Researchers uncovered a critical vulnerability in Amazon Web Services (AWS) involving Amazon Machine Images (AMIs). Dubbed the “whoAMI” attack, this exploit leverages a name confusion attack, a subset of supply chain attacks, to gain unauthorized code execution within AWS accounts. …
Tag: EN
Path Confusion in Nginx/Apache Leads to Critical Auth Bypass in PAN-OS
Palo Alto Networks has recently disclosed a critical vulnerability in its PAN-OS network security operating system, tracked as CVE-2025-0108, which allows attackers to bypass authentication on the management web interface. This vulnerability, with a CVSSv3.1 score of 7.8, exposes affected…
Have I Been Pwned Likely to Ban Resellers Subscriptions
Have I Been Pwned (HIBP), a popular data breach notification service, has expressed a strong inclination to ban resellers from obtaining platform memberships. Troy Hunt made this decision after thoroughly examining the excessive support burden these resellers impose on the…
FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux
Threat hunters have shed light on a new campaign targeting the foreign ministry of an unnamed South American nation with bespoke malware capable of granting remote access to infected hosts. The activity, detected in November 2024, has been attributed by…
Critical Vulnerability in Crowdstrike Falcon Sensor for Linux Enables TLS MiTM Exploits
CrowdStrike has disclosed a critical vulnerability (CVE-2025-1146) in its Falcon Sensor for Linux, its Falcon Kubernetes Admission Controller, and its Falcon Container Sensor. This flaw stems from a validation logic error in the handling of TLS (Transport Layer Security) connections,…
Russian Hackers Leverages Weaponized Microsoft Key Management Service (KMS) to Hack Windows Systems
In a calculated cyber-espionage campaign, the Russian state-sponsored hacking group Sandworm (APT44), linked to the GRU (Russia’s Main Intelligence Directorate), has been exploiting pirated Microsoft Key Management Service (KMS) activation tools to target Ukrainian Windows systems. This operation, active since…
APT43 Hackers Targeting Academic Institutions Using Exposed Credentials
APT43, also known by aliases such as Black Banshee, Emerald Sleet, and Kimsuky, is a North Korean state-sponsored cyber threat actor linked to the Reconnaissance General Bureau (RGB). This group is primarily motivated by espionage and has recently expanded its…
SaaS Security: Connecting Posture Management & Identity Risk
SaaS security posture management and identity risk are deeply connected. Learn how to unify visibility, automation, and control to protect your SaaS ecosystem. The post SaaS Security: Connecting Posture Management & Identity Risk appeared first on Security Boulevard. This article…
Grip SSPM: Next Evolution in SaaS Identity Risk Management
Grip SSPM enhances SaaS security by automating misconfiguration fixes, engaging app owners, and unifying risk management for a smarter, proactive defense. The post Grip SSPM: Next Evolution in SaaS Identity Risk Management appeared first on Security Boulevard. This article has…
Salvador Tech releases Edge-Recovery Platform
Salvador Tech introduced a Edge-Recovery Platform, a leap forward in comprehensive cyber resilience in the Operational Technology (OT) and Industrial Control Systems (ICS) landscape. This new platform will deliver a solution that enables instant recovery for manufacturers and critical infrastructure…
DOGE hacks America? U.S. adversaries turn to cybercriminals? New LiDAR system ID faces a km away?
DOGE is hacking America This Ad-Tech company is powering surveillance of US military personnel Apple and Google take down malicious mobile apps from their app stores Huge thanks to our sponsor, Vanta Do you know the status of your compliance…
Amazon Machine Image Vulnerability Allows Hackers to Publish Fake Resources
A new security vulnerability targeting Amazon Machine Images (AMIs) has emerged, exposing organizations and users to potential exploitation. Dubbed the “whoAMI name confusion attack,” this flaw allows attackers to publish malicious virtual machine images under misleading names, tricking unsuspecting users…
CrowdStrike just killed 40 hours of SOC pain: Here’s how they did it
CrowdStrike is launching Charlotte AI Detection Triage, saving SOC teams over 40 hours a week and delivering over 98% accuracy. This article has been indexed from Security News | VentureBeat Read the original article: CrowdStrike just killed 40 hours of…
Sarcoma ransomware gang claims the theft of sensitive data from PCB maker Unimicron
The Sarcoma ransomware group announced a breach of the Taiwanese printed circuit board (PCB) manufacturing giant Unimicron. The Sarcoma ransomware group claims to have breached Taiwanese PCB manufacturer Unimicron, leaked sample files, and threatened a full data release if no…
Doxbin (TOoDA) – 136,461 breached accounts
In February 2025, the "doxing" website Doxbin was compromised by a group calling themselves "TOoDA" and the data dumped publicly. Included in the breach were 336k unique email addresses alongside usernames. The data was provided to HIBP by a source…
Sekoia.io achieves ISO 27001 compliance
This article is also available in French here. Today, we are pleased to celebrate a major achievement for Sekoia.io with the attainment of the ISO/IEC 27001:2022 certification. In this blog post, we’ll explain the journey to this high-end certification. What…
Hackers Using Pyramid Pentesting Tool For Stealthy C2 Communications
Hackers have been leveraging the open-source Pyramid pentesting tool to establish stealthy command-and-control (C2) communications. Pyramid, first released on GitHub in 2023, is a Python-based post-exploitation framework designed to evade endpoint detection and response (EDR) tools. Its lightweight HTTP/S server…
Mysterious Palo Alto firewall reboots? You’re not alone
Limited-edition hotfix to get wider release before end of month Administrators of Palo Alto Networks’ firewalls have complained the equipment falls over unexpectedly, and while a fix has bee prepared, it’s not yet generally available.… This article has been indexed…
How CIOs can lead the charge on AI, data, and business innovation
The growing momentum behind business innovation, particularly in the realm of AI and data, is increasingly driving how businesses operate, invest, and deliver value. Whilst this may not appear different from previous years, the proliferation of new technologies and tools…
BadPilot Attacking Network Devices To Expand Russian Seashell Blizzard’s Attacks
Microsoft Threat Intelligence has exposed a subgroup within the Russian state actor Seashell Blizzard, known as the “BadPilot campaign.” This subgroup has been conducting a multiyear operation to compromise Internet-facing infrastructure globally, expanding Seashell Blizzard’s reach beyond Eastern Europe. The…