Cybersecurity Articles

20/68 Wednesday, January 15, 2025 The Cybersecurity and Infrastructure Security Agency (CISA) has added new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. One of the vulnerabilities is CVE-2024-12686, an OS Command Injection vulnerability with a CVSS severity score of 6.6, found in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS). This vulnerability allows […]

19/68 Wednesday, January 15, 2025 Researchers from Trend Micro have disclosed that cyber attackers are targeting individuals searching for pirated software or cracked programs by using trusted platforms like YouTube and Google as tools for deception. The attackers create tutorial videos guiding users on how to install software, embedding download links in the video comment […]

18/68 Tuesday, January 14, 2025 The pro-Russia hacker group NoName057(16) launched Distributed Denial-of-Service (DDoS) attacks on Italian government agencies, critical infrastructure, and private organizations last week. The attacks followed Ukrainian President Volodymyr Zelensky’s visit to Rome, during which Italian Prime Minister Giorgia Meloni pledged full support for Ukraine in both defense and peace efforts. The […]

17/68 Tuesday, January 14, 2025 Cybercriminals are employing a new deception technique to bypass Apple iMessage’s anti-phishing system, which automatically disables links in messages from unknown senders, whether from email addresses or phone numbers. By tricking users into replying to the message or adding the sender to their contact list, the links become active, placing […]

16/68 Monday, January 13, 2025 Telefónica, a Spanish telecommunications giant, has confirmed that its internal ticketing system was hacked after stolen data was published on a hacking forum. The company revealed that it has blocked access to the system and is conducting a thorough investigation into the incident. Telefónica, one of Spain’s largest multinational telecommunications […]

15/68 Monday, January 13, 2025 Fortinet, a leading cybersecurity company, has issued a warning about a new phishing campaign that deceives PayPal users by using highly convincing links that appear legitimate to gain unauthorized access to user accounts. The phishing emails are meticulously crafted to mimic genuine PayPal notifications, including details such as payment information, […]

14/68 Friday, January 10, 2025 SonicWall has urged its customers to promptly upgrade the SonicOS firmware of their firewalls to mitigate an authentication bypass vulnerability identified as CVE-2024-53704, with a CVSS score of 8.2. This vulnerability affects the SSL VPN and SSH management features, posing a significant risk to users who have enabled these features. […]

13/68 Friday, January 10, 2025 Ivanti, a provider of cybersecurity solutions, has disclosed the exploitation of a zero-day vulnerability identified as CVE-2025-0282 in its Ivanti Connect Secure product. This vulnerability allows hackers to execute remote code and install malware on affected systems. CVE-2025-0282 is classified as a critical buffer overflow vulnerability with a severity score […]

12/68 Thursday, January 9, 2025 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added vulnerabilities in Oracle WebLogic Server and Mitel MiCollab to its Known Exploited Vulnerabilities (KEV) catalog after these vulnerabilities were found to be actively exploited in real-world attacks. The Oracle WebLogic Server vulnerability, identified as CVE-2020-2883, has a CVSS score of […]

11/68 Thursday, January 9, 2025 Cybercriminals are increasingly leveraging artificial intelligence (AI) to craft sophisticated and convincing phishing emails that are difficult to detect. This has resulted in a significant rise in successful attacks. According to Egress, an email security service provider, 71% of AI-generated phishing emails can bypass email filtering and security systems, putting […]