cyber2security blog

Critical VMware RCE Vulnerabilities Targeted by Public Exploit Code
Security vulnerabilities in VMware's vRealize Log Insight platform…

Firmware Flaws Could Spell ‘Lights Out’ for Servers
Five vulnerabilities in the baseboard management controller (BMC)…

Detect malware before it reaches your system
Every day, billions of files are exchanged within and between…

Additional Supply Chain Vulnerabilities Uncovered in AMI MegaRAC BMC Software
Two more supply chain security flaws have been disclosed in AMI…

Zurich moves to the AWS cloud
By 2025, around 1,000 insurance applications are to be migrated…

Phishers Trick Microsoft Into Granting Them ‘Verified’ Cloud Partner Status
Everyone on Twitter wants a blue check mark. But Microsoft Azure's…

Hackers use new IceBreaker malware to breach gaming companies
Hackers have been targeting online gaming and gambling companies…

Legitify adds support for GitLab and GitHub Enterprise Server
We encounter security incidents on a weekly basis with prospective…

Exponential hacking of biometric authentication reveals some defenses already overwhelmed
Also, dark web tools for criminals spread
“Motion-based is…

Command-Injection Bug in Cisco Industrial Gear Opens Devices to Complete Takeover
Two security holes — one particularly gnarly — could allow…

Canadian man gets 20 years for ransomware scheme that targeted Tampa company
Sebastien Vachon-Desjardins made $21 million in bitcoin through…

Crypto scam apps infiltrate Apple App Store and Google Play
Operators of high-yielding investment scams known as "pig butchering"…

Pro-Russian DDoS attacks raise alarm in Denmark, U.S.
Distributed denial-of-service (DDoS) attacks by pro-Russian hacking…

Spain, the third country in the world with the most cyberattacks on companies
94% of companies have suffered a cybersecurity incident in the…

This company has already caught it
Ransomware, brute force, DDoS and Co: These German companies…

What is the Different Between VPN and Proxy – A Complete Guide
Both the VPN and proxy are used to facilitate the connection…

Security researchers at ESET have discovered a new data-destroying malware, dubbed SwiftSlicer, which has a very specific goal: to destroy your Active Directory domain!
Behind SwiftSlicer is the Russian hacker group Sandworm, and…

Prilex PoS Malware Evolves to Block Contactless Payments to Steal from NFC Cards
The Brazilian threat actors behind an advanced and modular point-of-sale…

Black Basta: Large ransomware gang was completely exposed
One of the most active Russian ransomware groups has been effectively…

DELETE THESE MALWARE APPS FROM YOUR ANDROID DEVICE RIGHT NOW!
A recent virus attack on Android smartphones makes it possible…

Federal Network Agency stops selling more than 15 million products
Questionable energy-saving devices and dangerous disco balls:…

Cyber attack on IT service provider Adesso: Systems compromised, data copied
Unknown attackers have compromised Adesso systems and downloaded…

Potsdam offline: City speaks of danger from Hive gang
Apparently there was an acute danger of ransomware from the Hive…

Auditing Kubernetes with Open Source SIEM and XDR
Container technology has gained traction among businesses due…

PoS malware can block contactless payments to steal credit cards
New versions of the Prilex point-of-sale malware can block secure,…

City of London traders hit by Russia-linked cyber attack
Trading in the City of London has been plunged into chaos after…

Password-stealing “vulnerability” reported in KeePass – bug or feature?
It’s been a newsworthy few weeks for password managers –…

Google Fi data breach let hackers carry out SIM swap attacks
Google Fi, Google's U.S.-only telecommunications and mobile internet…

European hospitals ‘hit by pro-Russian hackers’
Dutch cyber authorities have said that several hospital websites…

“Restrictions” with Super Bock after cyber attack
The beverage company that owns the brands Super Bock, Vitalis and Pedras is…

CFOs feel at the mercy of cyberattacks
Most CFOs don't think they can defend against a cyberattack. And…

Google Fi Users Caught Up in T-Mobile Breach
Google Fi mobile customers have been alerted that their SIM card…

Stop Passing the Buck on Cybersecurity
Despite a global multibillion-dollar cybersecurity industry,…

New DDoS-as-a-Service platform used in recent attacks on hospitals
A new DDoS-as-a-Service (DDoSaaS) platform named 'Passion' was…

British secret service MI5 has illegally stored masses of data
A British court has ruled that MI5 has had "very serious failures"…

Researchers Uncover New Bugs in Popular ImageMagick Image Processing Utility
Cybersecurity researchers have disclosed details of two security…

Windows: New malware comes straight from the Russian secret service
A malware attack on the Ukraine could be directly traced back…

New Threat: Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers
At least 1,200 Redis database servers worldwide have been corralled…

Cybercrime is world’s third-largest economy thanks to booming black market
Ransomware-as-a-service and malware sold on the dark web are…

Metasploit Framework 6.3 Released
The Metasploit team is pleased to announce the release of Metasploit…

Long Con Impersonates Financial Advisers to Target Victims
Cybercriminals are co-opting the identities of legitimate US…

Another cyber attack on the website of the Bundestag
With a large-scale coordinated attack, hackers apparently wanted…

When the computer is hijacked
Caritas, Hirmer, Marc O'Polo: Companies of all kinds fall victim…

Command Injection Cheatsheet
Command injection is an attack in which the goal is execution…

‘This is bigger than ChatGPT’: Google creates ‘MusicLM,’ text-to-music AI
Google has created a new artificial intelligence (AI) system…

Cyber attacks in war: How reinsurers deal with them
Damage caused by war and terrorism is fundamentally excluded…

OneFuzz- Microsoft Open Source Fuzzing Platform
OneFuzz A Self-hosted Fuzzing-As-A-Service Platform
Project…

Titan Stealer: A New Golang-Based Information Stealer Malware Emerges
A new Golang-based information stealer malware dubbed Titan…

Realtek Vulnerability Under Attack: Over 134 Million Attempts to Hack IoT Devices
Researchers are warning about a spike in exploitation attempts…

Android 14 is said to make installing malware more difficult
In the upcoming Android 14, users should no longer be able to…

Most Important Android Penetration Testing Tools for Pentesters 2023
Android penetration testing tools are more often used by security…

Hackers use Microsoft OneNote attachments to spread malware
Hackers are currently using Microsoft OneNote attachments to…

Iranian and Russian hackers targeting politicians and journalists, warn UK officials
Iranian and Russian hackers are targeting British politicians…

UPDATE 1-Britain sounds alarm on Russia-based hacking group
LONDON, Jan 26 (Reuters) - A Russia-based hacking group named…

Microsoft Urges Customers to Secure On-Premises Exchange Servers
Microsoft is urging customers to keep their Exchange servers…

Critical flaw in KeePass: an attacker can export passwords in plain text!
Security researchers have discovered a critical vulnerability…

State-linked hackers in Russia and Iran are targeting UK groups, NCSC warns
Sophisticated campaigns against politicians and media aim to…

Microsoft urges admins to patch on-premises Exchange servers
Microsoft urged customers today to keep their on-premises Exchange…

Hive Ransomware Gang Loses Its Honeycomb, Thanks to DoJ
The US Department of Justice hacked into Hive's infrastructure,…

Protection against malware: State of the art
In today's digital age, businesses and organizations are constantly…