34/68 Friday, January 24, 2025 A vulnerability has been discovered in the file management software 7-Zip, identified as CVE-2025-0411, which allows attackers to bypass the Mark of the Web (MotW) security feature in Windows. MotW is a Windows security mechanism that tags files downloaded from untrusted sources, such as the internet, to mitigate potential security […]
33/68 Friday, January 24, 2025 Cloudflare revealed on Tuesday that it successfully detected and blocked a distributed denial-of-service (DDoS) attack reaching speeds of up to 5.6 terabits per second (Tbps), marking the largest attack ever recorded. This attack occurred on October 29, 2024, targeting an Internet Service Provider (ISP) in East Asia. The assault utilized […]
32/68 Thursday, January 23, 2025 Ukraine’s Computer Emergency Response Team (CERT-UA) has issued a warning about malicious actors impersonating CERT-UA to send fake AnyDesk connection requests. These requests falsely claim to be for cybersecurity inspections. The attackers are using CERT-UA’s logo and fake AnyDesk IDs to deceive targets, employing social engineering techniques to build credibility. […]
30/68 Wednesday, January 22, 2025 Hewlett Packard Enterprise (HPE) is investigating claims made by IntelBroker, a hacker group that alleges it is selling stolen data and source code from the company. The data in question reportedly includes product source codes such as Zerto and ILO, SAP Hybris systems, digital certificates, Docker files, and legacy user […]
29/68 Wednesday, January 22, 2025 Cybersecurity researchers from CYFIRMA have uncovered new Android malware named Tanzeem and Tanzeem Update. The malware is linked to an Indian APT group known as the DoNot Team or APT-C-35, which primarily targets government organizations, military agencies, foreign ministries, and embassies in South Asian countries such as India, Pakistan, Sri […]
28/68 Tuesday, January 21, 2025 Kaspersky Reveals Over 10 Vulnerabilities in Mercedes-Benz User Experience (MBUX) System Kaspersky has disclosed details of more than 10 vulnerabilities in the Mercedes-Benz User Experience (MBUX) infotainment system. Some of these vulnerabilities could potentially be exploited for Denial of Service (DoS) attacks, data extraction, remote command execution, and privilege escalation. […]
27/68 Tuesday, January 21, 2025 A severe vulnerability has been identified in the widely-used WordPress plugin, W3 Total Cache, potentially allowing attackers to access sensitive internal service data and metadata on cloud applications. The vulnerability, designated as CVE-2024-12365, carries a CVSS severity score of 8.5. W3 Total Cache is a popular plugin for optimizing WordPress […]
26/68 Monday, January 20, 2025 The U.S. Department of the Treasury, through the Office of Foreign Assets Control (OFAC), has imposed sanctions on China’s Sichuan Juxinhe Network Technology Co., LTD. due to its involvement with the Salt Typhoon hacking group, which recently targeted several U.S. telecommunications and internet service providers. Additionally, OFAC has sanctioned Yin […]
25/68 Monday, January 20, 2025 TikTok, the globally popular social media platform, has officially announced its shutdown in the United States starting January 19, 2025, following a federal government ban citing national security concerns. In a notification to its users, TikTok stated, “We deeply regret this service disruption and sincerely thank you for your past […]
24/68 Friday, January 17, 2025 A new hacker group known as the “Belsen Group” has leaked the network configuration data, IP addresses, and VPN credentials of over 15,000 FortiGate devices on the Dark Web to promote their reputation. The leaked data, available for free, is 1.6 GB in size and includes folders containing critical configuration […]
