DERUUA

Latest news about information security vulnerabilities, threats, incidents and events

information security incidents

Prevention of security vulnerabilities, threats, and incidents described below is wiser and cheaper than forensic investigations and mitigation of the consequences of a cyber-attack.

You can get evidence of this fact from the news below.

Use our services to find and mitigate your security vulnerabilities before the security threat agents find them.




-
-
Critical Vulnerability in Anthropic's MCP Exposes Developer Machines to Remote Exploits

Cybersecurity researchers have discovered a critical security vulnerability in artificial intelligence (AI) company Anthropic's Model Context Protocol (MCP) Inspector project that could result in remote code execution (RCE) and allow an attacker to gain complete access to the hosts...
More details.

Posted on Tue, 01 Jul 2025 23:33:00 +0530


TA829 and UNK_GreenSec Share Tactics and Infrastructure in Ongoing Malware Campaigns

Cybersecurity researchers have flagged the tactical similarities between the threat actors behind the RomCom RAT and a cluster that has been observed delivering a loader dubbed TransferLoader. Enterprise security firm Proofpoint is tracking the activity associated with TransferLoader to a group dubbed UNK_GreenSec and the RomCom RAT actors under the moniker TA829...
More details.

Posted on Tue, 01 Jul 2025 21:56:00 +0530


New Flaw in IDEs Like Visual Studio Code Lets Malicious Extensions Bypass Verified Status

A new study of integrated development environments (IDEs) like Microsoft Visual Studio Code, Visual Studio, IntelliJ IDEA, and Cursor has revealed weaknesses in how they handle the extension verification process, ultimately enabling attackers to execute malicious code on developer machines...
More details.

Posted on Tue, 01 Jul 2025 19:21:00 +0530


A New Maturity Model for Browser Security: Closing the Last-Mile Risk

Despite years of investment in Zero Trust, SSE, and endpoint protection, many enterprises are still leaving one critical layer exposed: the browser. It’s where 85% of modern work now happens. It’s also where copy/paste actions, unsanctioned GenAI usage, rogue extensions, and personal devices create a risk surface that most security stacks weren’t designed to handle...
More details.

Posted on Tue, 01 Jul 2025 16:30:00 +0530


Chrome Zero-Day CVE-2025-6554 Under Active Attack — Google Issues Security Update

Google has released security updates to address a vulnerability in its Chrome browser for which an exploit exists in the wild. The zero-day vulnerability, tracked as CVE-2025-6554 (CVSS score: N/A), has been described as a type confusing flaw in the V8 JavaScript and WebAssembly engine...
More details.

Posted on Tue, 01 Jul 2025 14:25:00 +0530


U.S. Arrests Facilitator in North Korean IT Worker Scheme; Seizes 29 Domains and Raids 21 Laptop Farms

The U.S. Department of Justice (DoJ) on Monday announced sweeping actions targeting the North Korean information technology (IT) worker scheme, leading to the arrest of one individual and the seizure of 29 financial accounts, 21 fraudulent websites, and nearly 200 computers...
More details.

Posted on Tue, 01 Jul 2025 13:23:00 +0530


Microsoft Removes Password Management from Authenticator App Starting August 2025

Microsoft has said that it's ending support for passwords in its Authenticator app starting August 1, 2025. Microsoft’s move is part of a much larger shift away from traditional password-based logins...
More details.

Posted on Tue, 01 Jul 2025 09:51:00 +0530


U.S. Agencies Warn of Rising Iranian Cyber Attacks on Defense, OT Networks, and Critical Infrastructure

U.S. cybersecurity and intelligence agencies have issued a joint advisory warning of potential cyber attacks from Iranian state-sponsored or affiliated threat actors.  "Over the past several months, there has been increasing activity from hacktivists and Iranian government-affiliated actors, which is expected to escalate due to recent events," the agencies said...
More details.

Posted on Mon, 30 Jun 2025 21:59:00 +0530


Europol Dismantles $540 Million Cryptocurrency Fraud Network, Arrests Five Suspects

Europol on Monday announced the takedown of a cryptocurrency investment fraud ring that laundered €460 million ($540 million) from more than 5,000 victims across the world. The international effort, codenamed Operation Borrelli was carried out by the Spanish Guardia Civil, along with support from law enforcement authorities from Estonia, France, and the United States...
More details.

Posted on Mon, 30 Jun 2025 20:47:00 +0530


Blind Eagle Uses Proton66 Hosting for Phishing, RAT Deployment on Colombian Banks

The threat actor known as Blind Eagle has been attributed with high confidence to the use of the Russian bulletproof hosting service Proton66. Trustwave SpiderLabs, in a report published last week, said...
More details.

Posted on Mon, 30 Jun 2025 19:00:00 +0530


Leveraging Credentials As Unique Identifiers: A Pragmatic Approach To NHI Inventories 

Identity-based attacks are on the rise. Attacks in which malicious actors assume the identity of an entity to easily gain access to resources and sensitive data have been increasing in number and frequency over the last few years...
More details.

Posted on Mon, 30 Jun 2025 16:30:00 +0530


⚡ Weekly Recap: Airline Hacks, Citrix 0-Day, Outlook Malware, Banking Trojans and more

Ever wonder what happens when attackers don’t break the rules—they just follow them better than we do? When systems work exactly as they’re built to, but that “by design” behavior quietly opens the door to risk? This week brings stories that make you stop and rethink what’s truly under control...
More details.

Posted on Mon, 30 Jun 2025 15:46:00 +0530


FBI Warns of Scattered Spider's Expanding Attacks on Airlines Using Social Engineering

The U.S. Federal Bureau of Investigation (FBI) has revealed that it has observed the notorious cybercrime group Scattered Spider broadening its targeting footprint to strike the airline sector. To that end, the agency said it's actively working with aviation and industry partners to combat the activity and help victims...
More details.

Posted on Sat, 28 Jun 2025 15:18:00 +0530


GIFTEDCROOK Malware Evolves: From Browser Stealer to Intelligence-Gathering Tool

The threat actor behind the GIFTEDCROOK malware has made significant updates to turn the malicious program from a basic browser data stealer to a potent intelligence-gathering tool. "Recent campaigns...
More details.

Posted on Sat, 28 Jun 2025 13:28:00 +0530


Facebook’s New AI Tool Asks to Upload Your Photos for Story Ideas, Sparking Privacy Concerns

Facebook, the social network platform owned by Meta, is asking for users to upload pictures from their phones to suggest collages, recaps, and other ideas using artificial intelligence (AI), including those that have not been directly uploaded to the service...
More details.

Posted on Sat, 28 Jun 2025 12:49:00 +0530


Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign

Threat hunters have discovered a network of more than 1,000 compromised small office and home office (SOHO) devices that have been used to facilitate a prolonged cyber espionage infrastructure campaign for China-nexus hacking groups...
More details.

Posted on Fri, 27 Jun 2025 21:28:00 +0530


PUBLOAD and Pubshell Malware Used in Mustang Panda's Tibet-Specific Attack

A China-linked threat actor known as Mustang Panda has been attributed to a new cyber espionage campaign directed against the Tibetan community. The spear-phishing attacks leveraged topics related to Tibet,...
More details.

Posted on Fri, 27 Jun 2025 18:55:00 +0530


Business Case for Agentic AI SOC Analysts

Security operations centers (SOCs) are under pressure from both sides: threats are growing more complex and frequent, while security budgets are no longer keeping pace. Today’s security leaders are expected to reduce risk and deliver results without relying on larger teams or increased spending...
More details.

Posted on Fri, 27 Jun 2025 16:30:00 +0530


Chinese Group Silver Fox Uses Fake Websites to Deliver Sainbox RAT and Hidden Rootkit

A new campaign has been observed leveraging fake websites advertising popular software such as WPS Office, Sogou, and DeepSeek to deliver Sainbox RAT and the open-source Hidden rootkit. The activity has been attributed with medium confidence to a Chinese hacking group called Silver Fox (aka Void Arachne), citing similarities in tradecraft with previous campaigns attributed to the threat actor...
More details.

Posted on Fri, 27 Jun 2025 15:55:00 +0530


MOVEit Transfer Faces Increased Threats as Scanning Surges and CVE Flaws Are Targeted

Threat intelligence firm GreyNoise is warning of a "notable surge" in scanning activity targeting Progress MOVEit Transfer systems starting May 27, 2025—suggesting that attackers may be preparing for another mass exploitation campaign or probing for unpatched systems...
More details.

Posted on Fri, 27 Jun 2025 13:13:00 +0530


OneClik Red Team Campaign Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors

Cybersecurity researchers have detailed a new campaign dubbed OneClik that leverages Microsoft's ClickOnce software deployment technology and bespoke Golang backdoors to compromise organizations within the energy, oil, and gas sectors...
More details.

Posted on Fri, 27 Jun 2025 12:01:00 +0530


Critical Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Attacks

Cybersecurity researchers have disclosed a critical vulnerability in the Open VSX Registry ("open-vsx[.]org") that, if successfully exploited, could have enabled attackers to take control of the entire Visual Studio Code extensions marketplace, posing a severe supply chain risk...
More details.

Posted on Thu, 26 Jun 2025 22:16:00 +0530


Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access

Cisco has released updates to address two maximum-severity security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could permit an unauthenticated attacker to execute arbitrary commands as the root user...
More details.

Posted on Thu, 26 Jun 2025 18:54:00 +0530


New FileFix Method Emerges as a Threat Following 517% Rise in ClickFix Attacks

The ClickFix social engineering tactic as an initial access vector using fake CAPTCHA verifications increased by 517% between the second half of 2024 and the first half of this year, according to data from ESET...
More details.

Posted on Thu, 26 Jun 2025 18:33:00 +0530


The Hidden Risks of SaaS: Why Built-In Protections Aren't Enough for Modern Data Resilience

SaaS Adoption is Skyrocketing, Resilience Hasn’t Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure...
More details.

Posted on Thu, 26 Jun 2025 16:30:00 +0530


Iranian APT35 Hackers Targeting Israeli Tech Experts with AI-Powered Phishing Attacks

An Iranian state-sponsored hacking group associated with the Islamic Revolutionary Guard Corps (IRGC) has been linked to a spear-phishing campaign targeting journalists, high-profile cyber security experts, and computer science professors in Israel...
More details.

Posted on Thu, 26 Jun 2025 14:15:00 +0530


Cyber Criminals Exploit Open-Source Tools to Compromise Financial Institutions Across Africa

Cybersecurity researchers are calling attention to a series of cyber attacks targeting financial organizations across Africa since at least July 2023 using a mix of open-source and publicly available tools to maintain access...
More details.

Posted on Thu, 26 Jun 2025 12:49:00 +0530


CISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, Fortinet

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added three security flaws, each impacting AMI MegaRAC, D-Link DIR-859 router, and Fortinet FortiOS, to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation...
More details.

Posted on Thu, 26 Jun 2025 11:32:00 +0530


WhatsApp Adds AI-Powered Message Summaries for Faster Chat Previews

Popular messaging platform WhatsApp has added a new artificial intelligence (AI)-powered feature that leverages its in-house solution Meta AI to summarize unread messages in chats. The feature, called Message Summaries, is currently rolling out in the English language to users in the United States, with plans to bring it to other regions and languages later this year...
More details.

Posted on Thu, 26 Jun 2025 10:06:00 +0530


nOAuth Vulnerability Still Affects 9% of Microsoft Entra SaaS Apps Two Years After Discovery

New research has uncovered continued risk from a known security weakness in Microsoft's Entra ID, potentially enabling malicious actors to achieve account takeovers in susceptible software-as-a-service (SaaS) applications...
More details.

Posted on Wed, 25 Jun 2025 22:26:00 +0530


Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC

Citrix has released security updates to address a critical flaw affecting NetScaler ADC that it said has been exploited in the wild. The vulnerability, tracked as CVE-2025-6543, carries a CVSS score of 9...
More details.

Posted on Wed, 25 Jun 2025 20:21:00 +0530


Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure

Cybersecurity researchers have detailed two now-patched security flaws in SAP Graphical User Interface (GUI) for Windows and Java that, if successfully exploited, could have enabled attackers to access sensitive information under certain conditions...
More details.

Posted on Wed, 25 Jun 2025 19:07:00 +0530


Pro-Iranian Hacktivist Group Leaks Personal Records from the 2024 Saudi Games

Thousands of personal records allegedly linked to athletes and visitors of the Saudi Games have been published online by a pro-Iranian hacktivist group called Cyber Fattah. Cybersecurity company Resecurity said the breach was announced on Telegram on June 22, 2025, in the form of SQL database dumps, characterizing it as an information operation "carried out by Iran and its proxies...
More details.

Posted on Wed, 25 Jun 2025 16:30:00 +0530


Beware the Hidden Risk in Your Entra Environment

If you invite guest users into your Entra ID tenant, you may be opening yourself up to a surprising risk.  A gap in access control in Microsoft Entra’s subscription handling is allowing guest users to create and transfer subscriptions into the tenant they are invited into, while maintaining full ownership of them...
More details.

Posted on Wed, 25 Jun 2025 16:00:00 +0530


SonicWall NetExtender Trojan and ConnectWise Exploits Used in Remote Access Attacks

Unknown threat actors have been distributing a trojanized version of SonicWall's SSL VPN NetExtender application to steal credentials from unsuspecting users who may have installed it. "NetExtender enables remote users to securely connect and run applications on the company network," SonicWall researcher Sravan Ganachari said...
More details.

Posted on Wed, 25 Jun 2025 14:15:00 +0530


North Korea-linked Supply Chain Attack Targets Developers with 35 Malicious npm Packages

Cybersecurity researchers have uncovered a fresh batch of malicious npm packages linked to the ongoing Contagious Interview operation originating from North Korea. According to Socket, the ongoing supply chain attack involves 35 malicious packages that were uploaded from 24 npm accounts...
More details.

Posted on Wed, 25 Jun 2025 13:42:00 +0530


Microsoft Extends Windows 10 Security Updates for One Year with New Enrollment Options

Microsoft on Tuesday announced that it's extending Windows 10 Extended Security Updates (ESU) for an extra year by letting users either pay a small fee of $30 or by sync their PC settings to the cloud...
More details.

Posted on Wed, 25 Jun 2025 10:40:00 +0530


New U.S. Visa Rule Requires Applicants to Set Social Media Account Privacy to Public

The United States Embassy in India has announced that applicants for F, M, and J nonimmigrant visas should make their social media accounts public. The new guideline seeks to help officials verify the identity and eligibility of applicants under U...
More details.

Posted on Wed, 25 Jun 2025 00:17:00 +0530


Researchers Find Way to Shut Down Cryptominer Campaigns Using Bad Shares and XMRogue

Cybersecurity researchers have detailed two novel methods that can be used to disrupt cryptocurrency mining botnets. The methods take advantage of the design of various common mining topologies in order to shut down the mining process, Akamai said in a new report published today...
More details.

Posted on Tue, 24 Jun 2025 19:47:00 +0530


Hackers Target Over 70 Microsoft Exchange Servers to Steal Credentials via Keyloggers

Unidentified threat actors have been observed targeting publicly exposed Microsoft Exchange servers to inject malicious code into the login pages that harvest their credentials. Positive Technologies,...
More details.

Posted on Tue, 24 Jun 2025 18:56:00 +0530


Between Buzz and Reality: The CTEM Conversation We All Need

I had the honor of hosting the first episode of the Xposure Podcast live from Xposure Summit 2025. And I couldn’t have asked for a better kickoff panel: three cybersecurity leaders who don’t just talk security, they live it...
More details.

Posted on Tue, 24 Jun 2025 16:30:00 +0530


Hackers Exploit Misconfigured Docker APIs to Mine Cryptocurrency via Tor Network

Misconfigured Docker instances are the target of a campaign that employs the Tor anonymity network to stealthily mine cryptocurrency in susceptible environments. "Attackers are exploiting misconfigured...
More details.

Posted on Tue, 24 Jun 2025 15:27:00 +0530


U.S. House Bans WhatsApp on Official Devices Over Security and Data Protection Issues

The U.S. House of Representatives has formally banned congressional staff members from using WhatsApp on government-issued devices, citing security concerns. The development was first reported by Axios...
More details.

Posted on Tue, 24 Jun 2025 14:46:00 +0530


APT28 Uses Signal Chat to Deploy BEARDSHELL Malware and COVENANT in Ukraine

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new cyber attack campaign by the Russia-linked APT28 (aka UAC-0001) threat actors using Signal chat messages to deliver two previously undocumented malware families dubbedd BEARDSHELL and COVENANT...
More details.

Posted on Tue, 24 Jun 2025 14:36:00 +0530


China-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom

The Canadian Centre for Cyber Security and the U.S. Federal Bureau of Investigation (FBI) have issued an advisory warning of cyber attacks mounted by the China-linked Salt Typhoon actors to breach major global telecommunications providers as part of a cyber espionage campaign...
More details.

Posted on Tue, 24 Jun 2025 08:30:00 +0530


Echo Chamber Jailbreak Tricks LLMs Like OpenAI and Google into Generating Harmful Content

Cybersecurity researchers are calling attention to a new jailbreaking method called Echo Chamber that could be leveraged to trick popular large language models (LLMs) into generating undesirable responses, irrespective of the safeguards put in place...
More details.

Posted on Mon, 23 Jun 2025 21:28:00 +0530


DHS Warns Pro-Iranian Hackers Likely to Target U.S. Networks After Iranian Nuclear Strikes

The United States government has warned of cyber attacks mounted by pro-Iranian groups after it launched airstrikes on Iranian nuclear sites as part of the Iran–Israel war that commenced on June 13, 2025...
More details.

Posted on Mon, 23 Jun 2025 20:44:00 +0530


XDigo Malware Exploits Windows LNK Flaw in Eastern European Government Attacks

Cybersecurity researchers have uncovered a Go-based malware called XDigo that has been used in attacks targeting Eastern European governmental entities in March 2025. The attack chains are said to have leveraged a collection of Windows shortcut (LNK) files as part of a multi-stage procedure to deploy the malware, French cybersecurity company HarfangLab said...
More details.

Posted on Mon, 23 Jun 2025 18:42:00 +0530


How AI-Enabled Workflow Automation Can Help SOCs Reduce Burnout

It sure is a hard time to be a SOC analyst. Every day, they are expected to solve high-consequence problems with half the data and twice the pressure. Analysts are overwhelmed—not just by threats, but by the systems and processes in place that are meant to help them respond...
More details.

Posted on Mon, 23 Jun 2025 16:55:00 +0530


Google Adds Multi-Layered Defenses to Secure GenAI from Prompt Injection Attacks

Google has revealed the various safety measures that are being incorporated into its generative artificial intelligence (AI) systems to mitigate emerging attack vectors like indirect prompt injections and improve the overall security posture for agentic AI systems...
More details.

Posted on Mon, 23 Jun 2025 16:16:00 +0530


Student Loan Breach Exposes 2.5M Records

2.5 million people were affected, in a breach that could spell more trouble down the line.
More details.

Posted on Wed, 31 Aug 2022 12:57:48 +0000


Watering Hole Attacks Push ScanBox Keylogger

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
More details.

Posted on Tue, 30 Aug 2022 16:00:43 +0000


Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.
More details.

Posted on Mon, 29 Aug 2022 14:56:19 +0000


Ransomware Attacks are on the Rise

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.
More details.

Posted on Fri, 26 Aug 2022 16:44:27 +0000


Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.
More details.

Posted on Thu, 25 Aug 2022 18:47:15 +0000


Twitter Whistleblower Complaint: The TL;DR Version

Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.
More details.

Posted on Wed, 24 Aug 2022 14:17:04 +0000


Firewall Bug Under Active Attack Triggers CISA Warning

CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.
More details.

Posted on Tue, 23 Aug 2022 13:19:58 +0000


Fake Reservation Links Prey on Weary Travelers

Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels.
More details.

Posted on Mon, 22 Aug 2022 13:59:06 +0000


iPhone Users Urged to Update to Patch 2 Zero-Days

Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack.
More details.

Posted on Fri, 19 Aug 2022 15:25:56 +0000


Google Patches Chrome’s Fifth Zero-Day of the Year

An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.
More details.

Posted on Thu, 18 Aug 2022 14:31:38 +0000


Ways to Mitigate Risk in Cybersecurity: Cybersecurity Risk Management

Cyber threats can wreak havoc on businesses, from data breaches to loss of reputation. Luckily, there are effective strategies available that can reduce cybersecurity risk. Avoidance is one of the... The post Ways to Mitigate Risk in Cybersecurity: Cybersecurity Risk Management appeared first on Hacker Combat ...
More details.

Posted on Fri, 13 Dec 2024 12:04:08 +0000


Zero Trust Architecture 

Zero trust security takes an “never trust, always verify” approach to access control. Access is only granted once an individual’s identity and context have been confirmed through multifactor authentication and...
More details.

Posted on Mon, 02 Dec 2024 10:43:16 +0000


What Is a Security Operations Center (SOC)?

A Security Operations Center (SOC) specializes in monitoring and analyzing data to detect cyber threats and prevent attacks from them. They work to sort actual threats from false positives before... The post What Is a Security Operations Center (SOC)? appeared first on Hacker Combat ...
More details.

Posted on Mon, 02 Dec 2024 07:51:03 +0000


XDR vs SIEM Security Information and Event Management

The Extended Detection and Response Platform (XDR) ingestion and correlation technology captures and correlates high-fidelity data across your security layers, such as endpoint, network, logs, cloud services and identities to...
More details.

Posted on Fri, 29 Nov 2024 12:53:23 +0000


Best Free EDR for Windows PC

Endpoint detection and response (EDR) tools offer businesses that employ hybrid work models or remote employees an extra layer of cybersecurity protection. Utilizing artificial intelligence (AI) and machine learning (ML),...
More details.

Posted on Fri, 29 Nov 2024 11:19:32 +0000


Free EDR Solutions for Home Users in 2025

EDR can detect and respond to emerging and advanced cyber threats quickly and efficiently, making it an essential component of modern business ecosystems. Beyond signature-based detection capabilities, its features go...
More details.

Posted on Tue, 26 Nov 2024 07:46:59 +0000


Cloud Security Essentials

Cloud security involves employing perimeter defenses like firewalls, IDPSs and VPNs as well as guaranteeing isolation through network segmentation and virtual LANs while monitoring traffic for anomalies and threats –...
More details.

Posted on Mon, 28 Oct 2024 04:57:20 +0000


Antivirus Software

Antivirus software protects devices against viruses, malware, and other cyberthreats by detecting, quarantining, and deleting malicious code. Modern antivirus products also offer additional security features such as password protection, identity...
More details.

Posted on Mon, 28 Oct 2024 02:43:18 +0000


How to Protect Against Ransomware Attacks?

Criminal hackers employ ransomware attacks against their targets by encrypting their data and demanding that a ransom be paid within an allotted timeframe or risk losing it forever. When an... The post How to Protect Against Ransomware Attacks? appeared first on Hacker Combat ...
More details.

Posted on Fri, 25 Oct 2024 03:57:42 +0000


Protecting Your Website From DDoS Attack

Distributed denial-of-service attacks pose an increasing threat to organizations, with even some of the largest firms suffering significant disruptions from such attacks. Attackers use botnets of compromised IoT devices to...
More details.

Posted on Thu, 10 Oct 2024 12:22:16 +0000


A Note on Our Domain Update

Between The Hacks has updated its default domain name to betweenthehacks.com. Everything is still here, but a few links might need attention. Learn more about this update and let us know if you spot any issues...
More details.

Posted on Fri, 04 Apr 2025 14:46:00 +0000


Passkeys: The Beginning of the End for Passwords

Still using passwords? It might be time to move on. Passkeys are a simpler, more secure way to log in—no typing, no phishing, no stress. In this post, I break down how passkeys work, why they matter, and how you can start using them today...
More details.

Posted on Thu, 03 Apr 2025 14:41:00 +0000


I Finally Segmented My Network… by Cutting the Ethernet Cable!

After years of preaching network segmentation, I took it to the next level—by physically disconnecting everything. Scissors, copper mesh, and a rotating SSID script. What could go wrong?
More details.

Posted on Tue, 01 Apr 2025 14:36:55 +0000


Unlimited Access: Every Device on Your Network Can Talk to the Internet

Most home devices can access the entire internet—and often each other. Segmentation helps, but without visibility into what your devices are doing, you’re still exposed.
More details.

Posted on Sun, 30 Mar 2025 20:32:00 +0000


If Troy Hunt Can Fall for Phishing, So Can You

Even cybersecurity experts fall for phishing attacks. When Troy Hunt, creator of Have I Been Pwned, clicked a malicious link and entered his credentials, it was a wake-up call for all of us. In this post, we break down what happened, why today’s phishing is more convincing than ever, and what you can do to protect yourself...
More details.

Posted on Fri, 28 Mar 2025 17:34:13 +0000


AI Magic: My Blog, LinkedIn, and a 7-Minute Podcast!

So, here’s something that blew my mind: I decided to test Google’s NotebookLM AI tool. I casually uploaded the URLs for my LinkedIn page and my blog, not expecting much more than a basic summary...
More details.

Posted on Mon, 30 Sep 2024 17:01:00 +0000


How I Introduced the Cybersecurity World to a Cold War Hero

If you told me a year ago that I would meet a cold war hero at a birthday party, I wouldn’t have believed you. And I would be even more skeptical if you told me she would be an unintimidating, approachable music professor with an infectious smile...
More details.

Posted on Thu, 30 Jun 2022 00:39:31 +0000


log4shell

UPDATED December 16, 2021 If you are reading this, you likely have heard about Log4Shell, the December, 2021 critical zero-day remote-code execution vulnerability in the popular Log4j software library that is developed and maintained by the Apache Software Foundation...
More details.

Posted on Tue, 14 Dec 2021 18:56:34 +0000


Hacking Humble Bundle

Last year, Humble Bundle teamed up with the great tech publisher, No Starch Press, to offer deeply discounted hacking ebooks for as little as one dollar with the Hacking 101 By No Starch Press Humble Bundle of ebooks...
More details.

Posted on Tue, 30 Nov 2021 17:11:00 +0000


Cybersecurity Awareness Month 2021

October is Cybersecurity Awareness Month and Breast Cancer Awareness Month. Since this is a cybersecurity blog, we will focus on cybersecurity but let’s take a moment to talk about the important topic of breast cancer...
More details.

Posted on Fri, 01 Oct 2021 16:58:53 +0000


Colonial Pipeline: Lessons Learned

The Colonial Pipeline ransomware attack took down the largest fuel pipeline in the United States and resulted in consumer hoarding of fuel and a short-term shortage of gasoline on the east coast of the U...
More details.

Posted on Fri, 04 Jun 2021 21:23:00 +0000


President Biden's Cybersecurity Executive Order

Aiming to improve cybersecurity in the United States, President Biden signed an executive order (EO) on May 12, 2021. Although the EO focuses on U.S. federal departments’ and agencies’ cybersecurity, it will likely result in standards that will change the way the private sector manages cybersecurity within the United States and globally...
More details.

Posted on Fri, 28 May 2021 19:08:00 +0000


World Password Day - May 6, 2021

It’s World Password Day! Are your passwords strong enough? Do you have a long, unique password for every account? Do you use multi-factor authentication where available? If you answered, “no”...
More details.

Posted on Thu, 06 May 2021 13:30:00 +0000


Facebook Leak Leads To Smishing

I have always considered myself pretty lucky in that I rarely receive fraudulent text messages. That luck recently ran out. Over the past few weeks I have noticed an uptick in the number of SMS phishing (smishing) messages that I receive on my phone...
More details.

Posted on Mon, 05 Apr 2021 14:42:00 +0000


2021 Cybersecurity Report Roundup

Annual cybersecurity reports are a rich resource of statistics and information for cybersecurity professionals, academics, journalists and anyone who is interested in cybersecurity. Below is a categorized...
More details.

Posted on Fri, 02 Apr 2021 12:27:00 +0000


2021 Top Cybersecurity Leaders

The March 2021 issue of Security magazine, partnering with (ISC)2, featured their inaugural list of the Top Cybersecurity Leaders for 2021. As the author of this blog, I am both humbled and honored, to not only be part of the inaugural team, but also to be recognized with these accomplished cybersecurity professionals...
More details.

Posted on Sun, 07 Mar 2021 19:54:37 +0000


ILoveYou.txt.vbs

Since today is known for love, let’s look back 21 years to one of the more destructive, costly and famous viruses in history. The “ILoveYou” worm, also known as the “Love Bug” or “Love Letter For You” infected more than ten million Windows computers, beginning on May 5, 2000...
More details.

Posted on Sun, 14 Feb 2021 19:36:17 +0000


Safer Internet Day 2021

Tuesday, February 9th, 2021, marks the 18th edition of Safer Internet Day with the theme "Together for a better Internet." Safer Internet Day (SID) started as an EU SafeBorders project in 2004 and is now celebrated in approximately 170 countries worldwide...
More details.

Posted on Tue, 09 Feb 2021 16:00:00 +0000


Happy New Year!

2020 was a difficult year and Between The Hacks wants to congratulate everyone who pulled through the challenges. We have all lived through a year that delivered a global pandemic, civil unrest, and...
More details.

Posted on Thu, 31 Dec 2020 20:58:00 +0000


Merry Christmas & Happy Holidays

Merry Christmas and Happy Holidays from Between The Hacks! Whether you celebrate Christmas, Hanukkah, Kwanza or Festivus, we hope you and your family are doing well, staying healthy and surviving 20...
More details.

Posted on Fri, 25 Dec 2020 02:51:00 +0000


Safeguarding the Backbone of the Global Economy: OT/ICS Security in the Oil and Gas Industry

The oil and gas industry is an essential pillar of the global economy, enabling energy production, transportation, and storage that fuel every aspect of modern life. At the core of these operations lie Operational Technology (OT) and Industrial Control Systems (ICS), critical systems responsible for monitoring and controlling key industrial processes...
More details.

Posted on Sun, 12 Jan 2025 09:37:30 +0000


Detailed Guide to SOAR and SIEM

What Is SOAR? SOAR stands for Security Orchestration, Automation, and Response. It’s a cybersecurity tool designed to simplify and enhance the efficiency of IT teams by automating responses to various security threats...
More details.

Posted on Sun, 12 Jan 2025 09:20:49 +0000


What is a cyberattack?

What is a cyberattack? Cyberattacks aim to damage or gain control or access to important documents and systems within a business or personal computer network. Cyberattacks are distributed by individuals or organizations for political, criminal, or personal intentions to destroy or gain access to classified information...
More details.

Posted on Wed, 30 Oct 2024 04:02:41 +0000


What is SIEM ?

Security information and event management, SIEM for short, is a solution that helps organizations detect, analyze, and respond to security threats before they harm business operations. SIEM, pronounced “sim,” combines both security information management (SIM) and security event management (SEM) into one security management system...
More details.

Posted on Tue, 29 Oct 2024 08:06:47 +0000


Cyber Security Operation Center Guidelines for best practices SOC Design

Cyber Security is become most needed services for all business and industries in 2024. Every business is concerned about Cyber Security. Security operations (SecOps) leaders face a multifaceted challenge:...
More details.

Posted on Tue, 30 Jan 2024 16:32:57 +0000


HOW TO BECOME CERTIFIED LEAD IMPLEMENTER – ISO 27001

ABOUT CERTIFIED LEAD IMPLEMENTER TRAINING AND EXAMINATION FOR INFORMATION SECURITY MANAGEMENT SYSTEM ISO / IEC 27001 Learn and get certified as a professional in implementation of ISO 27001 standard through our self-paced E-learning interactive course which comprises of 4 modules...
More details.

Posted on Thu, 26 Jan 2023 11:21:59 +0000


YouTube disrupted in Pakistan as former PM Imran Khan streams speech

NetBlocks metrics confirm the disruption of YouTube on multiple internet providers in Pakistan on Sunday 21 August 2022. The disruption comes as former Prime Minister Imran Khan makes a live broadcast to the public, despite a ban issued by the Pakistan Electronic Media Regulatory Authority (PEMRA)...
More details.

Posted on Mon, 22 Aug 2022 05:04:16 +0000


Recommendations for Parents about Cyber Bullying

Here are some dedicated tips for keeping younger children safe online. One of these training tips goes into the risks of young children on the Internet, covers cyber bullying and other risky Internet behavior...
More details.

Posted on Wed, 20 Oct 2021 06:36:27 +0000


WhatsApp, Facebook, Instagram server down in Pakistan?

Facebook-owned social media platforms, WhatsApp, Facebook, and Instagram are facing a worldwide outage, according to Downdetector, which offers real-time status and outage information for all kinds of services...
More details.

Posted on Mon, 04 Oct 2021 17:32:57 +0000


Cloudflare reports record-breaking HTTP-request DDoS attack

Cloudflare reports thwarting the largest known HTTP-request distributed denial of service attack in history, approximately three times larger than any other previously reported. The attack in July reached 17...
More details.

Posted on Sun, 22 Aug 2021 19:26:02 +0000


-

What we do and what we offer.

About penetration tests and about our news.


Our certificates:

(ISC)2
CISSP
Offensive Security
OSCP
ISACA
CISA
CISM
Microsoft
PECB
LPTP
Qualys
PECB
LPTP
BSI
LPTP
BSI

Наши партнёры, ИБ и ИТ компании Киев, Украина, мир:

Qualys
IBM
Tenable
Microsoft
AWS
ENX
Ernst&Young
KPMG
PriceWater­HouseCoopers
Deloitte
Buro Veritas
Underdefense
Hacken
Infosafe
10Guards
RMRF
Softseq
AAA auditagency
Berezha Security
Protectmaster
IT спеціаліст