Supervisory Control and Data Acquisition (SCADA) systems play a pivotal role in managing critical infrastructure across sectors like energy, manufacturing, and more. However, this digital transformation also brings with it a heightened vulnerability to cyber threats. Recent research by our…
Category: EN
Elastic expands partnership with Tines to scale security operations
Elastic announced an expanded partnership with an integrated offering that includes Tines Workflow Automation and the Elastic Search AI Platform to simplify security and observability workflow automation. The partnership equips security teams with security orchestration, automation and response (SOAR) and…
AI In Software Development: Balancing Innovation and Security in An Era of Lowered Barriers
AI is reshaping software development. The advent of sophisticated AI models such as DeepSeek and Ghost GPT has democratized access to powerful AI-assisted coding tools, pushing the boundaries of innovation… The post AI In Software Development: Balancing Innovation and Security…
Attackers Hide Malicious Word Files Inside PDFs to Evade Detection
A newly identified cybersecurity threat involves attackers embedding malicious Word files within PDFs to deceive detection systems. This technique, confirmed by JPCERT/CC, exploits the fact that files created using MalDoc in PDF can be opened in Microsoft Word, even though…
Sante PACS Server Flaws Allow Remote Attackers to Download Arbitrary Files
Recently, several critical vulnerabilities were discovered in Sante PACS Server version 4.1.0, leaving it susceptible to severe security breaches. These vulnerabilities, identified by CVE-2025-2263, CVE-2025-2264, CVE-2025-2265, and CVE-2025-2284, expose the server to potential attacks that can lead to unauthorized access, data breaches, and denial-of-service…
Is Firebase Phishing a Threat to Your Organization?
Check Point researchers have uncovered a sophisticated credential harvesting attack that leverages Firebase, a popular web application hosting service. This attack involves the creation of highly convincing and professionally designed phishing web pages that impersonate well-known services. The attackers also…
Linux Foundation’s trust scorecards aim to battle rising open-source security threats
How do you tell the difference between trustworthy open-source developers and hackers? Here’s one idea. This article has been indexed from Latest stories for ZDNET in Security Read the original article: Linux Foundation’s trust scorecards aim to battle rising open-source…
Ex-US Cyber Command chief: Europe and 5 Eyes can’t fully replicate US intel
Cue deepening existential European dread as Rest of World contemplates Trump turning off the info tap If the United States stopped sharing cyber-threat intel with Ukraine, its European allies and the rest of the Five Eyes nations wouldn’t be able…
Researchers name several countries as potential Paragon spyware customers
The Citizen Lab said it believes several governments may be customers of spyware maker Paragon Solutions. © 2024 TechCrunch. All rights reserved. For personal use only. This article has been indexed from Security News | TechCrunch Read the original article:…
Hackers Leveraging Azure App Proxy Pre-authentication to Access Orgs Private Network Resources
Recent security findings reveal that threat actors are actively exploiting misconfigured Azure application proxies to gain unauthorized access to organizations’ internal resources. When Azure app proxy pre-authentication is set to “Passthrough” instead of the default “Microsoft Entra ID” setting, private…
PHP RCE Vulnerability Actively Exploited in Wild to Attack Windows-based Systems
Security researchers at Bitdefender Labs have detected a significant surge in exploitation attempts targeting a critical PHP vulnerability that allows attackers to execute malicious code on Windows-based systems. The vulnerability, tracked as CVE-2024-4577, has been actively exploited since June 2024,…
MirrorFace Hackers Customized AsyncRAT Execution Chain to Run Within Windows Sandbox
The China-aligned advanced persistent threat (APT) group MirrorFace has updated its tactics, techniques, and procedures (TTPs) with a sophisticated approach to deploying malware. Known primarily for targeting Japanese entities, the group has expanded its operations to include a Central European…
Threat Actors Exploiting DLL Side-Loading Vulnerability in Google Chrome to Execute Malicious Payloads
Cybersecurity researchers have identified a concerning new attack vector where threat actors are actively exploiting a vulnerability in Google Chrome version 133.0.6943.126 through DLL side-loading techniques. This sophisticated attack allows malicious code execution through Chrome’s trusted subprocesses, creating a significant…
Hackers Abuse Cobalt Strike, SQLMap & Other Tools to Target Organizations’ Web Applications
Cybersecurity experts have uncovered a sophisticated campaign targeting enterprise web applications through the abuse of legitimate penetration testing tools. Threat actors are increasingly leveraging professional security tools including Cobalt Strike, SQLMap, and other reconnaissance utilities to compromise corporate networks with…
Industry Moves for the week of March 17, 2025 – SecurityWeek
Explore industry moves and significant changes in the industry for the week of March 17, 2025. Stay updated with the latest industry trends and shifts. This article has been indexed from SecurityWeek Read the original article: Industry Moves for the…
Chinese Hacking Group MirrorFace Targeting Europe
Chinese hacking group MirrorFace has targeted a Central European diplomatic institute with the Anel backdoor and AsyncRAT. The post Chinese Hacking Group MirrorFace Targeting Europe appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
Windows has an 8-year-old security issue that is exploited and known by Microsoft for some time
Microsoft is doing a commendable job when it comes to Windows security. Keeping billions of devices secure is no small feat. Sometimes, however, it appears that someone at Microsoft is pushing the […] Thank you for being a Ghacks reader.…
Reimagining the future of connectivity with Network 2.0
The internet, as we know it today, is built on flawed architecture, it is bidirectional. Every online action – whether it be browsing, shopping, or socialising – comes at the risk of cyberattacks in the form of phishing, malware and…
Hackers Hide VenomRAT Malware Inside Virtual Hard Disk Image File
Hackers are using .VHD files to spread VenomRAT malware, bypassing security software, reveals Forcepoint X-Labs. Learn how this stealthy attack works and how to protect yourself. This article has been indexed from Hackread – Latest Cybersecurity, Tech, AI, Crypto &…
ClearFake Infects 9,300 Sites, Uses Fake reCAPTCHA and Turnstile to Spread Info-Stealers
The threat actors behind the ClearFake campaign are using fake reCAPTCHA or Cloudflare Turnstile verifications as lures to trick users into downloading malware such as Lumma Stealer and Vidar Stealer. ClearFake, first highlighted in July 2023, is the name given…