My Courses
-
Increasing municipal infrastructure hacking risk
A small-town water system, a county hospital, and a local school district may not appear to be front-line targets in global conflict, yet they are…
-
OSINT helps financial institutions combat money laundering
Open Source Intelligence (OSINT) tools play a crucial role in helping financial firms combat money laundering by revealing complex networks and ownership structures. Money launderers…
-
Commvault pre-auth exploit chain allows remote code execution
Commvault has released critical updates to address four security vulnerabilities that could be exploited for remote code execution on affected instances. The vulnerabilities, identified in…
-
ClickFix & fake CAPTCHAs facilitate CORNFLAKE.V3 deployment
Threat actors have been observed employing a deceptive social engineering tactic known as ClickFix to deploy a versatile backdoor codenamed CORNFLAKE.V3. Google-owned Mandiant has described…
-
QuirkyLoader distributes Agent Tesla, AsyncRAT, Snake Keylogger and other malware
Cybersecurity researchers have revealed a new malware loader named QuirkyLoader, which has been actively delivering various next-stage payloads, including information stealers and remote access trojans,…
-
DOJ charges 22-year-old accused RapperBot botmaster
A 22-year-old man from Oregon, Ethan Foltz, has been charged with allegedly developing and managing a distributed denial-of-service (DDoS)-for-hire botnet known as RapperBot. The U.S….
-
Apache ActiveMQ exploit allows DripDropper installation on Linux cloud systems
Threat actors are exploiting a nearly two-year-old security flaw in Apache ActiveMQ to gain persistent access to cloud Linux systems and deploy malware known as…
-
AWS Trusted Advisor vulnerability hides public S3 buckets
AWS’s Trusted Advisor tool is designed to alert customers about the public exposure of their S3 storage buckets. However, recent findings by Fog Security researchers…
-
FBI alleges Russian APT group exploiting old Cisco vulnerability (CVE-2018-0171)
Russian state-sponsored hackers, identified as Static Tundra, have been actively exploiting a seven-year-old vulnerability in Cisco devices, specifically CVE-2018-0171. This critical flaw allows attackers to…
-
Git version 2.51: Getting ready for the future by incorporating SHA-256.
Git 2.51 has been released, continuing the ongoing effort to modernise the version control system. This update introduces several technical enhancements, with a significant focus…
