WAF Vulnerability in Akamai, Cloudflare, and Imperva Affected 40% of Fortune 100 Companies
A recently discovered security vulnerability dubbed "BreakingWAF" in the configuration of web application firewall (WAF) services has left numerous Fortune 1000 companies vulnerable to cyberattacks, according to Zafran, a leading cybersecurity research team.
The...
Teaching AI to Hack: Researchers Demonstrate ChatGPT’s to Ethically Hack Linux & Windows
In a new study released today, researchers have demonstrated the significant potential of artificial intelligence (AI) in enhancing ethical hacking practices, particularly in Linux environments.
The study, conducted by Haitham S. Al-Sinani from the...
Why Cybersecurity Leaders Trust the MITRE ATT&CK Evaluations
In today’s rapidly evolving threat landscape, security leaders must make informed decisions to protect their organizations effectively.
The "MITRE Engenuity ATT&CK Evaluations: Enterprise" serve as an essential resource for cybersecurity decision-makers. These evaluations simulate...
XT Exchange Hacked, $1.7 Million Stolen in Cryptocurrency, Withdrawal Halted
A major cryptocurrency exchange, XT.com, suspended all withdrawals on November 28, 2024, following a suspected hack that resulted in the theft of approximately $1.7 million worth of digital assets.
The Dubai-based exchange, which boasts a...
Critical GPU DDK Vulnerabilities Allow Attackers to Execute Arbitrary Code in Physical Memory
A significant development for the tech community is the identification of 2 critical vulnerabilities in several versions of a widely-used GPU Driver Development Kit (DDK) that affect systems using Unified Memory Architecture (UMA).
On...
“Rockstar 2FA” Phishing-as-a-Service Steals Microsoft 365 Credentials Via AiTM Attacks
Cybersecurity researchers have identified a concerning link between the advanced phishing toolkit known as 'Rockstar 2FA' and a surge in adversary-in-the-middle (AiTM) phishing attacks.
Highly advanced methods are used in these campaigns to trick people...
North Korean Hacking Group Launches Undected Malwareless URL Phishing Attacks
Researchers from South Korea have discovered that the notorious North Korean hacking group, known as Kimsuky, has adapted its phishing tactics to use malwareless phishing attack tactics, which evade major EDR detection.
The group, which...
Hackers Leverage Red Team Tools in RDP Attacks Via TOR & VPN for Data...
In a striking display of cyber sophistication, the advanced persistent threat (APT) group Earth Koshchei, also tracked as APT29 or Midnight Blizzard, has been linked to a massive rogue Remote Desktop Protocol (RDP) campaign.
Earth...
Criminals Abuse Microsoft Dynamics 365 to Steal User Credentials
Phishing attacks continue to evolve, leveraging legitimate platforms and services to deceive unsuspecting victims. One such tactic, highlighted by recent research from ANY.RUN, involves the abuse of Microsoft Dynamics 365.
Let’s unpack how cybercriminals exploit...
WhatsApp Wins NSO Pegasus Spyware Hacking Case After 5-Year Legal Battle
After five years of contentious litigation, Meta Platforms Inc., the parent company of WhatsApp, emerged victorious in its lawsuit against NSO Group, the controversial Israeli firm behind the Pegasus spyware.
The landmark decision, handed...
Recent Posts
CyTwist Launches Advanced Security Solution to identify AI-Driven Cyber Threats in...
CyTwist, a leader in advanced next-generation threat detection solutions, has launched its patented detection engine to combat the insidious rise of AI-generated malware.
The cybersecurity...