Monday, February 10, 2025

Cyber Security News

Hackers Exploit AnyDesk Vulnerability to Gain Admin Access – PoC Released

0
A newly discovered vulnerability in AnyDesk, the popular remote desktop software, has sparked serious cybersecurity concerns.Identified as CVE-2024-12754 and tracked under ZDI-24-1711, this flaw...

UK Pressures Apple to Create Global Backdoor To Spy on Encrypted iCloud Access

0
United Kingdom has reportedly ordered Apple to create a backdoor allowing access to all encrypted content stored in its iCloud service.The demand, issued...
Autonomous LLMs

Autonomous LLMs Reshaping Pen Testing: Real-World AD Breaches and the Future of Cybersecurity

0
Large Language Models (LLMs) are transforming penetration testing (pen testing), leveraging their advanced reasoning and automation capabilities to simulate sophisticated cyberattacks.Recent research demonstrates...
Backdoor Attacks

Securing GAI-Driven Semantic Communications: A Novel Defense Against Backdoor Attacks

0
Semantic communication systems, powered by Generative AI (GAI), are transforming the way information is transmitted by focusing on the meaning of data rather than...
IIS Servers

Cybercriminals Target IIS Servers to Spread BadIIS Malware

0
A recent wave of cyberattacks has revealed the exploitation of Microsoft Internet Information Services (IIS) servers by threat actors deploying the BadIIS malware.This...
Video Attachments

Hackers Leveraging Image & Video Attachments to Deliver Malware

0
Cybercriminals are increasingly exploiting image and video files to deliver malware, leveraging advanced techniques like steganography and social engineering.These methods allow attackers to...
Scareware

New Scareware Attack Targeting Mobile Users to Deploy Malicious Antivirus Apps

0
A new wave of scareware attacks has emerged, targeting unsuspecting mobile users with fake antivirus applications designed to exploit fear and trick victims into...
SIEM as a Service

Recent News

Multiple Flaws in Dell PowerProtect Allow System Compromise

0
Dell has released a Critical Security Update (DSA-2025-022) for its PowerProtect Data Domain (DD) systems to address multiple vulnerabilities that could allow attackers to compromise affected...
SVG Files

Weaponized SVG Files With Google Drive Links Attacking Gmail, Outlook & Dropbox Users

0
A new wave of phishing attacks is leveraging Scalable Vector Graphics (SVG) files to bypass traditional email security measures and target users of Gmail,...

Roundcube XSS Flaw Allows Attackers to Inject Malicious Files

0
A critical Cross-Site Scripting (XSS) vulnerability has been discovered in the popular open-source webmail client, Roundcube, potentially exposing users to serious security risks.Tracked as CVE-2024-57004, the...
AsyncRAT

AsyncRAT Abusing Python and TryCloudflare For Stealthy Malware Delivery

0
In a significant finding, Forcepoint's X-Labs research team has uncovered a new malware campaign that uses AsyncRAT, a notorious remote access trojan (RAT), along...

Parrot 6.3 Release, What’s New

0
The cybersecurity realm received an exciting update this week with the release of Parrot 6.3, the latest version of the Parrot Security operating system.As one...
Microsoft Azure

Hackers Exploit AWS & Microsoft Azure for Large-Scale Cyber Attacks

0
Silent Push, a cybersecurity research firm, has introduced the term "infrastructure laundering" to describe a sophisticated method used by cybercriminals to exploit legitimate cloud...
CryptoDNA

CryptoDNA: AI-Powered Cryptojacking Defense Against DDoS Threats in Healthcare IoT

0
The integration of Internet of Things (IoT) and Internet of Medical (IoM) devices has revolutionized healthcare, enabling real-time monitoring, remote diagnostics, and data-driven decision-making....
Coyote Malware

Coyote Malware Launches Stealthy Attack on Windows Systems via LNK Files

0
FortiGuard Labs has issued a high-severity alert regarding the Coyote Banking Trojan, a sophisticated malware targeting Microsoft Windows users.Over the past month, researchers...
XE Hacker Group

XE Hacker Group Exploiting Veracode 0-Day’s to Deploy Malware & Steal Credit Card Details

0
The XE Group, a sophisticated Vietnamese-origin cybercrime organization active since 2013, has escalated its operations by exploiting two zero-day vulnerabilities in VeraCore software, CVE-2024-57968...

How To Access Dark Web Anonymously and know its Secretive and Mysterious Activities

What is Deep WebThe deep web, invisible web, or hidden web are parts of the World Wide Web whose contents are not indexed by...

How to Build and Run a Security Operations Center (SOC Guide) – 2023

Today’s Cyber security operations center (CSOC) should have everything it needs to mount a competent defense of the ever-changing information technology (IT) enterprise.This includes...

Network Penetration Testing Checklist – 2024

Network Penetration Testing checklist determines vulnerabilities in the network posture by discovering open ports, troubleshooting live systems, and services, and grabbing system banners.The pen-testing helps...

Russian Hackers Bypass EDR to Deliver a Weaponized TeamViewer Component

TeamViewer's popularity and remote access capabilities make it an attractive target for those seeking to compromise systems for their gain.Threat actors target TeamViewer for...

Web Server Penetration Testing Checklist – 2024

Web server pentesting is performed under three significant categories: identity, analysis, and reporting vulnerabilities such as authentication weaknesses, configuration errors, and protocol relationship vulnerabilities. 1.  "Conduct a...

ATM Penetration Testing – Advanced Testing Methods to Find The Vulnerabilities

ATM Penetration testing, Hackers have found different approaches to hacking into ATM machines.Programmers are not restricting themselves to physical assaults, for example, money/card...

Operating Systems Can be Detected Using Ping Command

Operating Systems can be detected using Ping Command, Ping is a computer network administration software utility, used to find the Availability of a host...

Cloud Penetration Testing Checklist – 2024

Cloud Penetration Testing is a method of actively checking and examining the Cloud system by simulating the attack from the malicious code.Cloud computing is...

Web Application Penetration Testing Checklist – A Detailed Cheat Sheet

Web Application Pentesting is a method of identifying, analyzing, and Report the vulnerabilities which are existing in the Web application including buffer overflow, input...

Glossary