A security researcher known as newp1ayer48 has successfully demonstrated a method to extract firmware from IoT and embedded devices using direct Flash Memory dumps, providing valuable insights for security professionals and bug bounty hunters. The technique, while potentially risky for…
Tag: Cyber Security News
Apple iOS 18.4 Beta 3 Released – New Features, Enhancements, and What to Expect
Apple has taken another step toward the official release of iOS 18.4 by seeding the third developer beta of the update to testers late on March 10, 2025. This latest beta, identified by build number 22E5222f, arrives just one week…
10 Best IT Systems Management Tools – 2025
IT systems management tools are essential for organizations to monitor, manage, and optimize their IT infrastructure effectively. These tools provide comprehensive solutions for handling networks, servers, applications, and devices, ensuring seamless operations and improved productivity. SolarWinds stands out with its…
Penetration Testing Tool Cobalt Strike Usage by Cybercrimninals Decreased by 80%
A two-year coordinated effort by cybersecurity firms and law enforcement agencies has significantly reduced the illicit use of Cobalt Strike, a legitimate penetration testing tool frequently weaponized by ransomware operators and nation-state actors. According to Fortra, Microsoft’s Digital Crimes Unit…
Fake BianLian Ransom Claims Targeting US Firms With Physical Letters
Multiple US organizations reported receiving suspicious physical letters claiming to be from the BianLian ransomware group. These letters have been delivered via regular mail to executive team members, falsely asserting that the recipient’s corporate IT network has been compromised and…
X (Twitter) Down? Massive Outage Leads to Page Load Issues
X (formerly Twitter) experienced a global outage today, March 10, 2025, leaving many users unable to access the platform. The disruption, which affected both the app and website, sparked frustration and confusion among users worldwide. Reports of the outage began…
Moxa Industrial Ethernet Switches Vulnerability Let Attackers Gain Admin Access
A critical security flaw in Moxa’s PT series industrial Ethernet switches enables attackers to bypass authentication mechanisms and compromise device integrity. Tracked as CVE-2024-12297, this vulnerability (CVSS 4.0: 9.2) affects nine PT switch models and stems from weaknesses in the…
Laravel Framework Vulnerability Let Attackers Execute Malicious Java Script
A critical security vulnerability (CVE-2024-13918) in the Laravel framework allows attackers to execute arbitrary JavaScript code on websites running affected versions of the popular PHP framework. The flaw, discovered in Laravel’s debug-mode error page rendering, exposes applications to reflected cross-site…
Strela Stealer Malware Attacking Microsoft Outlook Users To Steal Login Credentials
Cybersecurity researchers at Trustwave have discovered a sophisticated malware campaign targeting Microsoft Outlook users to steal their login credentials. The Strela Stealer, named after the Russian word for “Arrow,” has been actively targeting systems since late 2022, with a precise…
Developer Pleads Guilty For Sabotaging Company’s Computer Systems With Malware
A federal jury convicted Davis Lu, a 55-year-old former software developer at Eaton Corp., on charges of intentionally crippling the company’s internal computer systems through malicious code designed to activate upon his termination. The verdict, delivered Friday after a six-day…