DERUUA

Latest news about information security vulnerabilities, threats, incidents and events

information security incidents

Prevention of security vulnerabilities, threats, and incidents described below is wiser and cheaper than forensic investigations and mitigation of the consequences of a cyber-attack.

You can get evidence of this fact from the news below.

Use our services to find and mitigate your security vulnerabilities before the security threat agents find them.




Cybersecurity Professional Standards

Discover how unified cybersecurity professional standards and the UK Cyber Security Council are redefining trust, talent, and resilience in finance.
More details.

Posted on Tue, 29 Jul 2025 11:41:52 +0000


TLPT: Threat Led Penetration Testing Explained

Discover how TLPT (threat led penetration testing) helps organizations validate defenses against real-world cyber threats. Learn who needs threat led pentesting, what drives demand, and how it differs from red teaming and classic pentesting...
More details.

Posted on Fri, 20 Jun 2025 08:00:00 +0000


EUVD Vulnerability Database: Europe’s Answer to CVE Instability

The EUVD marks a strategic shift in vulnerability management, offering a transparent and sovereign alternative to the U.S.-centric CVE system—backed by EU law.
More details.

Posted on Wed, 14 May 2025 09:11:06 +0000


Cyber Incident Response Tips for Small Businesses

Learn how small businesses can build cyber incident response plans by adapting practical strategies from the UK’s “Cyber Incident Grab Bag.”
More details.

Posted on Sat, 03 May 2025 14:06:58 +0000


CVE Under Threat: What You Need to Know

MITRE’s CVE contract expired on April 16, putting global vulnerability tracking at risk. Learn what’s happening and how the security community is responding.
More details.

Posted on Wed, 16 Apr 2025 15:01:36 +0000


Unforgivable Software Vulnerabilities

Some software vulnerabilities are unforgivable—easy to find, easy to fix, and never should’ve existed. Here’s how to spot and prevent them.
More details.

Posted on Fri, 04 Apr 2025 14:27:14 +0000


Preventing Crypto Exchange Hacks: Lessons from Bybit Heist

Bybit lost $1.4B in a North Korean hack via malware, fake UI, and blind signing. Learn key security strategies to protect exchanges from cyber threats!
More details.

Posted on Wed, 26 Feb 2025 09:27:46 +0000


Cyber Defense Using Cyber Kill Chain and MITRE ATT&CK Explained

Learn how the Cyber Kill Chain and MITRE ATT&CK Framework enhance security by identifying, detecting, and responding to cyber threats effectively.
More details.

Posted on Thu, 06 Feb 2025 13:41:48 +0000


The Future of Authentication: Passkeys vs Passwords and 2FA

Passkeys replace passwords with secure, easy logins using biometrics and cryptography, eliminating phishing, breaches, and 2FA issues.
More details.

Posted on Wed, 22 Jan 2025 09:22:47 +0000


Lessons from 2024’s Worst Cyberattacks and How to Stay Secure

Analyzing 2024’s biggest cyberattacks: breaches, vulnerabilities exploited, and actionable steps to strengthen defenses for 2025.
More details.

Posted on Mon, 13 Jan 2025 21:47:29 +0000


-
-
Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign

Microsoft on Thursday disclosed that it revoked more than 200 certificates used by a threat actor it tracks as Vanilla Tempest to fraudulently sign malicious binaries in ransomware attacks. The certificates were "used in fake Teams setup files to deliver the Oyster backdoor and ultimately deploy Rhysida ransomware," the Microsoft Threat Intelligence team said in a post shared on X...
More details.

Posted on Fri, 17 Oct 2025 11:33:00 +0530


North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts

A threat actor with ties to the Democratic People's Republic of Korea (aka North Korea) has been observed leveraging the EtherHiding technique to distribute malware and enable cryptocurrency theft, marking the first time a state-sponsored hacking group has embraced the method...
More details.

Posted on Thu, 16 Oct 2025 20:26:00 +0530


Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites

A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers, such as Atomic (AMOS), Lumma, Rhadamanthys (aka RADTHIEF), and Vidar, targeting both Windows and Apple macOS systems...
More details.

Posted on Thu, 16 Oct 2025 20:22:00 +0530


LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets

An investigation into the compromise of an Amazon Web Services (AWS)-hosted infrastructure has led to the discovery of a new GNU/Linux rootkit dubbed LinkPro, according to findings from Synacktiv. "This...
More details.

Posted on Thu, 16 Oct 2025 19:58:00 +0530


Architectures, Risks, and Adoption: How to Assess and Choose the Right AI-SOC Platform

Scaling the SOC with AI - Why now?  Security Operations Centers (SOCs) are under unprecedented pressure. According to SACR’s AI-SOC Market Landscape 2025, the average organization now faces around 960 alerts per day, while large enterprises manage more than 3,000 alerts daily from an average of 28 different tools...
More details.

Posted on Thu, 16 Oct 2025 17:25:00 +0530


Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in 'Zero Disco' Attacks

Cybersecurity researchers have disclosed details of a new campaign that exploited a recently disclosed security flaw impacting Cisco IOS Software and IOS XE Software to deploy Linux rootkits on older, unprotected systems...
More details.

Posted on Thu, 16 Oct 2025 17:08:00 +0530


Beware the Hidden Costs of Pen Testing

Penetration testing helps organizations ensure IT systems are secure, but it should never be treated in a one-size-fits-all approach. Traditional approaches can be rigid and cost your organization time and money – while producing inferior results...
More details.

Posted on Thu, 16 Oct 2025 16:20:00 +0530


ThreatsDay Bulletin: $15B Crypto Bust, Satellite Spying, Billion-Dollar Smishing, Android RATs & More

The online world is changing fast. Every week, new scams, hacks, and tricks show how easy it’s become to turn everyday technology into a weapon. Tools made to help us work, connect, and stay safe are now being used to steal, spy, and deceive...
More details.

Posted on Thu, 16 Oct 2025 14:44:00 +0530


CISA Flags Adobe AEM Flaw with Perfect 10.0 Score — Already Under Active Attack

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Adobe Experience Manager to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation...
More details.

Posted on Thu, 16 Oct 2025 09:56:00 +0530


Chinese Threat Group 'Jewelbug' Quietly Infiltrated Russian IT Network for Months

A threat actor with ties to China has been attributed to a five-month-long intrusion targeting a Russian IT service provider, marking the hacking group's expansion to the country beyond Southeast Asia and South America...
More details.

Posted on Wed, 15 Oct 2025 22:58:00 +0530


F5 Breach Exposes BIG-IP Source Code — Nation-State Hackers Behind Massive Intrusion

U.S. cybersecurity company F5 on Wednesday disclosed that unidentified threat actors broke into its systems and stole files containing some of BIG-IP's source code and information related to undisclosed vulnerabilities in the product...
More details.

Posted on Wed, 15 Oct 2025 21:36:00 +0530


Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks

New research has uncovered that publishers of over 100 Visual Studio Code (VS Code) extensions leaked access tokens that could be exploited by bad actors to update the extensions, posing a critical software supply chain risk...
More details.

Posted on Wed, 15 Oct 2025 19:46:00 +0530


How Attackers Bypass Synced Passkeys

TLDR Even if you take nothing else away from this piece, if your organization is evaluating passkey deployments, it is insecure to deploy synced passkeys. Synced passkeys inherit the risk of the cloud accounts and recovery processes that protect them, which creates material enterprise exposure...
More details.

Posted on Wed, 15 Oct 2025 17:00:00 +0530


Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped

Microsoft on Tuesday released fixes for a whopping 183 security flaws spanning its products, including three vulnerabilities that have come under active exploitation in the wild, as the tech giant officially ended support for its Windows 10 operating system unless the PCs are enrolled in the Extended Security Updates (ESU) program...
More details.

Posted on Wed, 15 Oct 2025 14:53:00 +0530


Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control

Cybersecurity researchers have disclosed two critical security flaws impacting Red Lion Sixnet remote terminal unit (RTU) products that, if successfully exploited, could result in code execution with the highest privileges...
More details.

Posted on Wed, 15 Oct 2025 12:20:00 +0530


Hackers Target ICTBroadcast Servers via Cookie Exploit to Gain Remote Shell Access

Cybersecurity researchers have disclosed that a critical security flaw impacting ICTBroadcast, an autodialer software from ICT Innovations, has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2025-2611 (CVSS score: 9...
More details.

Posted on Wed, 15 Oct 2025 11:46:00 +0530


New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login

SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS Java that could result in arbitrary command execution. The vulnerability, tracked as CVE-2025-42944, carries a CVSS score of 10...
More details.

Posted on Wed, 15 Oct 2025 11:06:00 +0530


Chinese Hackers Exploit ArcGIS Server as Backdoor for Over a Year

Threat actors with ties to China have been attributed to a novel campaign that compromised an ArcGIS system and turned it into a backdoor for more than a year. The activity, per ReliaQuest, is the handiwork of a Chinese state-sponsored hacking group called Flax Typhoon, which is also tracked as Ethereal Panda and RedJuliett...
More details.

Posted on Tue, 14 Oct 2025 22:25:00 +0530


Moving Beyond Awareness: How Threat Hunting Builds Readiness

Every October brings a familiar rhythm - pumpkin-spice everything in stores and cafés, alongside a wave of reminders, webinars, and checklists in my inbox. Halloween may be just around the corner, yet for those of us in cybersecurity, Security Awareness Month is the true seasonal milestone...
More details.

Posted on Tue, 14 Oct 2025 17:25:00 +0530


RMPocalypse: Single 8-Byte Write Shatters AMD’s SEV-SNP Confidential Computing

Chipmaker AMD has released fixes to address a security flaw dubbed RMPocalypse that could be exploited to undermine confidential computing guarantees provided by Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP)...
More details.

Posted on Tue, 14 Oct 2025 17:15:00 +0530


New Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without Permissions

Android devices from Google and Samsung have been found vulnerable to a side-channel attack that could be exploited to covertly steal two-factor authentication (2FA) codes, Google Maps timelines, and other sensitive data without the users' knowledge pixel-by-pixel...
More details.

Posted on Tue, 14 Oct 2025 16:48:00 +0530


What AI Reveals About Web Applications— and Why It Matters

Before an attacker ever sends a payload, they’ve already done the work of understanding how your environment is built. They look at your login flows, your JavaScript files, your error messages, your API documentation, your GitHub repos...
More details.

Posted on Tue, 14 Oct 2025 16:30:00 +0530


npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels

Cybersecurity researchers have identified several malicious packages across npm, Python, and Ruby ecosystems that leverage Discord as a command-and-control (C2) channel to transmit stolen data to actor-controlled webhooks...
More details.

Posted on Tue, 14 Oct 2025 12:39:00 +0530


Researchers Expose TA585’s MonsterV2 Malware Capabilities and Attack Chain

Cybersecurity researchers have shed light on a previously undocumented threat actor called TA585 that has been observed delivering an off-the-shelf malware called MonsterV2 via phishing campaigns. The Proofpoint Threat Research Team described the threat activity cluster as sophisticated, leveraging web injections and filtering checks as part of its attack chains...
More details.

Posted on Tue, 14 Oct 2025 10:58:00 +0530


⚡ Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More

Every week, the cyber world reminds us that silence doesn’t mean safety. Attacks often begin quietly — one unpatched flaw, one overlooked credential, one backup left unencrypted. By the time alarms sound, the damage is done...
More details.

Posted on Mon, 13 Oct 2025 18:48:00 +0530


Why Unmonitored JavaScript Is Your Biggest Holiday Security Risk

Think your WAF has you covered? Think again. This holiday season, unmonitored JavaScript is a critical oversight allowing attackers to steal payment data while your WAF and intrusion detection systems see nothing...
More details.

Posted on Mon, 13 Oct 2025 17:20:00 +0530


Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors

Malware campaigns distributing the RondoDox botnet have expanded their targeting focus to exploit more than 50 vulnerabilities across over 30 vendors. The activity, described as akin to an "exploit...
More details.

Posted on Mon, 13 Oct 2025 15:42:00 +0530


Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor

Microsoft said it has revamped the Internet Explorer (IE) mode in its Edge browser after receiving "credible reports" in August 2025 that unknown threat actors were abusing the backward compatibility feature to gain unauthorized access to users' devices...
More details.

Posted on Mon, 13 Oct 2025 15:24:00 +0530


Astaroth Banking Trojan Abuses GitHub to Remain Operational After Takedowns

Cybersecurity researchers are calling attention to a new campaign that delivers the Astaroth banking trojan that employs GitHub as a backbone for its operations to stay resilient in the face of infrastructure takedowns...
More details.

Posted on Mon, 13 Oct 2025 12:22:00 +0530


New Rust-Based Malware "ChaosBot" Uses Discord Channels to Control Victims' PCs

Cybersecurity researchers have disclosed details of a new Rust-based backdoor called ChaosBot that can allow operators to conduct reconnaissance and execute arbitrary commands on compromised hosts. "Threat...
More details.

Posted on Mon, 13 Oct 2025 10:42:00 +0530


New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login

Oracle on Saturday issued a security alert warning of a fresh security flaw impacting its E-Business Suite that it said could allow unauthorized access to sensitive data. The vulnerability, tracked as CVE-2025-61884, carries a CVSS score of 7...
More details.

Posted on Sun, 12 Oct 2025 22:54:00 +0530


Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts

Cybersecurity company Huntress on Friday warned of "widespread compromise" of SonicWall SSL VPN devices to access multiple customer environments. "Threat actors are authenticating into multiple accounts rapidly across compromised devices," it said...
More details.

Posted on Sat, 11 Oct 2025 19:00:00 +0530


Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks

Threat actors are abusing Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in connection with ransomware attacks likely orchestrated by Storm-2603 (aka CL-CRI-1040 or Gold Salem), which is known for deploying the Warlock and LockBit ransomware...
More details.

Posted on Sat, 11 Oct 2025 18:34:00 +0530


Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers

Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that has leveraged Node.js' Single Executable Application (SEA) feature as a way to distribute its payloads...
More details.

Posted on Fri, 10 Oct 2025 19:55:00 +0530


Microsoft Warns of ‘Payroll Pirates’ Hijacking HR SaaS Accounts to Steal Employee Salaries

A threat actor known as Storm-2657 has been observed hijacking employee accounts with the end goal of diverting salary payments to attacker-controlled accounts. "Storm-2657 is actively targeting a range of U...
More details.

Posted on Fri, 10 Oct 2025 19:01:00 +0530


From Detection to Patch: Fortra Reveals Full Timeline of CVE-2025-10035 Exploitation

Fortra on Thursday revealed the results of its investigation into CVE-2025-10035, a critical security flaw in GoAnywhere Managed File Transfer (MFT) that's assessed to have come under active exploitation since at least September 11, 2025...
More details.

Posted on Fri, 10 Oct 2025 17:12:00 +0530


The AI SOC Stack of 2026: What Sets Top-Tier Platforms Apart?

The SOC of 2026 will no longer be a human-only battlefield. As organizations scale and threats evolve in sophistication and velocity, a new generation of AI-powered agents is reshaping how Security Operations Centers (SOCs) detect, respond, and adapt...
More details.

Posted on Fri, 10 Oct 2025 16:30:00 +0530


175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign

Cybersecurity researchers have flagged a new set of 175 malicious packages on the npm registry that have been used to facilitate credential harvesting attacks as part of an unusual campaign. The packages...
More details.

Posted on Fri, 10 Oct 2025 16:15:00 +0530


From LFI to RCE: Active Exploitation Detected in Gladinet and TrioFox Vulnerability

Cybersecurity company Huntress said it has observed active in-the-wild exploitation of an unpatched security flaw impacting Gladinet CentreStack and TrioFox products. The zero-day vulnerability, tracked as CVE-2025-11371 (CVSS score: 6...
More details.

Posted on Fri, 10 Oct 2025 15:04:00 +0530


CL0P-Linked Hackers Breach Dozens of Organizations Through Oracle Software Flaw

Dozens of organizations may have been impacted following the zero-day exploitation of a security flaw in Oracle's E-Business Suite (EBS) software since August 9, 2025, Google Threat Intelligence Group (GTIG) and Mandiant said in a new report released Thursday...
More details.

Posted on Fri, 10 Oct 2025 12:11:00 +0530


From HealthKick to GOVERSHELL: The Evolution of UTA0388's Espionage Malware

A China-aligned threat actor codenamed UTA0388 has been attributed to a series of spear-phishing campaigns targeting North America, Asia, and Europe that are designed to deliver a Go-based implant known as GOVERSHELL...
More details.

Posted on Thu, 09 Oct 2025 22:49:00 +0530


New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps

A rapidly evolving Android spyware campaign called ClayRat has targeted users in Russia using a mix of Telegram channels and lookalike phishing websites by impersonating popular apps like WhatsApp, Google Photos, TikTok, and YouTube as lures to install them...
More details.

Posted on Thu, 09 Oct 2025 21:00:00 +0530


Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks

SonicWall on Wednesday disclosed that an unauthorized party accessed firewall configuration backup files for all customers who have used the cloud backup service. "The files contain encrypted credentials and configuration data; while encryption remains in place, possession of these files could increase the risk of targeted attacks," the company said...
More details.

Posted on Thu, 09 Oct 2025 19:18:00 +0530


ThreatsDay Bulletin: MS Teams Hack, MFA Hijacking, $2B Crypto Heist, Apple Siri Probe & More

Cyber threats are evolving faster than ever. Attackers now combine social engineering, AI-driven manipulation, and cloud exploitation to breach targets once considered secure. From communication platforms to connected devices, every system that enhances convenience also expands the attack surface...
More details.

Posted on Thu, 09 Oct 2025 17:46:00 +0530


SaaS Breaches Start with Tokens - What Security Teams Must Watch

Token theft is a leading cause of SaaS breaches. Discover why OAuth and API tokens are often overlooked and how security teams can strengthen token hygiene to prevent attacks. Most companies in 2025 rely on a whole range of software-as-a-service (SaaS) applications to run their operations...
More details.

Posted on Thu, 09 Oct 2025 17:00:00 +0530


From Phishing to Malware: AI Becomes Russia's New Cyber Weapon in War on Ukraine

Russian hackers' adoption of artificial intelligence (AI) in cyber attacks against Ukraine has reached a new level in the first half of 2025 (H1 2025), the country's State Service for Special Communications and Information Protection (SSSCIP) said...
More details.

Posted on Thu, 09 Oct 2025 14:40:00 +0530


Critical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder Theme

Threat actors are actively exploiting a critical security flaw impacting the Service Finder WordPress theme that makes it possible to gain unauthorized access to any account, including administrators, and take control of susceptible sites...
More details.

Posted on Thu, 09 Oct 2025 12:27:00 +0530


Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks

Cybersecurity researchers are calling attention to a nefarious campaign targeting WordPress sites to make malicious JavaScript injections that are designed to redirect users to sketchy sites. "Site visitors get injected content that was drive-by malware like fake Cloudflare verification," Sucuri researcher Puja Srivastava said in an analysis published last week...
More details.

Posted on Wed, 08 Oct 2025 22:13:00 +0530


Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave

Threat actors with suspected ties to China have turned a legitimate open-source monitoring tool called Nezha into an attack weapon, using it to deliver a known malware called Gh0st RAT to targets. The...
More details.

Posted on Wed, 08 Oct 2025 19:26:00 +0530


Step Into the Password Graveyard… If You Dare (and Join the Live Session)

Every year, weak passwords lead to millions in losses — and many of those breaches could have been stopped. Attackers don’t need advanced tools; they just need one careless login. For IT teams, that means endless resets, compliance struggles, and sleepless nights worrying about the next credential leak...
More details.

Posted on Wed, 08 Oct 2025 17:38:00 +0530


Student Loan Breach Exposes 2.5M Records

2.5 million people were affected, in a breach that could spell more trouble down the line.
More details.

Posted on Wed, 31 Aug 2022 12:57:48 +0000


Watering Hole Attacks Push ScanBox Keylogger

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
More details.

Posted on Tue, 30 Aug 2022 16:00:43 +0000


Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.
More details.

Posted on Mon, 29 Aug 2022 14:56:19 +0000


Ransomware Attacks are on the Rise

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.
More details.

Posted on Fri, 26 Aug 2022 16:44:27 +0000


Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.
More details.

Posted on Thu, 25 Aug 2022 18:47:15 +0000


Twitter Whistleblower Complaint: The TL;DR Version

Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.
More details.

Posted on Wed, 24 Aug 2022 14:17:04 +0000


Firewall Bug Under Active Attack Triggers CISA Warning

CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.
More details.

Posted on Tue, 23 Aug 2022 13:19:58 +0000


Fake Reservation Links Prey on Weary Travelers

Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels.
More details.

Posted on Mon, 22 Aug 2022 13:59:06 +0000


iPhone Users Urged to Update to Patch 2 Zero-Days

Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack.
More details.

Posted on Fri, 19 Aug 2022 15:25:56 +0000


Google Patches Chrome’s Fifth Zero-Day of the Year

An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.
More details.

Posted on Thu, 18 Aug 2022 14:31:38 +0000


Snowflake Data Breach: What Happened and How to Prevent It

In 2024, the cybersecurity landscape was shaken by an unexpected and widespread incident—the Snowflake data breach. Despite being a leading provider of cloud-based data warehousing solutions, Snowflake found itself at...
More details.

Posted on Tue, 05 Aug 2025 18:00:42 +0000


Ways to Mitigate Risk in Cybersecurity: Cybersecurity Risk Management

Cyber threats can wreak havoc on businesses, from data breaches to loss of reputation. Luckily, there are effective strategies available that can reduce cybersecurity risk. Avoidance is one of the... The post Ways to Mitigate Risk in Cybersecurity: Cybersecurity Risk Management appeared first on Hacker Combat ...
More details.

Posted on Fri, 13 Dec 2024 12:04:08 +0000


Zero Trust Architecture 

Zero trust security takes an “never trust, always verify” approach to access control. Access is only granted once an individual’s identity and context have been confirmed through multifactor authentication and...
More details.

Posted on Mon, 02 Dec 2024 10:43:16 +0000


What Is a Security Operations Center (SOC)?

A Security Operations Center (SOC) specializes in monitoring and analyzing data to detect cyber threats and prevent attacks from them. They work to sort actual threats from false positives before... The post What Is a Security Operations Center (SOC)? appeared first on Hacker Combat ...
More details.

Posted on Mon, 02 Dec 2024 07:51:03 +0000


XDR vs SIEM Security Information and Event Management

The Extended Detection and Response Platform (XDR) ingestion and correlation technology captures and correlates high-fidelity data across your security layers, such as endpoint, network, logs, cloud services and identities to...
More details.

Posted on Fri, 29 Nov 2024 12:53:23 +0000


Best Free EDR for Windows PC

Endpoint detection and response (EDR) tools offer businesses that employ hybrid work models or remote employees an extra layer of cybersecurity protection. Utilizing artificial intelligence (AI) and machine learning (ML),...
More details.

Posted on Fri, 29 Nov 2024 11:19:32 +0000


Free EDR Solutions for Home Users in 2025

EDR can detect and respond to emerging and advanced cyber threats quickly and efficiently, making it an essential component of modern business ecosystems. Beyond signature-based detection capabilities, its features go...
More details.

Posted on Tue, 26 Nov 2024 07:46:59 +0000


Cloud Security Essentials

Cloud security involves employing perimeter defenses like firewalls, IDPSs and VPNs as well as guaranteeing isolation through network segmentation and virtual LANs while monitoring traffic for anomalies and threats –...
More details.

Posted on Mon, 28 Oct 2024 04:57:20 +0000


Antivirus Software

Antivirus software protects devices against viruses, malware, and other cyberthreats by detecting, quarantining, and deleting malicious code. Modern antivirus products also offer additional security features such as password protection, identity...
More details.

Posted on Mon, 28 Oct 2024 02:43:18 +0000


How to Protect Against Ransomware Attacks?

Criminal hackers employ ransomware attacks against their targets by encrypting their data and demanding that a ransom be paid within an allotted timeframe or risk losing it forever. When an... The post How to Protect Against Ransomware Attacks? appeared first on Hacker Combat ...
More details.

Posted on Fri, 25 Oct 2024 03:57:42 +0000


A Note on Our Domain Update

Between The Hacks has updated its default domain name to betweenthehacks.com. Everything is still here, but a few links might need attention. Learn more about this update and let us know if you spot any issues...
More details.

Posted on Fri, 04 Apr 2025 14:46:00 +0000


Passkeys: The Beginning of the End for Passwords

Still using passwords? It might be time to move on. Passkeys are a simpler, more secure way to log in—no typing, no phishing, no stress. In this post, I break down how passkeys work, why they matter, and how you can start using them today...
More details.

Posted on Thu, 03 Apr 2025 14:41:00 +0000


I Finally Segmented My Network… by Cutting the Ethernet Cable!

After years of preaching network segmentation, I took it to the next level—by physically disconnecting everything. Scissors, copper mesh, and a rotating SSID script. What could go wrong?
More details.

Posted on Tue, 01 Apr 2025 14:36:55 +0000


Unlimited Access: Every Device on Your Network Can Talk to the Internet

Most home devices can access the entire internet—and often each other. Segmentation helps, but without visibility into what your devices are doing, you’re still exposed.
More details.

Posted on Sun, 30 Mar 2025 20:32:00 +0000


If Troy Hunt Can Fall for Phishing, So Can You

Even cybersecurity experts fall for phishing attacks. When Troy Hunt, creator of Have I Been Pwned, clicked a malicious link and entered his credentials, it was a wake-up call for all of us. In this post, we break down what happened, why today’s phishing is more convincing than ever, and what you can do to protect yourself...
More details.

Posted on Fri, 28 Mar 2025 17:34:13 +0000


AI Magic: My Blog, LinkedIn, and a 7-Minute Podcast!

So, here’s something that blew my mind: I decided to test Google’s NotebookLM AI tool. I casually uploaded the URLs for my LinkedIn page and my blog, not expecting much more than a basic summary...
More details.

Posted on Mon, 30 Sep 2024 17:01:00 +0000


How I Introduced the Cybersecurity World to a Cold War Hero

If you told me a year ago that I would meet a cold war hero at a birthday party, I wouldn’t have believed you. And I would be even more skeptical if you told me she would be an unintimidating, approachable music professor with an infectious smile...
More details.

Posted on Thu, 30 Jun 2022 00:39:31 +0000


log4shell

UPDATED December 16, 2021 If you are reading this, you likely have heard about Log4Shell, the December, 2021 critical zero-day remote-code execution vulnerability in the popular Log4j software library that is developed and maintained by the Apache Software Foundation...
More details.

Posted on Tue, 14 Dec 2021 18:56:34 +0000


Hacking Humble Bundle

Last year, Humble Bundle teamed up with the great tech publisher, No Starch Press, to offer deeply discounted hacking ebooks for as little as one dollar with the Hacking 101 By No Starch Press Humble Bundle of ebooks...
More details.

Posted on Tue, 30 Nov 2021 17:11:00 +0000


Cybersecurity Awareness Month 2021

October is Cybersecurity Awareness Month and Breast Cancer Awareness Month. Since this is a cybersecurity blog, we will focus on cybersecurity but let’s take a moment to talk about the important topic of breast cancer...
More details.

Posted on Fri, 01 Oct 2021 16:58:53 +0000


Colonial Pipeline: Lessons Learned

The Colonial Pipeline ransomware attack took down the largest fuel pipeline in the United States and resulted in consumer hoarding of fuel and a short-term shortage of gasoline on the east coast of the U...
More details.

Posted on Fri, 04 Jun 2021 21:23:00 +0000


President Biden's Cybersecurity Executive Order

Aiming to improve cybersecurity in the United States, President Biden signed an executive order (EO) on May 12, 2021. Although the EO focuses on U.S. federal departments’ and agencies’ cybersecurity, it will likely result in standards that will change the way the private sector manages cybersecurity within the United States and globally...
More details.

Posted on Fri, 28 May 2021 19:08:00 +0000


World Password Day - May 6, 2021

It’s World Password Day! Are your passwords strong enough? Do you have a long, unique password for every account? Do you use multi-factor authentication where available? If you answered, “no”...
More details.

Posted on Thu, 06 May 2021 13:30:00 +0000


Facebook Leak Leads To Smishing

I have always considered myself pretty lucky in that I rarely receive fraudulent text messages. That luck recently ran out. Over the past few weeks I have noticed an uptick in the number of SMS phishing (smishing) messages that I receive on my phone...
More details.

Posted on Mon, 05 Apr 2021 14:42:00 +0000


2021 Cybersecurity Report Roundup

Annual cybersecurity reports are a rich resource of statistics and information for cybersecurity professionals, academics, journalists and anyone who is interested in cybersecurity. Below is a categorized...
More details.

Posted on Fri, 02 Apr 2021 12:27:00 +0000


2021 Top Cybersecurity Leaders

The March 2021 issue of Security magazine, partnering with (ISC)2, featured their inaugural list of the Top Cybersecurity Leaders for 2021. As the author of this blog, I am both humbled and honored, to not only be part of the inaugural team, but also to be recognized with these accomplished cybersecurity professionals...
More details.

Posted on Sun, 07 Mar 2021 19:54:37 +0000


ILoveYou.txt.vbs

Since today is known for love, let’s look back 21 years to one of the more destructive, costly and famous viruses in history. The “ILoveYou” worm, also known as the “Love Bug” or “Love Letter For You” infected more than ten million Windows computers, beginning on May 5, 2000...
More details.

Posted on Sun, 14 Feb 2021 19:36:17 +0000


Safer Internet Day 2021

Tuesday, February 9th, 2021, marks the 18th edition of Safer Internet Day with the theme "Together for a better Internet." Safer Internet Day (SID) started as an EU SafeBorders project in 2004 and is now celebrated in approximately 170 countries worldwide...
More details.

Posted on Tue, 09 Feb 2021 16:00:00 +0000


Happy New Year!

2020 was a difficult year and Between The Hacks wants to congratulate everyone who pulled through the challenges. We have all lived through a year that delivered a global pandemic, civil unrest, and...
More details.

Posted on Thu, 31 Dec 2020 20:58:00 +0000


Merry Christmas & Happy Holidays

Merry Christmas and Happy Holidays from Between The Hacks! Whether you celebrate Christmas, Hanukkah, Kwanza or Festivus, we hope you and your family are doing well, staying healthy and surviving 20...
More details.

Posted on Fri, 25 Dec 2020 02:51:00 +0000


Safeguarding the Backbone of the Global Economy: OT/ICS Security in the Oil and Gas Industry

The oil and gas industry is an essential pillar of the global economy, enabling energy production, transportation, and storage that fuel every aspect of modern life. At the core of these operations lie Operational Technology (OT) and Industrial Control Systems (ICS), critical systems responsible for monitoring and controlling key industrial processes...
More details.

Posted on Sun, 12 Jan 2025 09:37:30 +0000


Detailed Guide to SOAR and SIEM

What Is SOAR? SOAR stands for Security Orchestration, Automation, and Response. It’s a cybersecurity tool designed to simplify and enhance the efficiency of IT teams by automating responses to various security threats...
More details.

Posted on Sun, 12 Jan 2025 09:20:49 +0000


What is a cyberattack?

What is a cyberattack? Cyberattacks aim to damage or gain control or access to important documents and systems within a business or personal computer network. Cyberattacks are distributed by individuals or organizations for political, criminal, or personal intentions to destroy or gain access to classified information...
More details.

Posted on Wed, 30 Oct 2024 04:02:41 +0000


What is SIEM ?

Security information and event management, SIEM for short, is a solution that helps organizations detect, analyze, and respond to security threats before they harm business operations. SIEM, pronounced “sim,” combines both security information management (SIM) and security event management (SEM) into one security management system...
More details.

Posted on Tue, 29 Oct 2024 08:06:47 +0000


Cyber Security Operation Center Guidelines for best practices SOC Design

Cyber Security is become most needed services for all business and industries in 2024. Every business is concerned about Cyber Security. Security operations (SecOps) leaders face a multifaceted challenge:...
More details.

Posted on Tue, 30 Jan 2024 16:32:57 +0000


HOW TO BECOME CERTIFIED LEAD IMPLEMENTER – ISO 27001

ABOUT CERTIFIED LEAD IMPLEMENTER TRAINING AND EXAMINATION FOR INFORMATION SECURITY MANAGEMENT SYSTEM ISO / IEC 27001 Learn and get certified as a professional in implementation of ISO 27001 standard through our self-paced E-learning interactive course which comprises of 4 modules...
More details.

Posted on Thu, 26 Jan 2023 11:21:59 +0000


YouTube disrupted in Pakistan as former PM Imran Khan streams speech

NetBlocks metrics confirm the disruption of YouTube on multiple internet providers in Pakistan on Sunday 21 August 2022. The disruption comes as former Prime Minister Imran Khan makes a live broadcast to the public, despite a ban issued by the Pakistan Electronic Media Regulatory Authority (PEMRA)...
More details.

Posted on Mon, 22 Aug 2022 05:04:16 +0000


Recommendations for Parents about Cyber Bullying

Here are some dedicated tips for keeping younger children safe online. One of these training tips goes into the risks of young children on the Internet, covers cyber bullying and other risky Internet behavior...
More details.

Posted on Wed, 20 Oct 2021 06:36:27 +0000


WhatsApp, Facebook, Instagram server down in Pakistan?

Facebook-owned social media platforms, WhatsApp, Facebook, and Instagram are facing a worldwide outage, according to Downdetector, which offers real-time status and outage information for all kinds of services...
More details.

Posted on Mon, 04 Oct 2021 17:32:57 +0000


Cloudflare reports record-breaking HTTP-request DDoS attack

Cloudflare reports thwarting the largest known HTTP-request distributed denial of service attack in history, approximately three times larger than any other previously reported. The attack in July reached 17...
More details.

Posted on Sun, 22 Aug 2021 19:26:02 +0000


-

What we do and what we offer.

About penetration tests and about our news.


Our certificates:

(ISC)2
CISSP
Offensive Security
OSCP
ISACA
CISA
CISM
Microsoft
PECB
LPTP
Qualys
PECB
LPTP
BSI
LPTP
BSI

Наши партнёры, ИБ и ИТ компании Киев, Украина, мир:

Qualys
IBM
Tenable
Microsoft
AWS
ENX
Ernst&Young
KPMG
PriceWater­HouseCoopers
Deloitte
Buro Veritas
Underdefense
Hacken
Infosafe
10Guards
RMRF
Softseq
AAA auditagency
Berezha Security
Protectmaster
IT спеціаліст