Stay informed with Security World Trend Now! Discover the latest security trends, technologies, and strategies to protect your data, networks, and digital identity. Get expert insights and practical advice for ensuring your online safety. Explore now!
Identity & Access Navigating the Digital Frontier in Cybersecurity Awareness Month 2023 Introduction October 2023 marks the 20th anniversary of Cybersecurity Awareness Month, a crucial initiative aimed at empowering individuals with knowledge to stay safe and secure online. This year’s campaign theme, “20 Years of Cybersecurity Awareness Month,” reflects on the evolution of security education…
Thousands of Popular Websites Leaking Secrets Raises Concerns About Application Security In a concerning discovery, code security firm Truffle Security has found that thousands of popular websites, including those listed in Alexa’s top 1 million websites, are leaking their secrets. These leaks include sensitive information such as .git directories and credentials, posing a significant risk…
Vulnerabilities AtlasVPN to Patch IP Leak Vulnerability After Public Disclosure AtlasVPN, a popular VPN service, is working on a patch for an IP leak vulnerability that was recently publicly disclosed by a researcher. The researcher, who wishes to remain anonymous, decided to make the details of the vulnerability public after attempts to responsibly disclose the…
Cloud Security: Dangling DNS Used to Hijack Subdomains of Major Organizations Dangerous Vulnerability In a recent report, Vienna-based IT security consulting firm Certitude Consulting disclosed that researchers were able to abuse dangling DNS records to hijack subdomains belonging to several major organizations, exposing vulnerabilities in their internet security infrastructure. The researchers targeted subdomains belonging to…
UN Warns of Widespread Online Scams in Southeast Asia The Issue at Hand The United Nations Office of the High Commissioner for Human Rights has released a report highlighting the alarming rise of online scam operations in Southeast Asia. Criminal gangs are exploiting hundreds of thousands of vulnerable individuals, forcing them into carrying out unlawful…
Cyberwarfare: North Korean APT Hacks Internet Infrastructure Provider via ManageEngine Flaw The Attack The Lazarus Group, a North Korea-linked advanced persistent threat (APT) actor, has recently been observed exploiting a vulnerability in Zoho ManageEngine to compromise an internet backbone infrastructure provider in Europe. The attack occurred shortly after proof-of-concept exploit code targeting the ManageEngine flaw…
The Evolving Threat of Credential Phishing In today’s interconnected world, where businesses rely heavily on digital platforms and online operations, the threat of cybercrime is more prevalent than ever before. One of the most significant and pervasive dangers is credential phishing, a sophisticated hacking technique that aims to steal sensitive information such as usernames, passwords,…
Hudson Rock Research Team Uncovers Alarming Cybersecurity Findings Introduction The Hudson Rock research team, renowned for its expertise in cybersecurity, has recently made a disconcerting discovery while running an extensive information-stealer campaign. Through their investigation, they have managed to collect a wealth of data, ranging from credentials and autofill information to system specifics. Surprisingly, this…
Attackers Targeting Abandoned and Barely Maintained Websites for Phishing Introduction According to a study by cybersecurity firm Kaspersky, attackers are increasingly targeting abandoned and poorly maintained websites to host phishing pages. The study found that phishers often focus on WordPress sites due to the high number of vulnerabilities in the widely used content management system…
Report: The Persistent Threat of the Shellshock Vulnerability The Persistent Threat of the Shellshock Vulnerability Since its disclosure in 2014, the Shellshock vulnerability, also known as the Bash bug or CVE-2014-6271, continues to be a prevalent target for attackers, especially in financial services applications. Despite its age, this vulnerability remains popular due to its simplicity…