The cybersecurity landscape has witnessed a dramatic evolution in attack methodologies, with fileless malware emerging as one of the most sophisticated and dangerous threats facing organizations today. Unlike traditional malware that relies on executable files stored on disk, fileless attacks…
Chinese Hackers Compromising High-Value IIS Servers to Manipulate Search Rankings
The Chinese-speaking cybercrime group UAT-8099 has been stealthily breaching valuable Internet Information Services (IIS) servers in India, Thailand, Vietnam, Canada, and Brazil to carry out extensive search engine optimization (SEO) fraud. This campaign, which began surfacing in early 2025, leverages…
DrayOS Routers Vulnerability Let Attackers Execute Malicious Code Remotely
A critical vulnerability has been discovered in DrayTek’s DrayOS routers, which could allow unauthenticated remote attackers to execute malicious code. The flaw, tracked as CVE-2025-10547, affects a wide range of Vigor router models, prompting administrators to apply security updates urgently.…
TOTOLINK X6000R Router Vulnerabilities Let Remote Attackers Execute Arbitrary Commands
Critical security flaws have been discovered in the TOTOLINK X6000R wireless router, exposing users to severe risks of remote code execution and unauthorized system access. These vulnerabilities affect the router’s web interface and various administrative functions, creating multiple attack vectors…
Oracle tells Clop-targeted EBS users to apply July patch, problem solved
Researchers suggest internet-facing portals are exposing ‘thousands’ of orgs Oracle has finally broken its silence on those Clop-linked extortion emails, but only to tell customers what they already should have known: patch your damn systems.… This article has been indexed…
Unauthenticated RCE Flaw Patched in DrayTek Routers
The security defect can be exploited remotely via crafted HTTP/S requests to a vulnerable device’s web user interface. The post Unauthenticated RCE Flaw Patched in DrayTek Routers appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Product Walkthrough: How Passwork 7 Addresses Complexity of Enterprise Security
Passwork is positioned as an on-premises unified platform for both password and secrets management, aiming to address the increasing complexity of credential storage and sharing in modern organizations. The platform recently received a major update that reworks all the core…
GhostSocks Malware-as-a-Service Turns Compromised Devices into Proxies for Threat Actors
On October 15, 2023, a threat actor using the handle GhostSocks published a sales post on the Russian cybercrime forum xss[.]is advertising a novel Malware-as-a-Service (MaaS) offering. The post introduced GhostSocks, a service designed to turn compromised Windows machines into…
IT Security News Hourly Summary 2025-10-03 12h : 6 posts
6 posts were published in the last hour 10:2 : What Is Identity Threat Detection and Response? 10:2 : Oracle Says Known Vulnerabilities Possibly Exploited in Recent Extortion Attacks 10:2 : Enterprise Vulnerability Management: Key Processes and Tools 10:2 :…
SideWinder Hacker Group Targets Users with Fake Outlook/Zimbra Portals to Steal Login Credentials
The notorious SideWinder APT group has intensified its credential harvesting operations across South Asia, deploying sophisticated phishing campaigns that target government, defense, and critical infrastructure organizations through fake webmail portals. The campaign represents a significant escalation from the group’s August…
MokN Raises $3 Million for Phish-Back Solution
The French cybersecurity startup tricks attackers into revealing stolen credentials so they can be neutralized. The post MokN Raises $3 Million for Phish-Back Solution appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: MokN…
Organizations Warned of Exploited Meteobridge Vulnerability
Patched in mid-May, the security defect allows remote unauthenticated attackers to execute arbitrary commands with root privileges. The post Organizations Warned of Exploited Meteobridge Vulnerability appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
New “Cavalry Werewolf” Attack Hits Russian Agencies with FoalShell and StallionRAT
A threat actor that’s known to share overlaps with a hacking group called YoroTrooper has been observed targeting the Russian public sector with malware families such as FoalShell and StallionRAT. Cybersecurity vendor BI.ZONE is tracking the activity under the moniker…
Hackers Target Unpatched Flaws in Oracle E-Business Suite
Patches for the targeted vulnerabilities were released in Oracle’s July 2025 security update This article has been indexed from www.infosecurity-magazine.com Read the original article: Hackers Target Unpatched Flaws in Oracle E-Business Suite
Hackers Exploit Grafana Vulnerability Allowing Arbitrary File Reads
Researchers at GreyNoise observed a sudden spike in attempts to exploit a well-known Grafana flaw. This vulnerability, tracked as CVE-2021-43798, allows attackers to traverse paths on a server and read any file they choose. Over the course of a single…
Threat Actors Mimic Popular Brands to Deceive Users and Deploy Malware in New Wave of Attacks
Cybercriminals have launched a sophisticated campaign that leverages brand impersonation techniques to distribute malware through deceptive SMS phishing (smishing) attacks. This emerging threat demonstrates an evolution in social engineering tactics, where attackers strategically craft URLs containing trusted brand names to…
Top 10 Best Account Takeover Protection Tools in 2025
Account Takeover (ATO) attacks have become one of the most pressing security concerns for businesses in 2025. With the rise of credential stuffing, phishing, brute force attacks, and bot-driven fraud, organizations must reinforce their digital defenses. Account takeover can lead…
New ‘Point-and-Click’ Phishing Kit Bypasses User Awareness and Security Filters to Deliver Malicious Payloads
A novel phishing kit has surfaced that enables threat actors to craft sophisticated lures with minimal technical expertise. This “point-and-click” toolkit combines an intuitive web interface with powerful payload delivery mechanisms. Attackers can select from preconfigured templates, customize branding elements,…
Threat Actors Leveraging WhatsApp Messages to Attack Windows Systems With SORVEPOTEL Malware
Enterprise networks worldwide are facing an aggressive, self-propagating malware campaign that exploits WhatsApp as its primary delivery mechanism. First observed in early September 2025 targeting Brazilian organizations, SORVEPOTEL spreads through convincing phishing messages carrying malicious ZIP attachments. Upon execution, the…
SideWinder Hacker Group Hosting Fake Outlook/Zimbra Portals to Steal Login Credentials
APT SideWinder, a state-sponsored threat actor long associated with espionage across South Asia, has recently launched a campaign deploying phishing portals that mimic legitimate Outlook and Zimbra webmail services. Emerging in mid-2025, this operation uses free hosting platforms such as…
WestJet Data Breach Impacts 1.2 Million Customers
WestJet revealed that customer personal details and membership data were stolen in the June 2025 attack This article has been indexed from www.infosecurity-magazine.com Read the original article: WestJet Data Breach Impacts 1.2 Million Customers
What Is Identity Threat Detection and Response?
Key insights: What is identity threat detection and response (ITDR)? What are the differences and similarities between ITDR and EDR? What are the alternatives to ITDR? Identity Threat Detection and Response (ITDR) is a comparatively new term in the cybersecurity…
Oracle Says Known Vulnerabilities Possibly Exploited in Recent Extortion Attacks
The software giant’s investigation showed that vulnerabilities patched in July 2025 may be involved. The post Oracle Says Known Vulnerabilities Possibly Exploited in Recent Extortion Attacks appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Enterprise Vulnerability Management: Key Processes and Tools
Learn about key processes and tools for enterprise vulnerability management, including vulnerability scanning, risk prioritization, and remediation strategies. The post Enterprise Vulnerability Management: Key Processes and Tools appeared first on Security Boulevard. This article has been indexed from Security Boulevard…