Wednesday, February 12, 2025

Cyber Security News

Fortinet Zero-Day

Fortinet FortiOS & FortiProxy Zero-Day Exploited to Hijack Firewall & Gain Super Admin Access

0
Cybersecurity firm Fortinet has issued an urgent warning regarding a newly discovered zero-day authentication bypass vulnerability (CVE-2025-24472) affecting its FortiOS and FortiProxy products.This...

Microsoft Patch Tuesday February 2025: 61 Vulnerabilities Including 25 RCE & 3 0-Day

0
Microsoft has released its highly anticipated Patch Tuesday security updates for February 2025, addressing a wide range of vulnerabilities across its products and services.This...
Entra ID Accounts

Preventing Attackers from Permanently Deleting Entra ID Accounts with Protected Actions

0
Microsoft Entra ID has introduced a robust mechanism called protected actions to mitigate the risks associated with unauthorized hard deletions of user accounts.This...
Single-Bit Fault Injection

Beyond the Horizon: Assessing the Viability of Single-Bit Fault Injection Attacks

0
The realm of fault injection attacks has long intrigued researchers and security professionals.Among these, single-bit fault injection, a technique that seeks to manipulate...
Satellite

Satellite Weather Software Vulnerabilities Let Attackers Execute Code Remotely

0
IBL Software Engineering has disclosed a significant security vulnerability, identified as CVE-2025-1077, affecting its Visual Weather software and derivative products, including Aero Weather, Satellite...

OpenAI Developing Its Own Chip to Reduce Reliance on Nvidia

0
OpenAI, the organization behind ChatGPT and other advanced AI tools, is making significant strides in its efforts to reduce its dependency on Nvidia by...

New York Bans DeepSeek Over Potential Data Risks

0
 New York Governor Kathy Hochul announced that the state has banned the use of the China-based AI startup DeepSeek on government-issued devices and networks.The...
SIEM as a Service

Recent News

Lumma Stealer

Lumma Stealer Attacking Windows Users In India With Fake Captcha Pages

0
Cybersecurity experts are raising alarms over a new wave of attacks targeting Windows users in India, driven by the Lumma Stealer malware.This advanced...
Ghidra 11.3 Released

Ghidra 11.3 Released – A Major Update to NSA’s Open-Source Tool

0
The National Security Agency (NSA) has officially released Ghidra 11.3, the latest iteration of its open-source software reverse engineering (SRE) framework.Known for its...

Sophos Acquires Secureworks for $859 Million

0
Sophos, a global leader in next-generation cybersecurity, has announced the acquisition of Secureworks, a renowned cybersecurity pioneer, in a landmark deal worth $859 million.This...
IIS vulnerability

Hackers Exploiting a Six-year-old IIS Vulnerability to Gain Remote Access

0
In a concerning revelation, cybersecurity firm eSentire’s Threat Response Unit (TRU) has detected active exploitation of a six-year-old vulnerability, CVE-2019-18935, in Progress Telerik UI...
Application Layer

New Report of of 1M+ Malware Samples Show Application Layer Abused for Stealthy C2

0
A recent analysis of over one million malware samples by Picus Security has revealed a growing trend in the exploitation of application layer protocols...

DeepSeek Accused of Over-Collecting Personal Data, Says South Korea’s Spy Agency

0
South Korea's National Intelligence Service (NIS) has raised alarms over the Chinese artificial intelligence app, DeepSeek, accusing it of "excessively" collecting personal data from...
Android & iOS Apps

Malicious Android & iOS Apps Downloaded Over 242,000 Times, Stealing Crypto Recovery Keys

0
A sophisticated malware campaign, dubbed SparkCat, has infiltrated Google Play and Apple’s App Store, marking the first known instance of an optical character recognition...

SolarWinds Improves Web Help Desk in Latest 12.8.5 Update

0
SolarWinds announced the release of Web Help Desk (WHD) version 12.8.5, unveiling a host of new features, updates, and fixes aimed at streamlining IT...

AnyDesk Flaw Allows Admin Access Through Weaponized Windows Wallpapers

0
Cybersecurity enthusiasts and IT administrators worldwide are voicing concerns over a newly discovered vulnerability in AnyDesk that could lead to local privilege escalation (LPE).The...

How To Access Dark Web Anonymously and know its Secretive and Mysterious Activities

What is Deep WebThe deep web, invisible web, or hidden web are parts of the World Wide Web whose contents are not indexed by...

How to Build and Run a Security Operations Center (SOC Guide) – 2023

Today’s Cyber security operations center (CSOC) should have everything it needs to mount a competent defense of the ever-changing information technology (IT) enterprise.This includes...

Network Penetration Testing Checklist – 2024

Network Penetration Testing checklist determines vulnerabilities in the network posture by discovering open ports, troubleshooting live systems, and services, and grabbing system banners.The pen-testing helps...

Russian Hackers Bypass EDR to Deliver a Weaponized TeamViewer Component

TeamViewer's popularity and remote access capabilities make it an attractive target for those seeking to compromise systems for their gain.Threat actors target TeamViewer for...

Web Server Penetration Testing Checklist – 2024

Web server pentesting is performed under three significant categories: identity, analysis, and reporting vulnerabilities such as authentication weaknesses, configuration errors, and protocol relationship vulnerabilities. 1.  "Conduct a...

ATM Penetration Testing – Advanced Testing Methods to Find The Vulnerabilities

ATM Penetration testing, Hackers have found different approaches to hacking into ATM machines.Programmers are not restricting themselves to physical assaults, for example, money/card...

Operating Systems Can be Detected Using Ping Command

Operating Systems can be detected using Ping Command, Ping is a computer network administration software utility, used to find the Availability of a host...

Cloud Penetration Testing Checklist – 2024

Cloud Penetration Testing is a method of actively checking and examining the Cloud system by simulating the attack from the malicious code.Cloud computing is...

Web Application Penetration Testing Checklist – A Detailed Cheat Sheet

Web Application Pentesting is a method of identifying, analyzing, and Report the vulnerabilities which are existing in the Web application including buffer overflow, input...

Glossary