Modern cybersecurity operations demand more than just collecting and storing logs. The true power of a Security Information and Event Management (SIEM) system is unlocked when it is enriched with external threat intelligence, providing context and actionable insights that transform…
Tag: Cyber Security News
New SheByte PaaS Offering $199 Subscription for Cyber Criminals
In the wake of LabHost’s shutdown in April 2024, a new player has emerged in the Phishing-as-a-Service (PhaaS) landscape, positioning itself as the heir apparent to the once-dominant platform. SheByte, which officially branded its services on Telegram in May 2024…
New Android SuperCard X Malware Employs NFC-Relay Technique for Fraudulent POS & ATM Withdrawals
A sophisticated Android malware campaign dubbed ‘SuperCard X’ has emerged as a significant threat to financial institutions and cardholders worldwide. This new malicious software employs an innovative Near-Field Communication (NFC) relay technique that enables attackers to fraudulently authorize Point-of-Sale (POS)…
State Sponsored Hackers Now Widely Using ClickFix Attack Technique in Espionage Campaigns
Security researchers have identified a concerning trend in the cyber threat landscape as state-sponsored hackers from multiple countries have begun adopting a relatively new social engineering technique called “ClickFix” in their espionage operations. The technique, which emerged in early March…
New Gorilla Android Malware Intercept SMS Messages to Steal OTPs
A sophisticated new Android malware strain called “Gorilla” has emerged in the cybersecurity landscape, specifically designed to intercept SMS messages containing one-time passwords (OTPs). This malicious software operates stealthily in the background, exploiting Android’s permission system to gain access to…
New Limitations Placed on DOGE’s Access to Private Social Security Information
A federal judge has issued a preliminary injunction that significantly limits the Department of Government Efficiency’s (DOGE) access to sensitive Social Security Administration (SSA) data. The ruling, handed down yesterday, found that the government had provided DOGE with access to…
How Companies Can Safeguard Against the Next Wave of Ransomware
Ransomware is not retreating it’s evolving. Once a niche cybercrime, ransomware has become a multibillion-dollar global threat that disrupts hospitals, banks, factories, and governments. In 2025, the threat continues to grow in scope and intensity, primarily driven by the ransomware-as-a-service…
Microsoft Warns of Ransomware Exploiting Cloud Environments with New Techniques
Microsoft has issued an alert regarding sophisticated ransomware attacks targeting hybrid cloud environments in Q1 2025. These attacks exploit vulnerabilities at the intersection of on-premises infrastructure and cloud services, challenging organizations with hybrid configurations. In a significant shift, North Korean…
Hackers Actively Exploiting Critical Exchange & SharePoint Server Vulnerabilities
Microsoft has warned organizations worldwide that threat actors are ramping up their exploitation of critical vulnerabilities in on-premises Exchange Server and SharePoint Server. These attacks, observed in recent months, have enabled cybercriminals to gain persistent and privileged access to targeted…
Detecting And Responding To New Nation-State Persistence Techniques
Nation-state cyber threats have evolved dramatically over the past decade, with attackers employing increasingly sophisticated persistence techniques to maintain long-term access within targeted environments. These advanced persistent threats (APTs) are often orchestrated by government-backed groups with significant resources, making them…
How To Prioritize Threat Intelligence Alerts In A High-Volume SOC
In today’s rapidly evolving cyber threat landscape, Security Operations Centers (SOCs) face an unprecedented challenge: efficiently managing and prioritizing the overwhelming volume of security alerts they receive daily. SOC analysts often can’t read and respond to a significant portion of…
How to Implementing SOAR To Reduce Incident Response Time Effectively
In the modern digital landscape, organizations are constantly challenged by an ever-increasing volume of security alerts, sophisticated cyber threats, and the ongoing shortage of skilled cybersecurity professionals. Security Orchestration, Automation, and Response (SOAR) platforms have emerged as a transformative solution…
Leaked KeyPlug Malware Infrastructure Contains Exploit Scripts to Hack Fortinet Firewall and VPN
A server briefly linked to the notorious KeyPlug malware has inadvertently exposed a comprehensive arsenal of exploitation tools specifically designed to target Fortinet firewall and VPN appliances. The infrastructure, which security researchers have attributed to the RedGolf threat group (overlapping…
Securing the Digital Transformation Journey – What CISOs Must Consider
Digital transformation is no longer a buzzword it is a strategic imperative for organizations seeking to stay competitive in an ever-evolving landscape. As businesses embrace cloud computing, artificial intelligence, IoT, and remote work, the attack surface expands exponentially. This evolution…
How Generative AI is Changing Red Team Tactics
The rapid evolution of generative AI has fundamentally transformed the landscape of cybersecurity, especially in the context of red teaming. Traditionally, red teams have focused on simulating adversarial attacks to uncover vulnerabilities in networks, software, and infrastructure. However, the unpredictable…
Fortinet Ends SSL-VPN Support From 7.6.3 Onwards!
Fortinet has announced the complete removal of SSL VPN tunnel mode functionality in the upcoming FortiOS 7.6.3 release. This change, affecting all FortiGate models regardless of size, marks the culmination of Fortinet’s gradual phase-out of SSL VPN that began with…
How to Build a Security Champions Program Within Your Organization
In today’s hyper-connected world, cybersecurity is no longer the sole responsibility of a dedicated security team. As organizations scale and technology becomes increasingly integrated into every aspect of business, the risks and attack surfaces multiply. Yet, security teams are often…
How to Use Passive DNS To Trace Hackers Command And Control Infrastructure
Passive DNS has emerged as a critical tool for cybersecurity professionals seeking to identify and track malicious command and control (C2) infrastructure. By creating a historical record of DNS activities, security teams can follow the digital breadcrumbs left by threat…
6,000,000+ Installed Chrome Extensions Can Execute Remote Commands on User’s Browser
A major security incident has come to light involving more than six million installations of Chrome browser extensions that secretly execute remote commands, track user activity, and potentially expose sensitive information. John Tuckner of secure Annex have identified at least…
Beware! Android Spyware ‘SpyMax’ Gain Total Control of Your Android Phone
A sophisticated Android spyware campaign has been uncovered, disguising itself as the official application of the Chinese Prosecutor’s Office (检察院). This advanced variant of the SpyMax/SpyNote family targets Chinese-speaking users across mainland China and Hong Kong, exploiting Android Accessibility Services…