The title of this diary is based on the string I found in a malicious Python script that implements many anti-debugging techniques. If some were common, others were interesting and demonstrated how low-level high-level languages like Python can access operating…
Tag: EN
Beware of Lazarus LinkedIn Recruiting Scam Targeting Org’s To Deliver Malware
The North Korea-linked Lazarus Group (aka APT 38) has been targeting organizations through a LinkedIn recruiting scam. Through this scam threat actors behind Lazarus Group aim to capture the credentials and deliver malware. This malicious operation exploits the trust in…
Ubuntu is Now Available on New Windows Subsystem for Linux Distribution Architecture
Canonical, the company behind Ubuntu, has announced that Ubuntu is now available on Microsoft’s new tar-based distribution architecture for Windows Subsystem for Linux (WSL). This development marks a significant shift in how Linux distributions can be deployed and managed within…
Weaponizing Windows Background Images to Gain Admin Access Using AnyDesk Vulnerability
A recently disclosed vulnerability in AnyDesk, a widely used remote desktop software, has raised significant cybersecurity concerns. The vulnerability identified by CVE-2024-12754 and tracked by ZDI-24-1711 allows local attackers to exploit the handling of Windows background images to gain unauthorized…
Cyabra Insights protects against AI-driven digital disinformation
Cyabra introduces Insights, a new AI-feature designed to transform complex social media disinformation data into clear, actionable answers in seconds. False narratives, fake accounts, and AI-generated content are spreading faster than ever, costing businesses and governments billions annually and eroding…
Spain arrests hacker, FCC Robocallers, Ransoms decrease 35%
Spain arrests hacker of U.S. and Spanish military agencies Robocallers called the FCC pretending to be from the FCC Ransomware payments decreased 35% year-over-year Huge thanks to our episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint…
MobSF Framework Zero-Day Vulnerability Allows Attackers to Trigger DoS in Scan Results
A recently discovered zero-day vulnerability in the Mobile Security Framework (MobSF) has raised alarms in the cybersecurity community. The vulnerability, which allows attackers to cause a partial Denial of Service (DoS) on scan results and the iOS Dynamic Analyzer functionality,…
Comparing “Records of Processing Activities” (ROPA) and “Data Protection Impact Assessments” (DPIA) (with Podcast)
Understanding ROPA and DPIA: Key GDPR Concepts for Tech Companies Podcast of this article: Let’s explore two essential components of GDPR compliance: Records of Processing Activities (ROPA) and Data Protection Impact Assessments (DPIA). ROPA provides a comprehensive…
AnyDesk Flaw Allows Admin Access Through Weaponized Windows Wallpapers
Cybersecurity enthusiasts and IT administrators worldwide are voicing concerns over a newly discovered vulnerability in AnyDesk that could lead to local privilege escalation (LPE). The vulnerability, identified as CVE-2024-12754 and coordinated by Trend Micro’s Zero Day Initiative, allows attackers to weaponize Windows…
Why Cybersecurity Is Everyone’s Responsibility
For long-time cybersecurity industry veterans, we’re in an age that once we never thought possible; cybersecurity has moved from a backroom, “IT-only” relegation to a top-of-mind business objective. Right where we always thought it should be. However, this new era…
DeepSeek’s New Jailbreak Method Reveals Full System Prompt
The Wallarm Security Research Team unveiled a new jailbreak method targeting DeepSeek, a cutting-edge AI model making waves in the global market. This breakthrough has exposed DeepSeek’s full system prompt—sparking debates about the security vulnerabilities of modern AI systems and…
University site cloned to evade ad detection distributes fake Cisco installer
Malvertisers got inspired by the website for a German university to bypass ad security and distribute malware. This article has been indexed from Malwarebytes Read the original article: University site cloned to evade ad detection distributes fake Cisco installer
Ubuntu Officially Available on the Updated Windows Subsystem for Linux
Ubuntu has announced its availability on Microsoft’s new tar-based Windows Subsystem for Linux (WSL) distribution architecture. This enhancement simplifies deployment and improves scalability, making Ubuntu on WSL more accessible and optimized for enterprise environments. Ubuntu has long been a popular…
Password Stealing Malware Attacking macOS Users Increasing Rapidly
In recent months, macOS users have faced a significant rise in password-stealing malware attacks. These threats, often distributed through malicious advertising and fake application installers, have become increasingly sophisticated. Three prominent malware types, “Atomic Stealer,” “Poseidon Stealer,” and “Cthulhu Stealer”…
IT Liability Concerns
According to research, the number of data breaches is increasing year over year. Worse yet, for businesses, data loss may not be the most considerable cost associated with an IT incident — it could result in a lawsuit from customers,…
Qualys Report Raises Red Flags in DeepSeek-RI Security
A recent security analysis conducted by Qualys, using its AualysTotalAI solution, has raised significant concerns about DeepSeek-RI’s risks, particularly in enterprise and regulatory settings. The newly released large language model (LLM) has captured global attention with its promise of high…
The overlooked risks of poor data hygiene in AI-driven organizations
In this Help Net Security interview, Oliver Friedrichs, CEO at Pangea, discusses why strong data hygiene is more important than ever as companies integrate AI into their operations. With AI-driven applications handling sensitive enterprise data, poor access controls and outdated…
Credential-stealing malware surges in 2024
Malware designed to steal credentials from password stores now accounts for 25% of all malware activity—a dramatic threefold increase in this type of threat. This was one of the findings of Picus Security’s annual cybersecurity analysis, The Red Report 2025.…
Critical Cisco ISE Vulnerabilities Allow Arbitrary Command Execution Remotely
Cisco has disclosed two critical vulnerabilities in its Identity Services Engine (ISE) software that could allow authenticated, remote attackers to execute arbitrary commands, elevate privileges, and manipulate system configurations on affected devices. These vulnerabilities tracked as CVE-2025-20124 and CVE-2025-20125, have…
New Malware Attacking Users of Indian Banks To Steal Aadhar, PAN, ATM & Credit Card PINs
A recent cybersecurity threat has emerged in India, targeting users of various Indian banks with a sophisticated malware campaign. This campaign, discovered by the zLabs research team, involves nearly 900 malware samples designed to steal sensitive financial and personal data,…