
The Washington Post is reporting that the UK government has served Apple with a “technical capability notice” as defined by the 2016 Investigatory Powers Act, requiring it to break the Advanced Data Protection encryption in iCloud for the benefit of…
Dangers of AI Phishing Scam and How to Spot Them
Supercharged AI phishing campaigns are extremely challenging to notice. Attackers use AI phishing scams with better grammar, structure, and spelling, to appear legit and trick the user. In this blog, we learn how to spot AI scams and avoid becoming…
Ethical Hacker Finds Security Flaw in Subaru Starlink, Gains Remote Access to Vehicles
A cybersecurity researcher recently discovered a serious vulnerability in Subaru’s Starlink system, allowing him to remotely control vehicles across the U.S., Canada, and Japan. The ethical hacker, Sam Curry, was able to unlock doors, start and stop engines, and…
RSA Encryption Breached by Quantum Computing Advancement
A large proportion of the modern digital world involves everyday transactions taking place on the internet, from simple purchases to the exchange of highly sensitive corporate data that is highly confidential. In this era of rapid technological advancement, quantum…
Quishing On The Rise: Strategies to Avert QR Code Phishing
QR codes are already ubiquitous: from restaurant menus to public transportation schedules, everyone wants you to scan theirs. This normalisation of scanning random QR codes is being exploited, resulting in a new cybersecurity threat known as Quishing. What is…