DERUUA

Latest news about information security vulnerabilities, threats, incidents and events

information security incidents

Prevention of security vulnerabilities, threats, and incidents described below is wiser and cheaper than forensic investigations and mitigation of the consequences of a cyber-attack.

You can get evidence of this fact from the news below.

Use our services to find and mitigate your security vulnerabilities before the security threat agents find them.




-
-
New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now

Two security vulnerabilities have been discovered in the OpenSSH secure networking utility suite that, if successfully exploited, could result in an active machine-in-the-middle (MitM) and a denial-of-service (DoS) attack, respectively, under certain conditions...
More details.

Posted on Tue, 18 Feb 2025 21:04:00 +0530


Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks

The Chinese state-sponsored threat actor known as Mustang Panda has been observed employing a novel technique to evade detection and maintain control over infected systems. This involves the use of a legitimate Microsoft Windows utility called Microsoft Application Virtualization Injector (MAVInject...
More details.

Posted on Tue, 18 Feb 2025 20:39:00 +0530


New FrigidStealer Malware Targets macOS Users via Fake Browser Updates

Cybersecurity researchers are alerting to a new campaign that leverages web injects to deliver a new Apple macOS malware known as FrigidStealer. The activity has been attributed to a previously undocumented threat actor known as TA2727, with the information stealers for other platforms such as Windows (Lumma Stealer or DeerStealer) and Android (Marcher)...
More details.

Posted on Tue, 18 Feb 2025 18:30:00 +0530


Debunking the AI Hype: Inside Real Hacker Tactics

Is AI really reshaping the cyber threat landscape, or is the constant drumbeat of hype drowning out actual, more tangible, real-world dangers? According to Picus Labs’ Red Report 2025 which analyzed over one million malware samples, there's been no significant surge, so far, in AI-driven attacks...
More details.

Posted on Tue, 18 Feb 2025 17:50:00 +0530


Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication

Juniper Networks has released security updates to address a critical security flaw impacting Session Smart Router, Session Smart Conductor, and WAN Assurance Router products that could be exploited to hijack control of susceptible devices...
More details.

Posted on Tue, 18 Feb 2025 17:48:00 +0530


Winnti APT41 Targets Japanese Firms in RevivalStone Cyber Espionage Campaign

The China-linked threat actor known as Winnti has been attributed to a new campaign dubbed RevivalStone that targeted Japanese companies in the manufacturing, materials, and energy sectors in March 2024...
More details.

Posted on Tue, 18 Feb 2025 15:22:00 +0530


New Xerox Printer Flaws Could Let Attackers Capture Windows Active Directory Credentials

Security vulnerabilities have been disclosed in Xerox VersaLink C7025 Multifunction printers (MFPs) that could allow attackers to capture authentication credentials via pass-back attacks via Lightweight Directory Access Protocol (LDAP) and SMB/FTP services...
More details.

Posted on Tue, 18 Feb 2025 12:34:00 +0530


Cybercriminals Exploit Onerror Event in Image Tags to Deploy Payment Skimmers

Cybersecurity researchers have flagged a credit card stealing malware campaign that has been observed targeting e-commerce sites running Magento by disguising the malicious content within image tags in HTML code in order to stay under the radar...
More details.

Posted on Tue, 18 Feb 2025 10:56:00 +0530


Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics

Microsoft said it has discovered a new variant of a known Apple macOS malware called XCSSET as part of limited attacks in the wild. "Its first known variant since 2022, this latest XCSSET malware features enhanced obfuscation methods, updated persistence mechanisms, and new infection strategies," the Microsoft Threat Intelligence team said in a post shared on X...
More details.

Posted on Mon, 17 Feb 2025 22:00:00 +0530


South Korea Suspends DeepSeek AI Downloads Over Privacy Violations

South Korea has formally suspended new downloads of Chinese artificial intelligence (AI) chatbot DeepSeek in the country until the service makes changes to its mobile apps to comply with data protection regulations...
More details.

Posted on Mon, 17 Feb 2025 17:06:00 +0530


CISO's Expert Guide To CTEM And Why It Matters

Cyber threats evolve—has your defense strategy kept up? A new free guide available here explains why Continuous Threat Exposure Management (CTEM) is the smart approach for proactive cybersecurity...
More details.

Posted on Mon, 17 Feb 2025 16:30:00 +0530


⚡ THN Weekly Recap: Google Secrets Stolen, Windows Hack, New Crypto Scams and More

Welcome to this week’s Cybersecurity News Recap. Discover how cyber attackers are using clever tricks like fake codes and sneaky emails to gain access to sensitive data. We cover everything from device code phishing to cloud exploits, breaking down the technical details into simple, easy-to-follow insights...
More details.

Posted on Mon, 17 Feb 2025 14:49:00 +0530


New Golang-Based Backdoor Uses Telegram Bot API for Evasive C2 Operations

Cybersecurity researchers have shed light on a new Golang-based backdoor that uses Telegram as a mechanism for command-and-control (C2) communications. Netskope Threat Labs, which detailed the functions of the malware, described it as possibly of Russian origin...
More details.

Posted on Mon, 17 Feb 2025 14:34:00 +0530


Android's New Feature Blocks Fraudsters from Sideloading Apps During Calls

Google is working on a new security feature for Android that blocks device owners from changing sensitive settings when a phone call is in progress. Specifically, the in-call anti-scammer protections include preventing users from turning on settings to install apps from unknown sources and granting accessibility access...
More details.

Posted on Sat, 15 Feb 2025 15:56:00 +0530


New “whoAMI” Attack Exploits AWS AMI Name Confusion for Remote Code Execution

Cybersecurity researchers have disclosed a new type of name confusion attack called whoAMI that allows anyone who publishes an Amazon Machine Image (AMI) with a specific name to gain code execution within the Amazon Web Services (AWS) account...
More details.

Posted on Sat, 15 Feb 2025 00:12:00 +0530


Lazarus Group Deploys Marstech1 JavaScript Implant in Targeted Developer Attacks

The North Korean threat actor known as the Lazarus Group has been linked to a previously undocumented JavaScript implant named Marstech1 as part of limited targeted attacks against developers. The active...
More details.

Posted on Fri, 14 Feb 2025 23:58:00 +0530


AI-Powered Social Engineering: Ancillary Tools and Techniques

Social engineering is advancing fast, at the speed of generative AI. This is offering bad actors multiple new tools and techniques for researching, scoping, and exploiting organizations. In a recent communication, the FBI pointed out: ‘As technology continues to evolve, so do cybercriminals' tactics...
More details.

Posted on Fri, 14 Feb 2025 16:30:00 +0530


Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts

Microsoft is calling attention to an emerging threat cluster it calls Storm-2372 that has been attributed to a new set of cyber attacks aimed at a variety of sectors since August 2024. The attacks have...
More details.

Posted on Fri, 14 Feb 2025 15:57:00 +0530


RansomHub Becomes 2024’s Top Ransomware Group, Hitting 600+ Organizations Globally

The threat actors behind the RansomHub ransomware-as-a-service (RaaS) scheme have been observed leveraging now-patched security flaws in Microsoft Active Directory and the Netlogon protocol to escalate privileges and gain unauthorized access to a victim network's domain controller as part of their post-compromise strategy...
More details.

Posted on Fri, 14 Feb 2025 15:47:00 +0530


PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks

Threat actors who were behind the exploitation of a zero-day vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products in December 2024 likely also exploited a previously unknown SQL injection flaw in PostgreSQL, according to findings from Rapid7...
More details.

Posted on Fri, 14 Feb 2025 10:33:00 +0530


Hackers Use CAPTCHA Trick on Webflow CDN PDFs to Bypass Security Scanners

A widespread phishing campaign has been observed leveraging bogus PDF documents hosted on the Webflow content delivery network (CDN) with an aim to steal credit card information and commit financial fraud...
More details.

Posted on Thu, 13 Feb 2025 20:43:00 +0530


North Korean APT43 Uses PowerShell and Dropbox in Targeted South Korea Cyberattacks

A nation-state threat actor with ties to North Korea has been linked to an ongoing campaign targeting South Korean business, government, and cryptocurrency sectors. The attack campaign, dubbed DEEP#DRIVE...
More details.

Posted on Thu, 13 Feb 2025 19:56:00 +0530


Fast Deployments, Secure Code: Watch this Learn to Sync Dev and Sec Teams

Ever felt like your team is stuck in a constant battle? Developers rush to add new features, while security folks worry about vulnerabilities. What if you could bring both sides together without sacrificing one for the other? We invite you to our upcoming webinar, "Opening the Fast Lane for Secure Deployments...
More details.

Posted on Thu, 13 Feb 2025 17:55:00 +0530


RA World Ransomware Attack in South Asia Links to Chinese Espionage Toolset

An RA World ransomware attack in November 2024 targeting an unnamed Asian software and services company involved the use of a malicious tool exclusively used by China-based cyber espionage groups, raising the possibility that the threat actor may be moonlighting as a ransomware player in an individual capacity...
More details.

Posted on Thu, 13 Feb 2025 17:28:00 +0530


AI and Security - A New Puzzle to Figure Out

AI is everywhere now, transforming how businesses operate and how users engage with apps, devices, and services. A lot of applications now have some Artificial Intelligence inside, whether supporting a chat interface, intelligently analyzing data or matching user preferences...
More details.

Posted on Thu, 13 Feb 2025 16:30:00 +0530


Palo Alto Networks Patches Authentication Bypass Exploit in PAN-OS Software

Palo Alto Networks has addressed a high-severity security flaw in its PAN-OS software that could result in an authentication bypass. The vulnerability, tracked as CVE-2025-0108, carries a CVSS score of 7...
More details.

Posted on Thu, 13 Feb 2025 15:09:00 +0530


FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux

Threat hunters have shed light on a new campaign targeting the foreign ministry of an unnamed South American nation with bespoke malware capable of granting remote access to infected hosts. The activity, detected in November 2024, has been attributed by Elastic Security Labs to a threat cluster it tracks as REF7707...
More details.

Posted on Thu, 13 Feb 2025 14:41:00 +0530


Microsoft Uncovers Sandworm Subgroup's Global Cyber Attacks Spanning 15+ Countries

A subgroup within the infamous Russian state-sponsored hacking group known as Sandworm has been attributed to a multi-year initial access operation dubbed BadPilot that stretched across the globe. "This...
More details.

Posted on Wed, 12 Feb 2025 22:32:00 +0530


Researchers Find New Exploit Bypassing Patched NVIDIA Container Toolkit Vulnerability

Cybersecurity researchers have discovered a bypass for a now-patched security vulnerability in the NVIDIA Container Toolkit that could be exploited to break out of a container's isolation protections and gain complete access to the underlying host...
More details.

Posted on Wed, 12 Feb 2025 19:34:00 +0530


How to Steer AI Adoption: A CISO Guide

CISOs are finding themselves more involved in AI teams, often leading the cross-functional effort and AI strategy. But there aren’t many resources to guide them on what their role should look like or what they should bring to these meetings...
More details.

Posted on Wed, 12 Feb 2025 16:50:00 +0530


North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack

The North Korea-linked threat actor known as Kimsuky has been observed using a new tactic that involves deceiving targets into running PowerShell as an administrator and then instructing them to paste and run malicious code provided by them...
More details.

Posted on Wed, 12 Feb 2025 16:13:00 +0530


Microsoft’s Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation

Microsoft on Tuesday released fixes for 63 security flaws impacting its software products, including two vulnerabilities that it said has come under active exploitation in the wild. Of the 63 vulnerabilities, three are rated Critical, 57 are rated Important, one is rated Moderate, and two are rated Low in severity...
More details.

Posted on Wed, 12 Feb 2025 15:08:00 +0530


Ivanti Patches Critical Flaws in Connect Secure and Policy Secure – Update Now

Ivanti has released security updates to address multiple security flaws impacting Connect Secure (ICS), Policy Secure (IPS), and Cloud Services Application (CSA) that could be exploited to achieve arbitrary code execution...
More details.

Posted on Wed, 12 Feb 2025 11:27:00 +0530


Google Confirms Android SafetyCore Enables AI-Powered On-Device Content Classification

Google has stepped in to clarify that a newly introduced Android System SafetyCore app does not perform any client-side scanning of content. "Android provides many on-device protections that safeguard...
More details.

Posted on Tue, 11 Feb 2025 20:43:00 +0530


4 Ways to Keep MFA From Becoming too Much of a Good Thing

Multi-factor authentication (MFA) has quickly become the standard for securing business accounts. Once a niche security measure, adoption is on the rise across industries. But while it’s undeniably effective at keeping bad actors out, the implementation of MFA solutions can be a tangled mess of competing designs and ideas...
More details.

Posted on Tue, 11 Feb 2025 19:00:00 +0530


Progress Software Patches High-Severity LoadMaster Flaws Affecting Multiple Versions

Progress Software has addressed multiple high-severity security flaws in its LoadMaster software that could be exploited by malicious actors to execute arbitrary system commands or download any file from the system...
More details.

Posted on Tue, 11 Feb 2025 17:22:00 +0530


Gcore DDoS Radar Reveals 56% YoY Increase in DDoS Attacks

Gcore’s latest DDoS Radar report analyzes attack data from Q3–Q4 2024, revealing a 56% YoY rise in the total number of DDoS attacks with the largest attack peaking at a record 2 Tbps. The financial services sector saw the most dramatic increase, with a 117% rise in attacks, while gaming remained the most-targeted industry...
More details.

Posted on Tue, 11 Feb 2025 16:55:00 +0530


Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update

Apple on Monday released out-of-band security updates to address a security flaw in iOS and iPadOS that it said has been exploited in the wild. Assigned the CVE identifier CVE-2025-24200 (CVSS score: 4...
More details.

Posted on Tue, 11 Feb 2025 16:46:00 +0530


Protecting Your Software Supply Chain: Assessing the Risks Before Deployment

Imagine you're considering a new car for your family. Before making a purchase, you evaluate its safety ratings, fuel efficiency, and reliability. You might even take it for a test drive to ensure it meets your needs...
More details.

Posted on Tue, 11 Feb 2025 15:37:00 +0530


Threat Actors Exploit ClickFix to Deploy NetSupport RAT in Latest Cyber Attacks

Threat actors have observed the increasingly common ClickFix technique to deliver a remote access trojan named NetSupport RAT since early January 2025. NetSupport RAT, typically propagated via bogus websites...
More details.

Posted on Tue, 11 Feb 2025 15:25:00 +0530


FBI, Europol, and NCA Take Down 8Base Ransomware Data Leak and Negotiation Sites

Source: The Nation A coordinated law enforcement operation has taken down the dark web data leak and negotiation sites associated with the 8Base ransomware gang. Visitors to the data leak site are now...
More details.

Posted on Tue, 11 Feb 2025 12:33:00 +0530


Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores

Threat actors have been observed leveraging Google Tag Manager (GTM) to deliver credit card skimmer malware targeting Magento-based e-commerce websites. Website security company Sucuri said the code, while...
More details.

Posted on Mon, 10 Feb 2025 20:46:00 +0530


⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [10 February]

In cybersecurity, the smallest crack can lead to the biggest breaches. A leaked encryption key, an unpatched software bug, or an abandoned cloud storage bucket—each one seems minor until it becomes the entry point for an attack...
More details.

Posted on Mon, 10 Feb 2025 17:43:00 +0530


Don't Overlook These 6 Critical Okta Security Configurations

Given Okta's role as a critical part of identity infrastructure, strengthening Okta security is essential. This article covers six key Okta security settings that provide a strong starting point, along with recommendations for implementing continuous monitoring of your Okta security posture...
More details.

Posted on Mon, 10 Feb 2025 16:30:00 +0530


DragonRank Exploits IIS Servers with BadIIS Malware for SEO Fraud and Gambling Redirects

Threat actors have been observed targeting Internet Information Services (IIS) servers in Asia as part of a search engine optimization (SEO) manipulation campaign designed to install BadIIS malware. "It...
More details.

Posted on Mon, 10 Feb 2025 15:14:00 +0530


Zimbra Releases Security Updates for SQL Injection, Stored XSS, and SSRF Vulnerabilities

Zimbra has released software updates to address critical security flaws in its Collaboration software that, if successfully exploited, could result in information disclosure under certain conditions. The vulnerability, tracked as CVE-2025-25064, carries a CVSS score of 9...
More details.

Posted on Mon, 10 Feb 2025 14:39:00 +0530


XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells

Threat actors have been observed exploiting multiple security flaws in various software products, including Progress Telerik UI for ASP.NET AJAX and Advantive VeraCore, to drop reverse shells and web shells, and maintain persistent remote access to compromised systems...
More details.

Posted on Mon, 10 Feb 2025 10:44:00 +0530


Malicious ML Models on Hugging Face Leverage Broken Pickle Format to Evade Detection

Cybersecurity researchers have uncovered two malicious machine learning (ML) models on Hugging Face that leveraged an unusual technique of "broken" pickle files to evade detection. "The pickle files extracted from the mentioned PyTorch archives revealed the malicious Python content at the beginning of the file," ReversingLabs researcher Karlo Zanki said in a report shared with The Hacker News...
More details.

Posted on Sat, 08 Feb 2025 11:47:00 +0530


DeepSeek App Transmits Sensitive User and Device Data Without Encryption

A new audit of DeepSeek's mobile app for the Apple iOS operating system has found glaring security issues, the foremost being that it sends sensitive data over the internet sans any encryption, exposing it to interception and manipulation attacks...
More details.

Posted on Fri, 07 Feb 2025 20:28:00 +0530


CISA Warns of Active Exploits Targeting Trimble Cityworks Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that a security flaw impacting Trimble Cityworks GIS-centric asset management software has come under active exploitation in the wild...
More details.

Posted on Fri, 07 Feb 2025 18:22:00 +0530


Student Loan Breach Exposes 2.5M Records

2.5 million people were affected, in a breach that could spell more trouble down the line.
More details.

Posted on Wed, 31 Aug 2022 12:57:48 +0000


Watering Hole Attacks Push ScanBox Keylogger

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
More details.

Posted on Tue, 30 Aug 2022 16:00:43 +0000


Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.
More details.

Posted on Mon, 29 Aug 2022 14:56:19 +0000


Ransomware Attacks are on the Rise

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.
More details.

Posted on Fri, 26 Aug 2022 16:44:27 +0000


Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.
More details.

Posted on Thu, 25 Aug 2022 18:47:15 +0000


Twitter Whistleblower Complaint: The TL;DR Version

Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.
More details.

Posted on Wed, 24 Aug 2022 14:17:04 +0000


Firewall Bug Under Active Attack Triggers CISA Warning

CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.
More details.

Posted on Tue, 23 Aug 2022 13:19:58 +0000


Fake Reservation Links Prey on Weary Travelers

Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels.
More details.

Posted on Mon, 22 Aug 2022 13:59:06 +0000


iPhone Users Urged to Update to Patch 2 Zero-Days

Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack.
More details.

Posted on Fri, 19 Aug 2022 15:25:56 +0000


Google Patches Chrome’s Fifth Zero-Day of the Year

An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.
More details.

Posted on Thu, 18 Aug 2022 14:31:38 +0000


Ways to Mitigate Risk in Cybersecurity: Cybersecurity Risk Management

Cyber threats can wreak havoc on businesses, from data breaches to loss of reputation. Luckily, there are effective strategies available that can reduce cybersecurity risk. Avoidance is one of the... The post Ways to Mitigate Risk in Cybersecurity: Cybersecurity Risk Management appeared first on Hacker Combat ...
More details.

Posted on Fri, 13 Dec 2024 12:04:08 +0000


Zero Trust Architecture 

Zero trust security takes an “never trust, always verify” approach to access control. Access is only granted once an individual’s identity and context have been confirmed through multifactor authentication and...
More details.

Posted on Mon, 02 Dec 2024 10:43:16 +0000


What Is a Security Operations Center (SOC)?

A Security Operations Center (SOC) specializes in monitoring and analyzing data to detect cyber threats and prevent attacks from them. They work to sort actual threats from false positives before... The post What Is a Security Operations Center (SOC)? appeared first on Hacker Combat ...
More details.

Posted on Mon, 02 Dec 2024 07:51:03 +0000


XDR vs SIEM Security Information and Event Management

The Extended Detection and Response Platform (XDR) ingestion and correlation technology captures and correlates high-fidelity data across your security layers, such as endpoint, network, logs, cloud services and identities to...
More details.

Posted on Fri, 29 Nov 2024 12:53:23 +0000


Best Free EDR for Windows PC

Endpoint detection and response (EDR) tools offer businesses that employ hybrid work models or remote employees an extra layer of cybersecurity protection. Utilizing artificial intelligence (AI) and machine learning (ML),...
More details.

Posted on Fri, 29 Nov 2024 11:19:32 +0000


Free EDR Solutions for Home Users in 2025

EDR can detect and respond to emerging and advanced cyber threats quickly and efficiently, making it an essential component of modern business ecosystems. Beyond signature-based detection capabilities, its features go...
More details.

Posted on Tue, 26 Nov 2024 07:46:59 +0000


Cloud Security Essentials

Cloud security involves employing perimeter defenses like firewalls, IDPSs and VPNs as well as guaranteeing isolation through network segmentation and virtual LANs while monitoring traffic for anomalies and threats –...
More details.

Posted on Mon, 28 Oct 2024 04:57:20 +0000


Antivirus Software

Antivirus software protects devices against viruses, malware, and other cyberthreats by detecting, quarantining, and deleting malicious code. Modern antivirus products also offer additional security features such as password protection, identity...
More details.

Posted on Mon, 28 Oct 2024 02:43:18 +0000


How to Protect Against Ransomware Attacks?

Criminal hackers employ ransomware attacks against their targets by encrypting their data and demanding that a ransom be paid within an allotted timeframe or risk losing it forever. When an... The post How to Protect Against Ransomware Attacks? appeared first on Hacker Combat ...
More details.

Posted on Fri, 25 Oct 2024 03:57:42 +0000


Protecting Your Website From DDoS Attack

Distributed denial-of-service attacks pose an increasing threat to organizations, with even some of the largest firms suffering significant disruptions from such attacks. Attackers use botnets of compromised IoT devices to...
More details.

Posted on Thu, 10 Oct 2024 12:22:16 +0000


AI Magic: My Blog, LinkedIn, and a 7-Minute Podcast!

So, here’s something that blew my mind: I decided to test Google’s NotebookLM AI tool. I casually uploaded the URLs for my LinkedIn page and my blog, not expecting much more than a basic summary...
More details.

Posted on Mon, 30 Sep 2024 17:01:00 +0000


How I Introduced the Cybersecurity World to a Cold War Hero

If you told me a year ago that I would meet a cold war hero at a birthday party, I wouldn’t have believed you. And I would be even more skeptical if you told me she would be an unintimidating, approachable music professor with an infectious smile...
More details.

Posted on Thu, 30 Jun 2022 00:39:31 +0000


log4shell

UPDATED December 16, 2021 If you are reading this, you likely have heard about Log4Shell, the December, 2021 critical zero-day remote-code execution vulnerability in the popular Log4j software library that is developed and maintained by the Apache Software Foundation...
More details.

Posted on Tue, 14 Dec 2021 18:56:34 +0000


Hacking Humble Bundle

Last year, Humble Bundle teamed up with the great tech publisher, No Starch Press, to offer deeply discounted hacking ebooks for as little as one dollar with the Hacking 101 By No Starch Press Humble Bundle of ebooks...
More details.

Posted on Tue, 30 Nov 2021 17:11:00 +0000


Cybersecurity Awareness Month 2021

October is Cybersecurity Awareness Month and Breast Cancer Awareness Month. Since this is a cybersecurity blog, we will focus on cybersecurity but let’s take a moment to talk about the important topic of breast cancer...
More details.

Posted on Fri, 01 Oct 2021 16:58:53 +0000


Colonial Pipeline: Lessons Learned

The Colonial Pipeline ransomware attack took down the largest fuel pipeline in the United States and resulted in consumer hoarding of fuel and a short-term shortage of gasoline on the east coast of the U...
More details.

Posted on Fri, 04 Jun 2021 21:23:00 +0000


President Biden's Cybersecurity Executive Order

Aiming to improve cybersecurity in the United States, President Biden signed an executive order (EO) on May 12, 2021. Although the EO focuses on U.S. federal departments’ and agencies’ cybersecurity, it will likely result in standards that will change the way the private sector manages cybersecurity within the United States and globally...
More details.

Posted on Fri, 28 May 2021 19:08:00 +0000


World Password Day - May 6, 2021

It’s World Password Day! Are your passwords strong enough? Do you have a long, unique password for every account? Do you use multi-factor authentication where available? If you answered, “no”...
More details.

Posted on Thu, 06 May 2021 13:30:00 +0000


Facebook Leak Leads To Smishing

I have always considered myself pretty lucky in that I rarely receive fraudulent text messages. That luck recently ran out. Over the past few weeks I have noticed an uptick in the number of SMS phishing (smishing) messages that I receive on my phone...
More details.

Posted on Mon, 05 Apr 2021 14:42:00 +0000


2021 Cybersecurity Report Roundup

Annual cybersecurity reports are a rich resource of statistics and information for cybersecurity professionals, academics, journalists and anyone who is interested in cybersecurity. Below is a categorized...
More details.

Posted on Fri, 02 Apr 2021 12:27:00 +0000


2021 Top Cybersecurity Leaders

The March 2021 issue of Security magazine, partnering with (ISC)2, featured their inaugural list of the Top Cybersecurity Leaders for 2021. As the author of this blog, I am both humbled and honored, to not only be part of the inaugural team, but also to be recognized with these accomplished cybersecurity professionals...
More details.

Posted on Sun, 07 Mar 2021 19:54:37 +0000


ILoveYou.txt.vbs

Since today is known for love, let’s look back 21 years to one of the more destructive, costly and famous viruses in history. The “ILoveYou” worm, also known as the “Love Bug” or “Love Letter For You” infected more than ten million Windows computers, beginning on May 5, 2000...
More details.

Posted on Sun, 14 Feb 2021 19:36:17 +0000


Safer Internet Day 2021

Tuesday, February 9th, 2021, marks the 18th edition of Safer Internet Day with the theme "Together for a better Internet." Safer Internet Day (SID) started as an EU SafeBorders project in 2004 and is now celebrated in approximately 170 countries worldwide...
More details.

Posted on Tue, 09 Feb 2021 16:00:00 +0000


Happy New Year!

2020 was a difficult year and Between The Hacks wants to congratulate everyone who pulled through the challenges. We have all lived through a year that delivered a global pandemic, civil unrest, and...
More details.

Posted on Thu, 31 Dec 2020 20:58:00 +0000


Merry Christmas & Happy Holidays

Merry Christmas and Happy Holidays from Between The Hacks! Whether you celebrate Christmas, Hanukkah, Kwanza or Festivus, we hope you and your family are doing well, staying healthy and surviving 20...
More details.

Posted on Fri, 25 Dec 2020 02:51:00 +0000


BTH News 20December2020

This week on Between The Hacks: The SolarWinds hack explained in plain English, D-Link router vulnerabilities, Google explains their global outage, 28 malware-infected browser extensions and cybercrime book for the security enthusiast on your gift list...
More details.

Posted on Sun, 20 Dec 2020 15:20:00 +0000


SolarWinds Hack: The Basics

By now you have probably heard about the SolarWinds supply-chain compromise that has impacted government and businesses all over the world. This story is still unfolding so I won’t try to explain everything in detail, rather, I’ll attempt to explain the situation for the less-technical reader and link to some resources so that you can follow the story...
More details.

Posted on Tue, 15 Dec 2020 16:35:12 +0000


BTH News 13December2020

This week on Between The Hacks: A dental data breach, the U.S. IoT Security Law, a 2020 Microsoft vulnerability report, the final sunset of Adobe Flash, Rebooting by Lisa Forte and the Smashing Security Christmas party...
More details.

Posted on Sun, 13 Dec 2020 21:30:00 +0000


The U.S. IoT Cybersecurity Improvement Act Becomes Law

An important step toward securing the Internet was achieved on December 4, 2020, when President Trump signed an IoT security bill into law. The Internet of Things Cybersecurity Improvement Act of 2020 has been in the works since 2017 and was passed by the U...
More details.

Posted on Wed, 09 Dec 2020 17:53:34 +0000


HACKING 101 Humble Bundle

Now that Black Friday and Cyber Monday are over, you may still be searching for some great deals. If so, you’ll hardly find a better deal than this one. Humble Bundle has teamed up with the great tech publisher, No Starch Press, to offer deeply discounted hacking e-books for as little as one dollar...
More details.

Posted on Tue, 01 Dec 2020 14:57:33 +0000


Safeguarding the Backbone of the Global Economy: OT/ICS Security in the Oil and Gas Industry

The oil and gas industry is an essential pillar of the global economy, enabling energy production, transportation, and storage that fuel every aspect of modern life. At the core of these operations lie Operational Technology (OT) and Industrial Control Systems (ICS), critical systems responsible for monitoring and controlling key industrial processes...
More details.

Posted on Sun, 12 Jan 2025 09:37:30 +0000


Detailed Guide to SOAR and SIEM

What Is SOAR? SOAR stands for Security Orchestration, Automation, and Response. It’s a cybersecurity tool designed to simplify and enhance the efficiency of IT teams by automating responses to various security threats...
More details.

Posted on Sun, 12 Jan 2025 09:20:49 +0000


What is a cyberattack?

What is a cyberattack? Cyberattacks aim to damage or gain control or access to important documents and systems within a business or personal computer network. Cyberattacks are distributed by individuals or organizations for political, criminal, or personal intentions to destroy or gain access to classified information...
More details.

Posted on Wed, 30 Oct 2024 04:02:41 +0000


What is SIEM ?

Security information and event management, SIEM for short, is a solution that helps organizations detect, analyze, and respond to security threats before they harm business operations. SIEM, pronounced “sim,” combines both security information management (SIM) and security event management (SEM) into one security management system...
More details.

Posted on Tue, 29 Oct 2024 08:06:47 +0000


Cyber Security Operation Center Guidelines for best practices SOC Design

Cyber Security is become most needed services for all business and industries in 2024. Every business is concerned about Cyber Security. Security operations (SecOps) leaders face a multifaceted challenge:...
More details.

Posted on Tue, 30 Jan 2024 16:32:57 +0000


HOW TO BECOME CERTIFIED LEAD IMPLEMENTER – ISO 27001

ABOUT CERTIFIED LEAD IMPLEMENTER TRAINING AND EXAMINATION FOR INFORMATION SECURITY MANAGEMENT SYSTEM ISO / IEC 27001 Learn and get certified as a professional in implementation of ISO 27001 standard through our self-paced E-learning interactive course which comprises of 4 modules...
More details.

Posted on Thu, 26 Jan 2023 11:21:59 +0000


YouTube disrupted in Pakistan as former PM Imran Khan streams speech

NetBlocks metrics confirm the disruption of YouTube on multiple internet providers in Pakistan on Sunday 21 August 2022. The disruption comes as former Prime Minister Imran Khan makes a live broadcast to the public, despite a ban issued by the Pakistan Electronic Media Regulatory Authority (PEMRA)...
More details.

Posted on Mon, 22 Aug 2022 05:04:16 +0000


Recommendations for Parents about Cyber Bullying

Here are some dedicated tips for keeping younger children safe online. One of these training tips goes into the risks of young children on the Internet, covers cyber bullying and other risky Internet behavior...
More details.

Posted on Wed, 20 Oct 2021 06:36:27 +0000


WhatsApp, Facebook, Instagram server down in Pakistan?

Facebook-owned social media platforms, WhatsApp, Facebook, and Instagram are facing a worldwide outage, according to Downdetector, which offers real-time status and outage information for all kinds of services...
More details.

Posted on Mon, 04 Oct 2021 17:32:57 +0000


Cloudflare reports record-breaking HTTP-request DDoS attack

Cloudflare reports thwarting the largest known HTTP-request distributed denial of service attack in history, approximately three times larger than any other previously reported. The attack in July reached 17...
More details.

Posted on Sun, 22 Aug 2021 19:26:02 +0000


-

What we do and what we offer.

About penetration tests and about our news.


Our certificates:

(ISC)2
CISSP
Offensive Security
OSCP
ISACA
CISA
CISM
Microsoft
PECB
LPTP
Qualys
PECB
LPTP
BSI
LPTP
BSI