A sophisticated Android spyware campaign has been uncovered, disguising itself as the official application of the Chinese Prosecutor’s Office (检察院). This advanced variant of the SpyMax/SpyNote family targets Chinese-speaking users across mainland China and Hong Kong, exploiting Android Accessibility Services…
Tag: Cyber Security News
Global Zoom Outage Caused by Server Block Imposed from GoDaddy Registry
On April 16, 2025, millions of users worldwide found themselves unable to access Zoom, the widely used video conferencing platform, due to a critical outage that lasted nearly two hours. The disruption, which began at 11:25 AM PDT and was…
Linux Kernel Vulnerability Let Attackers Escalate Privilege – PoC Released
A newly discovered vulnerability, CVE-2024-53141, in the Linux kernel’s IP sets framework has exposed a critical security flaw that allows local attackers to escalate privileges and potentially gain root access. The vulnerability, assigned a CVSS score of 7.8, uncovered by…
How Security Analyst Using Memory Forensics Tools To Enhance Advanced Incident Response
Memory forensics has become an indispensable component of modern incident response strategies, enabling security teams to detect and analyze sophisticated threats that would otherwise remain hidden. Unlike traditional disk forensics, memory analysis provides insights into running processes, network connections, and…
How To Use YARA Rules To Identify Financial Sector Targeted Attacks
The financial sector faces increasingly sophisticated cyber threats, with system intrusion remaining the leading attack pattern for the third consecutive year. Advanced Persistent Threat (APT) groups specifically target financial institutions using various tools, techniques, and procedures. YARA rules provide a…
Web Server Hardening Best Practices For Organizations Across Industries
Web server hardening is a critical security process that reduces an organization’s attack surface and helps defend against ransomware, malware, and other cyberthreats. In today’s threat landscape, web servers are prime targets for attackers as they often serve as the…
U.S DOGE Allegedly Hacked – Fed Whistleblower Leaked Most Disturbing Documents
A federal whistleblower “Daniel Berulis”, A senior DevSecOps architect has allegedly sent a affidavit document of a U.S DOGE significant data breach at the National Labor Relations Board (NLRB), claiming that personnel from the Department of Government Efficiency (DOGE) accessed…
New XorDDoS Malware Allows Attackers to Create Sophisticated DDoS Bot Network
A significant evolution in distributed denial-of-service (DDoS) malware has been detected, with the latest version of XorDDoS continuing to spread globally between November 2023 and February 2025. This Linux-targeting trojan transforms compromised machines into “zombie bots” that can be coordinated…
CISA Warns of Multiple Apple 0-day Vulnerabilities Actively Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding multiple Apple 0-day vulnerabilities currently being actively exploited in targeted attacks. These critical security flaws affect a wide range of Apple products, including iOS, iPadOS, macOS, and…
PoC Exploit Released for Erlang/OTP SSH Remote Code Execution Vulnerability
A critical remote code execution vulnerability in Erlang/OTP’s SSH implementation has security teams scrambling to patch affected systems after researchers confirmed the development of a proof-of-concept exploit. The vulnerability, tracked as CVE-2025-32433 and assigned the maximum possible CVSS score of…