WAF Vulnerability in Akamai, Cloudflare, and Imperva Affected 40% of Fortune 100 Companies
A recently discovered security vulnerability dubbed "BreakingWAF" in the configuration of web application firewall (WAF) services has left numerous Fortune 1000 companies vulnerable to cyberattacks, according to Zafran, a leading cybersecurity research team.
The...
Isreali NSO Group’s Pegasus Spyware Detected in New Mobile Devices
Cybersecurity researchers from iVerify have revealed widespread new infections of the Pegasus spyware, developed by NSO Group (dubbed "Rainbow Ronin"), showing that spyware targets not only activists and journalists but also professionals and civilians.
The...
AWS Launched New Security Incident Response Service to Boost Enterprise Security
Amazon Web Services (AWS) unveiled a new service, AWS Security Incident Response, designed to help organizations manage security events efficiently.
As cyber threats become increasingly complex, this service offers a comprehensive solution to prepare...
North Korean Hacking Group Launches Undected Malwareless URL Phishing Attacks
Researchers from South Korea have discovered that the notorious North Korean hacking group, known as Kimsuky, has adapted its phishing tactics to use malwareless phishing attack tactics, which evade major EDR detection.
The group, which...
“Rockstar 2FA” Phishing-as-a-Service Steals Microsoft 365 Credentials Via AiTM Attacks
Cybersecurity researchers have identified a concerning link between the advanced phishing toolkit known as 'Rockstar 2FA' and a surge in adversary-in-the-middle (AiTM) phishing attacks.
Highly advanced methods are used in these campaigns to trick people...
InputSnatch – A Side-Channel Attack Allow Attackers Steal The Input Data From LLM Models
In a recent study, cybersecurity researchers have unveiled a new side-channel attack that threatens the privacy of users interacting with large language models (LLMs).
The attack, dubbed "InputSnatch," exploits timing differences in cache-sharing mechanisms...
Critical GPU DDK Vulnerabilities Allow Attackers to Execute Arbitrary Code in Physical Memory
A significant development for the tech community is the identification of 2 critical vulnerabilities in several versions of a widely-used GPU Driver Development Kit (DDK) that affect systems using Unified Memory Architecture (UMA).
On...
Why Cybersecurity Leaders Trust the MITRE ATT&CK Evaluations
In today’s rapidly evolving threat landscape, security leaders must make informed decisions to protect their organizations effectively.
The "MITRE Engenuity ATT&CK Evaluations: Enterprise" serve as an essential resource for cybersecurity decision-makers. These evaluations simulate...
New Stealthy GodLoader Malware Attacking Windows, macOS, Linux, Android, & iOS Devices
A newly discovered malware, dubbed GodLoader, is raising alarms in the cybersecurity community for its ability to stealthily infect devices across multiple operating systems, including Windows, macOS, Linux, Android, and iOS.
Unveiled by Check Point...
Teaching AI to Hack: Researchers Demonstrate ChatGPT’s to Ethically Hack Linux & Windows
In a new study released today, researchers have demonstrated the significant potential of artificial intelligence (AI) in enhancing ethical hacking practices, particularly in Linux environments.
The study, conducted by Haitham S. Al-Sinani from the...
Recent Posts
CyTwist Launches Advanced Security Solution to identify AI-Driven Cyber Threats in...
CyTwist, a leader in advanced next-generation threat detection solutions, has launched its patented detection engine to combat the insidious rise of AI-generated malware.
The cybersecurity...