Michael D. Mihalo, also known as Dale Michael Mihalo Jr. and ggmccloud1, has pleaded guilty in a Missouri court to operating a darknet carding site and selling financial information belonging to thousands…
Category: English
8220 Gang Exploits Oracle Vulnerability
The notorious 8220 Gang has been identified as a low-skill crimeware group that has been exploiting a six-year-old vulnerability in Oracle WebLogic servers in order to gain unauthorized access to sensitive data,…
Manufacturing Cybersecurity: 5 Steps
Manufacturing companies are rapidly integrating their operational technology (OT) and information technology (IT) systems to speed up their digital transformation. This has helped them to increase efficiency and cut down on operational…
Lemon Group Malware: Global Threat
The Lemon Group has been conducting malicious activity through 8.9 million pre-infected Android devices around the world. The Guerilla malware has been detected in over 180 countries and 50 brands of mobile…
Low-Skill Hackers Bypass Security
Hackers of even low levels of skill are increasingly finding ways to bypass security measures such as two-factor authentication, using techniques like overlay attacks. Verimatrix CEO Asaf Ashkenazi discussed the prevalence of…
SIM Swappers Target Azure VMs
Cyber actors are using Microsoft Azure Serial Console on virtual machines (VMs) to install third-party remote management tools, according to Mandiant. The threat group, known as UNC3944, Roasted 0ktapus, and Scattered Spider,…
OilAlpha Espionage Campaign
OilAlpha, a hacking group believed to be connected to Yemen’s Houthi movement, has been found to be conducting a cyber espionage campaign targeting development, humanitarian, media, and non-governmental organizations in the Arabian…
Server-Side Request Forgery (SSRF) – VIDEO
SSRF vulnerabilities have gained attention in the cybersecurity community, leading to their inclusion in the Top 10 OWASP list. These flaws arise when web applications fail to validate user-supplied URLs while fetching…
CVE-2023-27217: Unprotected Belkin Plug
The Belkin Wemo Mini Smart Plug V2 (F7C063) has been found to contain a vulnerability, CVE-2023-27217, which can allow a malicious actor to remotely inject malicious commands. This is due to the…
Closing Cybersecurity Gap
There is an ever-increasing demand for cybersecurity professionals, with estimates suggesting a gap of over 3.5 million unfilled positions by 2025. However, the current worldwide workforce only has a 38% ‘availability of…