DERUUA

Latest news about information security vulnerabilities, threats, incidents and events

information security incidents

Prevention of security vulnerabilities, threats, and incidents described below is wiser and cheaper than forensic investigations and mitigation of the consequences of a cyber-attack.

You can get evidence of this fact from the news below.

Use our services to find and mitigate your security vulnerabilities before the security threat agents find them.




-
-
Hackers Use TikTok Videos to Distribute Vidar and StealC Malware via ClickFix Technique

The malware known as Latrodectus has become the latest to embrace the widely-used social engineering technique called ClickFix as a distribution vector. "The ClickFix technique is particularly risky because it allows the malware to execute in memory rather than being written to disk," Expel said in a report shared with The Hacker News...
More details.

Posted on Fri, 23 May 2025 22:54:00 +0530


ViciousTrap Uses Cisco Flaw to Build Global Honeypot from 5,300 Compromised Devices

Cybersecurity researchers have disclosed that a threat actor codenamed ViciousTrap has compromised nearly 5,300 unique network edge devices across 84 countries and turned them into a honeypot-like network...
More details.

Posted on Fri, 23 May 2025 18:19:00 +0530


300 Servers and €3.5M Seized as Europol Strikes Ransomware Networks Worldwide

As part of the latest "season" of Operation Endgame, a coalition of law enforcement agencies have taken down about 300 servers worldwide, neutralized 650 domains, and issued arrest warrants against 20 targets...
More details.

Posted on Fri, 23 May 2025 16:15:00 +0530


SafeLine WAF: Open Source Web Application Firewall with Zero-Day Detection and Bot Protection

From zero-day exploits to large-scale bot attacks — the demand for a powerful, self-hosted, and user-friendly web application security solution has never been greater. SafeLine is currently the most starred open-source Web Application Firewall (WAF) on GitHub, with over 16...
More details.

Posted on Fri, 23 May 2025 16:00:00 +0530


U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime Operation

The U.S. Department of Justice (DoJ) on Thursday announced the disruption of the online infrastructure associated with DanaBot (aka DanaTools) and unsealed charges against 16 individuals for their alleged involvement in the development and deployment of the malware, which it said was controlled by a Russia-based cybercrime organization...
More details.

Posted on Fri, 23 May 2025 12:33:00 +0530


CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud Misconfigs

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday revealed that Commvault is monitoring cyber threat activity targeting applications hosted in their Microsoft Azure cloud environment...
More details.

Posted on Fri, 23 May 2025 10:46:00 +0530


GitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden Prompts

Cybersecurity researchers have discovered an indirect prompt injection flaw in GitLab's artificial intelligence (AI) assistant Duo that could have allowed attackers to steal source code and inject untrusted HTML into its responses, which could then be used to direct victims to malicious websites...
More details.

Posted on Fri, 23 May 2025 10:04:00 +0530


Chinese Hackers Exploit Trimble Cityworks Flaw to Infiltrate U.S. Government Networks

A Chinese-speaking threat actor tracked as UAT-6382 has been linked to the exploitation of a now-patched remote-code-execution vulnerability in Trimble Cityworks to deliver Cobalt Strike and VShell. "UAT-6382...
More details.

Posted on Thu, 22 May 2025 20:36:00 +0530


Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise

A privilege escalation flaw has been demonstrated in Windows Server 2025 that makes it possible for attackers to compromise any user in Active Directory (AD). "The attack exploits the delegated Managed...
More details.

Posted on Thu, 22 May 2025 18:05:00 +0530


Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks

A recently patched pair of security flaws affecting Ivanti Endpoint Manager Mobile (EPMM) software has been exploited by a China-nexus threat actor to target a wide range of sectors across Europe, North America, and the Asia-Pacific region...
More details.

Posted on Thu, 22 May 2025 17:37:00 +0530


Webinar: Learn How to Build a Reasonable and Legally Defensible Cybersecurity Program

It’s not enough to be secure. In today’s legal climate, you need to prove it. Whether you’re protecting a small company or managing compliance across a global enterprise, one thing is clear: cybersecurity can no longer be left to guesswork, vague frameworks, or best-effort intentions...
More details.

Posted on Thu, 22 May 2025 16:55:00 +0530


Identity Security Has an Automation Problem—And It's Bigger Than You Think

For many organizations, identity security appears to be under control. On paper, everything checks out. But new research from Cerby, based on insights from over 500 IT and security leaders, reveals a different reality: too much still depends on people—not systems—to function...
More details.

Posted on Thu, 22 May 2025 16:41:00 +0530


Critical Versa Concerto Flaws Let Attackers Escape Docker and Compromise Hosts

Cybersecurity researchers have uncovered multiple critical security vulnerabilities impacting the Versa Concerto network security and SD-WAN orchestration platform that could be exploited to take control of susceptible instances...
More details.

Posted on Thu, 22 May 2025 16:36:00 +0530


FBI and Europol Disrupt Lumma Stealer Malware Network Linked to 10 Million Infections

A sprawling operation undertaken by global law enforcement agencies and a consortium of private sector firms has disrupted the online infrastructure associated with a commodity information stealer known as Lumma (aka LummaC or LummaC2), seizing 2,300 domains that acted as the command-and-control (C2) backbone to commandeer infected Windows systems...
More details.

Posted on Thu, 22 May 2025 13:54:00 +0530


Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid Logistics

Russian cyber threat actors have been attributed to a state-sponsored campaign targeting Western logistics entities and technology companies since 2022. The activity has been assessed to be orchestrated by APT28 (aka BlueDelta, Fancy Bear, or Forest Blizzard), which is linked to the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center, Military Unit 26165...
More details.

Posted on Wed, 21 May 2025 23:36:00 +0530


PureRAT Malware Spikes 4x in 2025, Deploying PureLogs to Target Russian Firms

Russian organizations have become the target of a phishing campaign that distributes malware called PureRAT, according to new findings from Kaspersky. "The campaign aimed at Russian business began back in March 2023, but in the first third of 2025 the number of attacks quadrupled compared to the same period in 2024," the cybersecurity vendor said...
More details.

Posted on Wed, 21 May 2025 18:40:00 +0530


Fake Kling AI Facebook Ads Deliver RAT Malware to Over 22 Million Potential Victims

Counterfeit Facebook pages and sponsored ads on the social media platform are being employed to direct users to fake websites masquerading as Kling AI with the goal of tricking victims into downloading malware...
More details.

Posted on Wed, 21 May 2025 17:45:00 +0530


Securing CI/CD workflows with Wazuh

Continuous Integration and Continuous Delivery/Deployment (CI/CD) refers to practices that automate how code is developed and released to different environments. CI/CD pipelines are fundamental in modern software development, ensuring code is consistently tested, built, and deployed quickly and efficiently...
More details.

Posted on Wed, 21 May 2025 16:55:00 +0530


How to Detect Phishing Attacks Faster: Tycoon2FA Example

It takes just one email to compromise an entire system. A single well-crafted message can bypass filters, trick employees, and give attackers the access they need. Left undetected, these threats can lead to credential theft, unauthorized access, and even full-scale breaches...
More details.

Posted on Wed, 21 May 2025 16:00:00 +0530


Researchers Expose PWA JavaScript Attack That Redirects Users to Adult Scam Apps

Cybersecurity researchers have discovered a new campaign that employs malicious JavaScript injections to redirect site visitors on mobile devices to a Chinese adult-content Progressive Web App (PWA) scam...
More details.

Posted on Wed, 21 May 2025 14:31:00 +0530


Google Chrome's Built-in Manager Lets Users Update Breached Passwords with One Click

Google has announced a new feature in its Chrome browser that lets its built-in Password Manager automatically change a user's password when it detects the credentials to be compromised. "When Chrome detects a compromised password during sign in, Google Password Manager prompts the user with an option to fix it automatically," Google's Ashima Arora, Chirag Desai, and Eiji Kitamura said...
More details.

Posted on Wed, 21 May 2025 12:41:00 +0530


Hazy Hawk Exploits DNS Records to Hijack CDC, Corporate Domains for Malware Delivery

A threat actor known as Hazy Hawk has been observed hijacking abandoned cloud resources of high-profile organizations, including Amazon S3 buckets and Microsoft Azure endpoints, by leveraging misconfigurations in the Domain Name System (DNS) records...
More details.

Posted on Tue, 20 May 2025 21:23:00 +0530


100+ Fake Chrome Extensions Found Hijacking Sessions, Stealing Credentials, Injecting Ads

An unknown threat actor has been attributed to creating several malicious Chrome Browser extensions since February 2024 that masquerade as seemingly benign utilities but incorporate covert functionality to exfiltrate data, receive commands, and execute arbitrary code...
More details.

Posted on Tue, 20 May 2025 20:31:00 +0530


AWS Default IAM Roles Found to Enable Lateral Movement and Cross-Service Exploitation

Cybersecurity researchers have discovered risky default identity and access management (IAM) roles impacting Amazon Web Services that could open the door for attackers to escalate privileges, manipulate other AWS services, and, in some cases, even fully compromise AWS accounts...
More details.

Posted on Tue, 20 May 2025 18:12:00 +0530


The Crowded Battle: Key Insights from the 2025 State of Pentesting Report

In the newly released 2025 State of Pentesting Report, Pentera surveyed 500 CISOs from global enterprises (200 from within the USA) to understand the strategies, tactics, and tools they use to cope with the thousands of security alerts, the persisting breaches and the growing cyber risks they have to handle...
More details.

Posted on Tue, 20 May 2025 16:30:00 +0530


South Asian Ministries Hit by SideWinder APT Using Old Office Flaws and Custom Malware

High-level government institutions in Sri Lanka, Bangladesh, and Pakistan have emerged as the target of a new campaign orchestrated by a threat actor known as SideWinder. "The attackers used spear...
More details.

Posted on Tue, 20 May 2025 16:27:00 +0530


Chinese Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi Organization

Threat hunters have exposed the tactics of a China-aligned threat actor called UnsolicitedBooker that targeted an unnamed international organization in Saudi Arabia with a previously undocumented backdoor dubbed MarsSnake...
More details.

Posted on Tue, 20 May 2025 15:02:00 +0530


Go-Based Malware Deploys XMRig Miner on Linux Hosts via Redis Configuration Abuse

Cybersecurity researchers are calling attention to a new Linux cryptojacking campaign that's targeting publicly accessible Redis servers. The malicious activity has been codenamed RedisRaider by Datadog Security Labs...
More details.

Posted on Tue, 20 May 2025 13:55:00 +0530


Malicious PyPI Packages Exploit Instagram and TikTok APIs to Validate User Accounts

Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index (PyPI) repository that act as checker tools to validate stolen email addresses against TikTok and Instagram APIs...
More details.

Posted on Tue, 20 May 2025 11:19:00 +0530


RVTools Official Site Hacked to Deliver Bumblebee Malware via Trojanized Installer

The official site for RVTools has been hacked to serve a compromised installer for the popular VMware environment reporting utility. "Robware.net and RVTools.com are currently offline. We are working expeditiously to restore service and appreciate your patience," the company said in a statement posted on its website...
More details.

Posted on Mon, 19 May 2025 21:18:00 +0530


Ransomware Gangs Use Skitnet Malware for Stealthy Data Theft and Remote Access

Several ransomware actors are using a malware called Skitnet as part of their post-exploitation efforts to steal sensitive data and establish remote control over compromised hosts. "Skitnet has been sold on underground forums like RAMP since April 2024," Swiss cybersecurity company PRODAFT told The Hacker News...
More details.

Posted on Mon, 19 May 2025 20:08:00 +0530


Why CTEM is the Winning Bet for CISOs in 2025

Continuous Threat Exposure Management (CTEM) has moved from concept to cornerstone, solidifying its role as a strategic enabler for CISOs. No longer a theoretical framework, CTEM now anchors today’s cybersecurity programs by continuously aligning security efforts with real-world risk...
More details.

Posted on Mon, 19 May 2025 16:30:00 +0530


Firefox Patches 2 Zero-Days Exploited at Pwn2Own Berlin with $100K in Rewards

Mozilla has released security updates to address two critical security flaws in its Firefox browser that could be potentially exploited to access sensitive data or achieve code execution. The vulnerabilities,...
More details.

Posted on Mon, 19 May 2025 16:07:00 +0530


⚡ Weekly Recap: Zero-Day Exploits, Insider Threats, APT Targeting, Botnets and More

Cybersecurity leaders aren’t just dealing with attacks—they’re also protecting trust, keeping systems running, and maintaining their organization’s reputation. This week’s developments highlight a bigger issue: as we rely more on digital tools, hidden weaknesses can quietly grow...
More details.

Posted on Mon, 19 May 2025 15:30:00 +0530


[Webinar] From Code to Cloud to SOC: Learn a Smarter Way to Defend Modern Applications

Modern apps move fast—faster than most security teams can keep up. As businesses rush to build in the cloud, security often lags behind. Teams scan code in isolation, react late to cloud threats, and monitor SOC alerts only after damage is done...
More details.

Posted on Sat, 17 May 2025 09:37:00 +0530


New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech Sectors

Cybersecurity researchers are calling attention to a new botnet malware called HTTPBot that has been used to primarily single out the gaming industry, as well as technology companies and educational institutions in China...
More details.

Posted on Fri, 16 May 2025 17:07:00 +0530


Top 10 Best Practices for Effective Data Protection

Data is the lifeblood of productivity, and protecting sensitive data is more critical than ever. With cyber threats evolving rapidly and data privacy regulations tightening, organizations must stay vigilant and proactive to safeguard their most valuable assets...
More details.

Posted on Fri, 16 May 2025 16:00:00 +0530


Researchers Expose New Intel CPU Flaws Enabling Memory Leaks and Spectre v2 Attacks

Researchers at ETH Zürich have discovered yet another security flaw that they say impacts all modern Intel CPUs and causes them to leak sensitive data from memory, showing that the vulnerability known as Spectre continues to haunt computer systems after more than seven years...
More details.

Posted on Fri, 16 May 2025 14:38:00 +0530


Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attacks

Cybersecurity researchers have shed light on a new malware campaign that makes use of a PowerShell-based shellcode loader to deploy a remote access trojan called Remcos RAT. "Threat actors delivered malicious LNK files embedded within ZIP archives, often disguised as Office documents," Qualys security researcher Akshay Thorve said in a technical report...
More details.

Posted on Fri, 16 May 2025 13:26:00 +0530


Noyb Threatens Meta with Lawsuit for Violating GDPR to Train AI on E.U. User Data From May 27

Austrian privacy non-profit noyb (none of your business) has sent Meta's Irish headquarters a cease-and-desist letter, threatening the company with a class action lawsuit if it proceeds with its plans to train users' data for training its artificial intelligence (AI) models without an explicit opt-in...
More details.

Posted on Thu, 15 May 2025 22:15:00 +0530


Coinbase Agents Bribed, Data of ~1% Users Leaked; $20M Extortion Attempt Fails

Cryptocurrency exchange Coinbase has disclosed that unknown cyber actors broke into its systems and stole account data for a small subset of its customers. "Criminals targeted our customer support agents overseas," the company said in a statement...
More details.

Posted on Thu, 15 May 2025 19:58:00 +0530


Pen Testing for Compliance Only? It's Time to Change Your Approach

Imagine this: Your organization completed its annual penetration test in January, earning high marks for security compliance. In February, your development team deployed a routine software update. By April, attackers had already exploited a vulnerability introduced in that February update, gaining access to customer data weeks before being finally detected...
More details.

Posted on Thu, 15 May 2025 16:55:00 +0530


New Chrome Vulnerability Enables Cross-Origin Data Leak via Loader Referrer Policy

Google on Wednesday released updates to address four security issues in its Chrome web browser, including one for which it said there exists an exploit in the wild. The high-severity vulnerability, tracked as CVE-2025-4664 (CVSS score: 4...
More details.

Posted on Thu, 15 May 2025 16:13:00 +0530


5 BCDR Essentials for Effective Ransomware Defense

Ransomware has evolved into a deceptive, highly coordinated and dangerously sophisticated threat capable of crippling organizations of any size. Cybercriminals now exploit even legitimate IT tools to infiltrate networks and launch ransomware attacks...
More details.

Posted on Thu, 15 May 2025 16:00:00 +0530


Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers

A Russia-linked threat actor has been attributed to a cyber espionage operation targeting webmail servers such as Roundcube, Horde, MDaemon, and Zimbra via cross-site scripting (XSS) vulnerabilities, including a then-zero-day in MDaemon, according to new findings from ESET...
More details.

Posted on Thu, 15 May 2025 15:35:00 +0530


Malicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper

Cybersecurity researchers have discovered a malicious package named "os-info-checker-es6" that disguises itself as an operating system information utility to stealthily drop a next-stage payload onto compromised systems...
More details.

Posted on Thu, 15 May 2025 15:30:00 +0530


Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit

Samsung has released software updates to address a critical security flaw in MagicINFO 9 Server that has been actively exploited in the wild. The vulnerability, tracked as CVE-2025-4632 (CVSS score: 9...
More details.

Posted on Wed, 14 May 2025 23:27:00 +0530


BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan

At least two different cybercrime groups BianLian and RansomExx are said to have exploited a recently disclosed security flaw in SAP NetWeaver tracked as CVE-2025-31324, indicating that multiple threat actors are taking advantage of the bug...
More details.

Posted on Wed, 14 May 2025 23:20:00 +0530


Xinbi Telegram Market Tied to $8.4B in Crypto Crime, Romance Scams, North Korea Laundering

A Chinese-language, Telegram-based marketplace called Xinbi Guarantee has facilitated no less than $8.4 billion in transactions since 2022, making it the second major black market to be exposed after HuiOne Guarantee...
More details.

Posted on Wed, 14 May 2025 20:57:00 +0530


CTM360 Identifies Surge in Phishing Attacks Targeting Meta Business Users

A new global phishing threat called "Meta Mirage" has been uncovered, targeting businesses using Meta's Business Suite. This campaign specifically aims at hijacking high-value accounts, including those managing advertising and official brand pages...
More details.

Posted on Wed, 14 May 2025 19:35:00 +0530


Student Loan Breach Exposes 2.5M Records

2.5 million people were affected, in a breach that could spell more trouble down the line.
More details.

Posted on Wed, 31 Aug 2022 12:57:48 +0000


Watering Hole Attacks Push ScanBox Keylogger

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
More details.

Posted on Tue, 30 Aug 2022 16:00:43 +0000


Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.
More details.

Posted on Mon, 29 Aug 2022 14:56:19 +0000


Ransomware Attacks are on the Rise

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.
More details.

Posted on Fri, 26 Aug 2022 16:44:27 +0000


Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.
More details.

Posted on Thu, 25 Aug 2022 18:47:15 +0000


Twitter Whistleblower Complaint: The TL;DR Version

Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.
More details.

Posted on Wed, 24 Aug 2022 14:17:04 +0000


Firewall Bug Under Active Attack Triggers CISA Warning

CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.
More details.

Posted on Tue, 23 Aug 2022 13:19:58 +0000


Fake Reservation Links Prey on Weary Travelers

Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels.
More details.

Posted on Mon, 22 Aug 2022 13:59:06 +0000


iPhone Users Urged to Update to Patch 2 Zero-Days

Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack.
More details.

Posted on Fri, 19 Aug 2022 15:25:56 +0000


Google Patches Chrome’s Fifth Zero-Day of the Year

An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.
More details.

Posted on Thu, 18 Aug 2022 14:31:38 +0000


Ways to Mitigate Risk in Cybersecurity: Cybersecurity Risk Management

Cyber threats can wreak havoc on businesses, from data breaches to loss of reputation. Luckily, there are effective strategies available that can reduce cybersecurity risk. Avoidance is one of the... The post Ways to Mitigate Risk in Cybersecurity: Cybersecurity Risk Management appeared first on Hacker Combat ...
More details.

Posted on Fri, 13 Dec 2024 12:04:08 +0000


Zero Trust Architecture 

Zero trust security takes an “never trust, always verify” approach to access control. Access is only granted once an individual’s identity and context have been confirmed through multifactor authentication and...
More details.

Posted on Mon, 02 Dec 2024 10:43:16 +0000


What Is a Security Operations Center (SOC)?

A Security Operations Center (SOC) specializes in monitoring and analyzing data to detect cyber threats and prevent attacks from them. They work to sort actual threats from false positives before... The post What Is a Security Operations Center (SOC)? appeared first on Hacker Combat ...
More details.

Posted on Mon, 02 Dec 2024 07:51:03 +0000


XDR vs SIEM Security Information and Event Management

The Extended Detection and Response Platform (XDR) ingestion and correlation technology captures and correlates high-fidelity data across your security layers, such as endpoint, network, logs, cloud services and identities to...
More details.

Posted on Fri, 29 Nov 2024 12:53:23 +0000


Best Free EDR for Windows PC

Endpoint detection and response (EDR) tools offer businesses that employ hybrid work models or remote employees an extra layer of cybersecurity protection. Utilizing artificial intelligence (AI) and machine learning (ML),...
More details.

Posted on Fri, 29 Nov 2024 11:19:32 +0000


Free EDR Solutions for Home Users in 2025

EDR can detect and respond to emerging and advanced cyber threats quickly and efficiently, making it an essential component of modern business ecosystems. Beyond signature-based detection capabilities, its features go...
More details.

Posted on Tue, 26 Nov 2024 07:46:59 +0000


Cloud Security Essentials

Cloud security involves employing perimeter defenses like firewalls, IDPSs and VPNs as well as guaranteeing isolation through network segmentation and virtual LANs while monitoring traffic for anomalies and threats –...
More details.

Posted on Mon, 28 Oct 2024 04:57:20 +0000


Antivirus Software

Antivirus software protects devices against viruses, malware, and other cyberthreats by detecting, quarantining, and deleting malicious code. Modern antivirus products also offer additional security features such as password protection, identity...
More details.

Posted on Mon, 28 Oct 2024 02:43:18 +0000


How to Protect Against Ransomware Attacks?

Criminal hackers employ ransomware attacks against their targets by encrypting their data and demanding that a ransom be paid within an allotted timeframe or risk losing it forever. When an... The post How to Protect Against Ransomware Attacks? appeared first on Hacker Combat ...
More details.

Posted on Fri, 25 Oct 2024 03:57:42 +0000


Protecting Your Website From DDoS Attack

Distributed denial-of-service attacks pose an increasing threat to organizations, with even some of the largest firms suffering significant disruptions from such attacks. Attackers use botnets of compromised IoT devices to...
More details.

Posted on Thu, 10 Oct 2024 12:22:16 +0000


A Note on Our Domain Update

Between The Hacks has updated its default domain name to betweenthehacks.com. Everything is still here, but a few links might need attention. Learn more about this update and let us know if you spot any issues...
More details.

Posted on Fri, 04 Apr 2025 14:46:00 +0000


Passkeys: The Beginning of the End for Passwords

Still using passwords? It might be time to move on. Passkeys are a simpler, more secure way to log in—no typing, no phishing, no stress. In this post, I break down how passkeys work, why they matter, and how you can start using them today...
More details.

Posted on Thu, 03 Apr 2025 14:41:00 +0000


I Finally Segmented My Network… by Cutting the Ethernet Cable!

After years of preaching network segmentation, I took it to the next level—by physically disconnecting everything. Scissors, copper mesh, and a rotating SSID script. What could go wrong?
More details.

Posted on Tue, 01 Apr 2025 14:36:55 +0000


Unlimited Access: Every Device on Your Network Can Talk to the Internet

Most home devices can access the entire internet—and often each other. Segmentation helps, but without visibility into what your devices are doing, you’re still exposed.
More details.

Posted on Sun, 30 Mar 2025 20:32:00 +0000


If Troy Hunt Can Fall for Phishing, So Can You

Even cybersecurity experts fall for phishing attacks. When Troy Hunt, creator of Have I Been Pwned, clicked a malicious link and entered his credentials, it was a wake-up call for all of us. In this post, we break down what happened, why today’s phishing is more convincing than ever, and what you can do to protect yourself...
More details.

Posted on Fri, 28 Mar 2025 17:34:13 +0000


AI Magic: My Blog, LinkedIn, and a 7-Minute Podcast!

So, here’s something that blew my mind: I decided to test Google’s NotebookLM AI tool. I casually uploaded the URLs for my LinkedIn page and my blog, not expecting much more than a basic summary...
More details.

Posted on Mon, 30 Sep 2024 17:01:00 +0000


How I Introduced the Cybersecurity World to a Cold War Hero

If you told me a year ago that I would meet a cold war hero at a birthday party, I wouldn’t have believed you. And I would be even more skeptical if you told me she would be an unintimidating, approachable music professor with an infectious smile...
More details.

Posted on Thu, 30 Jun 2022 00:39:31 +0000


log4shell

UPDATED December 16, 2021 If you are reading this, you likely have heard about Log4Shell, the December, 2021 critical zero-day remote-code execution vulnerability in the popular Log4j software library that is developed and maintained by the Apache Software Foundation...
More details.

Posted on Tue, 14 Dec 2021 18:56:34 +0000


Hacking Humble Bundle

Last year, Humble Bundle teamed up with the great tech publisher, No Starch Press, to offer deeply discounted hacking ebooks for as little as one dollar with the Hacking 101 By No Starch Press Humble Bundle of ebooks...
More details.

Posted on Tue, 30 Nov 2021 17:11:00 +0000


Cybersecurity Awareness Month 2021

October is Cybersecurity Awareness Month and Breast Cancer Awareness Month. Since this is a cybersecurity blog, we will focus on cybersecurity but let’s take a moment to talk about the important topic of breast cancer...
More details.

Posted on Fri, 01 Oct 2021 16:58:53 +0000


Colonial Pipeline: Lessons Learned

The Colonial Pipeline ransomware attack took down the largest fuel pipeline in the United States and resulted in consumer hoarding of fuel and a short-term shortage of gasoline on the east coast of the U...
More details.

Posted on Fri, 04 Jun 2021 21:23:00 +0000


President Biden's Cybersecurity Executive Order

Aiming to improve cybersecurity in the United States, President Biden signed an executive order (EO) on May 12, 2021. Although the EO focuses on U.S. federal departments’ and agencies’ cybersecurity, it will likely result in standards that will change the way the private sector manages cybersecurity within the United States and globally...
More details.

Posted on Fri, 28 May 2021 19:08:00 +0000


World Password Day - May 6, 2021

It’s World Password Day! Are your passwords strong enough? Do you have a long, unique password for every account? Do you use multi-factor authentication where available? If you answered, “no”...
More details.

Posted on Thu, 06 May 2021 13:30:00 +0000


Facebook Leak Leads To Smishing

I have always considered myself pretty lucky in that I rarely receive fraudulent text messages. That luck recently ran out. Over the past few weeks I have noticed an uptick in the number of SMS phishing (smishing) messages that I receive on my phone...
More details.

Posted on Mon, 05 Apr 2021 14:42:00 +0000


2021 Cybersecurity Report Roundup

Annual cybersecurity reports are a rich resource of statistics and information for cybersecurity professionals, academics, journalists and anyone who is interested in cybersecurity. Below is a categorized...
More details.

Posted on Fri, 02 Apr 2021 12:27:00 +0000


2021 Top Cybersecurity Leaders

The March 2021 issue of Security magazine, partnering with (ISC)2, featured their inaugural list of the Top Cybersecurity Leaders for 2021. As the author of this blog, I am both humbled and honored, to not only be part of the inaugural team, but also to be recognized with these accomplished cybersecurity professionals...
More details.

Posted on Sun, 07 Mar 2021 19:54:37 +0000


ILoveYou.txt.vbs

Since today is known for love, let’s look back 21 years to one of the more destructive, costly and famous viruses in history. The “ILoveYou” worm, also known as the “Love Bug” or “Love Letter For You” infected more than ten million Windows computers, beginning on May 5, 2000...
More details.

Posted on Sun, 14 Feb 2021 19:36:17 +0000


Safer Internet Day 2021

Tuesday, February 9th, 2021, marks the 18th edition of Safer Internet Day with the theme "Together for a better Internet." Safer Internet Day (SID) started as an EU SafeBorders project in 2004 and is now celebrated in approximately 170 countries worldwide...
More details.

Posted on Tue, 09 Feb 2021 16:00:00 +0000


Happy New Year!

2020 was a difficult year and Between The Hacks wants to congratulate everyone who pulled through the challenges. We have all lived through a year that delivered a global pandemic, civil unrest, and...
More details.

Posted on Thu, 31 Dec 2020 20:58:00 +0000


Merry Christmas & Happy Holidays

Merry Christmas and Happy Holidays from Between The Hacks! Whether you celebrate Christmas, Hanukkah, Kwanza or Festivus, we hope you and your family are doing well, staying healthy and surviving 20...
More details.

Posted on Fri, 25 Dec 2020 02:51:00 +0000


Safeguarding the Backbone of the Global Economy: OT/ICS Security in the Oil and Gas Industry

The oil and gas industry is an essential pillar of the global economy, enabling energy production, transportation, and storage that fuel every aspect of modern life. At the core of these operations lie Operational Technology (OT) and Industrial Control Systems (ICS), critical systems responsible for monitoring and controlling key industrial processes...
More details.

Posted on Sun, 12 Jan 2025 09:37:30 +0000


Detailed Guide to SOAR and SIEM

What Is SOAR? SOAR stands for Security Orchestration, Automation, and Response. It’s a cybersecurity tool designed to simplify and enhance the efficiency of IT teams by automating responses to various security threats...
More details.

Posted on Sun, 12 Jan 2025 09:20:49 +0000


What is a cyberattack?

What is a cyberattack? Cyberattacks aim to damage or gain control or access to important documents and systems within a business or personal computer network. Cyberattacks are distributed by individuals or organizations for political, criminal, or personal intentions to destroy or gain access to classified information...
More details.

Posted on Wed, 30 Oct 2024 04:02:41 +0000


What is SIEM ?

Security information and event management, SIEM for short, is a solution that helps organizations detect, analyze, and respond to security threats before they harm business operations. SIEM, pronounced “sim,” combines both security information management (SIM) and security event management (SEM) into one security management system...
More details.

Posted on Tue, 29 Oct 2024 08:06:47 +0000


Cyber Security Operation Center Guidelines for best practices SOC Design

Cyber Security is become most needed services for all business and industries in 2024. Every business is concerned about Cyber Security. Security operations (SecOps) leaders face a multifaceted challenge:...
More details.

Posted on Tue, 30 Jan 2024 16:32:57 +0000


HOW TO BECOME CERTIFIED LEAD IMPLEMENTER – ISO 27001

ABOUT CERTIFIED LEAD IMPLEMENTER TRAINING AND EXAMINATION FOR INFORMATION SECURITY MANAGEMENT SYSTEM ISO / IEC 27001 Learn and get certified as a professional in implementation of ISO 27001 standard through our self-paced E-learning interactive course which comprises of 4 modules...
More details.

Posted on Thu, 26 Jan 2023 11:21:59 +0000


YouTube disrupted in Pakistan as former PM Imran Khan streams speech

NetBlocks metrics confirm the disruption of YouTube on multiple internet providers in Pakistan on Sunday 21 August 2022. The disruption comes as former Prime Minister Imran Khan makes a live broadcast to the public, despite a ban issued by the Pakistan Electronic Media Regulatory Authority (PEMRA)...
More details.

Posted on Mon, 22 Aug 2022 05:04:16 +0000


Recommendations for Parents about Cyber Bullying

Here are some dedicated tips for keeping younger children safe online. One of these training tips goes into the risks of young children on the Internet, covers cyber bullying and other risky Internet behavior...
More details.

Posted on Wed, 20 Oct 2021 06:36:27 +0000


WhatsApp, Facebook, Instagram server down in Pakistan?

Facebook-owned social media platforms, WhatsApp, Facebook, and Instagram are facing a worldwide outage, according to Downdetector, which offers real-time status and outage information for all kinds of services...
More details.

Posted on Mon, 04 Oct 2021 17:32:57 +0000


Cloudflare reports record-breaking HTTP-request DDoS attack

Cloudflare reports thwarting the largest known HTTP-request distributed denial of service attack in history, approximately three times larger than any other previously reported. The attack in July reached 17...
More details.

Posted on Sun, 22 Aug 2021 19:26:02 +0000


-

What we do and what we offer.

About penetration tests and about our news.


Our certificates:

(ISC)2
CISSP
Offensive Security
OSCP
ISACA
CISA
CISM
Microsoft
PECB
LPTP
Qualys
PECB
LPTP
BSI
LPTP
BSI