As you may have noticed by some of my recent diaries, I have spent a bit more time on ssh and telnet credentials. These credentials are collected by Cowrie, the amazing full features SSH and Telnet honeypot maintained by Michel…
Tag: EN
White House reportedly blames auto-suggested iPhone contact for Signal scandal
How did Atlantic editor-in-chief Jeffrey Goldberg get added to a Signal group chat with Trump administration officials discussing their plans for an airstrike in Yemen? The simplest explanation: National Security Adviser Mike Waltz had Goldberg saved as a contact in…
BSidesLV24 – HireGround – How Living And Quilting History Made Me A Better Cybersecurity Professional
Author/Presenter: Mea Clift Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; and via the organizations YouTube channel. Permalink The post BSidesLV24…
North Korean Hackers Use 11 Malicious npm Packages to Propagate BeaverTail Malware
The North Korean threat actors behind the ongoing Contagious Interview campaign are expanding their tentacles on the npm ecosystem by distributing more malicious packages including the BeaverTail malware and a new remote access trojan (RAT) loader. “These latest samples…
Russia Accused of Carrying Out Over 50 Secret Operations Across Europe
In the last few years since the war in Ukraine began, several European countries have experienced unusual and suspicious activities. These events include online attacks, spying, fires, and efforts to spread false information. Investigations suggest that many of these…
Hackers Exploit WordPress Logins, Secretly Run Codes
Threat actors are exploiting the WordPress mu-plugins (“Must-Use Plugins”) directory to secretly execute malicious code on each page while avoiding detection. The technique was first observed by security researchers at Sucuri in February 2025, but adoption rates are on the…
What Are USB Kill Sticks and How They Can Destroy Your Devices
Most people think of USB drives as simple tools for storing and transferring files. But not all USB sticks are as harmless as they appear. Some, known as “USB Kill Sticks” or “USB Killers,” are specifically designed to damage…
Check Point Downplays Hacker’s Claims Amid Alleged Data Breach
A hacker using the alias “CoreInjection” has claimed responsibility for stealing what they describe as a “highly sensitive” dataset from cybersecurity firm Check Point. According to several media reports, the alleged stolen data includes user login credentials, employee contracts,…
Smishing Triad Broadens Fraud Campaign to Include Toll Payment Services
Tolling agencies throughout the United States are battling an escalating cybersecurity threat that is causing deceptive text message scams, which are often called smishing, to escalate. As a result of these fraudulent campaigns, unsuspecting motorists are lured into clicking…
Hack The box “Ghost” Challenge Cracked – A Detailed Technical Exploit
Cybersecurity researcher “0xdf” has cracked the “Ghost” challenge on Hack The Box (HTB), a premier platform for honing penetration testing skills, and shared an exhaustive technical breakdown on their GitLab blog. The write-up chronicles a sophisticated attack that navigates through…
Sec-Gemini v1 – Google’s New AI Model for Cybersecurity Threat Intelligence
Google has unveiled Sec-Gemini v1, an AI model designed to redefine cybersecurity operations by empowering defenders with advanced threat analysis, vulnerability assessment, and incident response capabilities. The experimental system, developed by a team led by Elie Burzstein and Marianna Tishchenko,…
Security Affairs newsletter Round 518 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. A flaw in…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 40
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape CISA Releases Malware Analysis Report on RESURGE Malware Associated with Ivanti Connect Secure Unboxing Anubis: Exploring the Stealthy Tactics of FIN7’s…
Why neglecting AI ethics is such risky business – and how to do AI right
Companies that combine innovation and trust have a competitive edge. Discover the best practices that ensure ethical, sustainable deployment. This article has been indexed from Latest stories for ZDNET in Security Read the original article: Why neglecting AI ethics is…
Expert used ChatGPT-4o to create a replica of his passport in just 5 minutes bypassing KYC
A researcher used ChatGPT-4o to create a replica of his passport in just five minutes, realistic enough to deceive most automated KYC systems. Polish researcher Borys Musielak (@michuk) used ChatGPT-4o to generate a fake passport in just five minutes. The…
Week in review: Probing activity on Palo Alto Networks GlobalProtect portals, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Attackers are probing Palo Alto Networks GlobalProtect portals Cybersecurity company GreyNoise is warning about a significant increase of scanning activity targeting internet-facing Palo Alto Networks…
10 Best Ransomware File Decryptor Tools – 2025
Ransomware file decryptor tools are essential for recovering data encrypted by malicious software without paying ransoms. These tools help victims regain access to their files by using decryption keys or algorithms to unlock the encrypted data. The No More Ransom…
U.S. Secures Extradition of Rydox Cybercrime Marketplace Admins from Kosovo in Major International Operation
The United States has successfully extradited two Kosovo nationals, Ardit Kutleshi, 26, and Jetmir Kutleshi, 28, from Kosovo to face charges in the Western District of Pennsylvania for their alleged roles as administrators of the Rydox cybercrime marketplace. The Rydox…
Microsoft Strengthens Outlook’s Email Ecosystem to Protect Inboxes
Microsoft Outlook will enforce stricter authentication requirements for high-volume senders, impacting domains that send over 5,000 emails daily. These changes, which will take effect on May 5, 2025, aim to enhance inbox protection and maintain trust in digital communication. Outlook’s…
Smart Strategies for Managing Machine Identities
Why is Smart Machine Identity Management Crucial? What comes to your mind when you think about cybersecurity? Most often, we conceptualize cybersecurity as a measure to protect user data, financial information, and other forms of human-associated identities. While these are…