gurushyam.mony – Page 2

gurushyam.mony
October 21, 2024
No Comments

CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance

gurushyam.mony
October 21, 2024
No Comments

How Hybrid Password Attacks Work and How to Defend Against Them

gurushyam.mony
October 21, 2024
No Comments

FBI Creates Fake Cryptocurrency to Expose Widespread Crypto Market Manipulation

gurushyam.mony
October 21, 2024
No Comments

GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks

gurushyam.mony
October 21, 2024
No Comments

OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf

gurushyam.mony
October 21, 2024
No Comments

Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware

gurushyam.mony
October 21, 2024
No Comments

THN Cybersecurity Recap: Top Threats, Tools and Trends (Oct 7 – Oct 13)

gurushyam.mony
October 21, 2024
No Comments

Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems

gurushyam.mony
October 21, 2024
No Comments

5 Steps to Boost Detection and Response in a Multi-Layered Cloud

gurushyam.mony
October 21, 2024
No Comments

WordPress Plugin Jetpack Patches Major Vulnerability Affecting 27 Million Sites

The Real Purpose of the UK’s Online Safety Act: An Expert Explains August 13, 2025
The introduction of the UK’s Online Safety Act has sparked a lot of conversation and confusion. Both users and businesses are still trying to make sense of what it really means and how to navigate it. Professor George Loukas, Professor of Cyber Security (Human-centric and Cyber-physical Security) at the University of Greenwich, is here to […]
Dilki Rathnayake
Empowering Citizen Developers Without Compromising Security August 13, 2025
Thanks to no-code tools, citizen application development platforms (CADPs) are ushering in a new era where business units are no longer waiting in IT backlogs for application support—they’re building their own. Employees without coding skills are creating business applications, workflow automations, and integrations with a few clicks. According to Gartner, citizen developers will contribute up […]
Yair Finzi
Persistent Risk: XZ Utils Backdoor Still Lurking in Docker Images August 13, 2025
In March last year, an insidious software supply chain compromise was revealed. The discovery of a backdoor in XZ Utils shook the cybersecurity world, thanks to its technical sophistication and for the bad actor’s methodical patience. A developer known as “Jia Tan” had spent two years earning trust in the XZ Utils project. The code […]
Kirsten Doyle
Erlang/OTP SSH Flaw Actively Exploited in OT Networks August 13, 2025
A critical flaw in Erlang’s Open Telecom Platform is under active attack. CVE-2025-32433 carries a CVSS score of 10.0 and allows remote code execution without authentication. According to Palo Alto’s Unit 42 reseachers, it affects the platform’s native SSH daemon, used to manage hosts in telecom, 5G, and industrial systems. Bad actors can send specific […]
Kirsten Doyle
Breach at Dutch Lab Exposes Data of 485,000 in Cervical Cancer Screening August 12, 2025
A breach at a Dutch laboratory has exposed the personal and medical data of more than 485,000 women in the national cervical cancer screening programme. The attack hit Clinical Diagnostics NMDL, a Eurofins subsidiary in Rijswijk. The lab tests self-sample kits and smear test samples for Bevolkingsonderzoek Nederland (Population Research Netherlands). Bad actors accessed names, […]
Kirsten Doyle
Researchers Expose GPT-5 Jailbreak That Bypasses Safety Controls August 12, 2025
Cybersecurity researchers at two companies have uncovered a jailbreak technique that bypasses ethical guardrails set up by OpenAI in its latest large language model (LLM), GPT-5, and produces illicit instructions. AI security startup SPLX, used more than 1,000 adversarial prompts in different configurations and found that the raw, unguarded GPT-5 without a system prompt will […]
Kirsten Doyle
Invitation Is All You Need: How Researchers Used a Calendar Event to Hijack Gemini Agents August 11, 2025
A Google Calendar invite. That’s all it took. Researchers from SafeBreach Labs have shown that an LLM-powered assistant like Google’s Gemini can be tricked into running malicious commands, accessing sensitive data, and even manipulating physical devices in a victim’s home, without a single click. Their work introduces a new variant of Promptware, called Targeted Promptware […]
Kirsten Doyle
Red Canary Flags Rapid Rise in Cloud-Based Attacks August 11, 2025
Red Canary has published its mid-year update to the 2025 Threat Detection Report, and the message is that threat actors are shifting tactics, and identity is the new battleground. Based on detections gathered in the first half of the year, the update shows a marked rise in cloud and identity threats, along with troubling signs […]
Kirsten Doyle
Over a Million Medical Devices Exposed Online, Revealing Private Patient Scans August 7, 2025
The healthcare industry’s digital expansion may be exposing more than it protects. How would you feel if strangers online saw your MRI scan and knew your diagnosis, maybe even before you did? That’s not a hypothetical, it’s already happening. New research from Modat shows that more than 1.2 million internet-connected healthcare devices and systems are […]
Kirsten Doyle
What Happens When Devices Cross Borders? The Role of Geofencing in Global IT August 7, 2025
Regional conflicts have triggered a significant corporate exodus, with many organizations shifting bases. This resulted in employees and their devices constantly being on the move. However, this isn’t an entirely new phenomenon. Nearly half a decade ago, the post-pandemic era had already ushered in a generation of borderless businesses and digital nomads. Globalization, economic incentives, […]
Apu Pavithran

Author: gurushyam.mony

CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance

How Hybrid Password Attacks Work and How to Defend Against Them

FBI Creates Fake Cryptocurrency to Expose Widespread Crypto Market Manipulation

GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks

OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf

Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware

THN Cybersecurity Recap: Top Threats, Tools and Trends (Oct 7 – Oct 13)

Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems

5 Steps to Boost Detection and Response in a Multi-Layered Cloud

WordPress Plugin Jetpack Patches Major Vulnerability Affecting 27 Million Sites

[email protected]