Aggregator

Latest version of the CAF focusses on clarification and consistency between areas of the CAF.

The NCSC now uses 'allow list' and 'deny list' in place of 'whitelist' and 'blacklist'. Emma W explains why...

Why organisations should avoid ‘blame and fear’, and instead use technical measures to manage the threat from phishing.

ThinkCyber's CEO Tim Ward reflects on the challenges that startups face when developing innovative products.

A sophisticated malware campaign targeting mobile users in South Korea has been uncovered, with clear links to North Korean threat actors. The malicious application, masquerading as a “Document Viewing Authentication App” (문서열람 인증 앱). This malicious app was identified through VirusTotal on January 21, 2025, and has been actively stealing sensitive information from compromised devices. […]

The post Beware of North Korean Hackers DocSwap Malware Disguised As Security Document Viewer appeared first on Cyber Security News.

Mozilla has issued an urgent warning to all Firefox users, emphasizing the need to update their browsers before a critical root certificate expires on March 14, 2025. This certificate is used to verify signed content and add-ons across various Mozilla projects, including Firefox. Failure to update to version 128 or higher (or ESR version 115.13+ […]

The post Mozilla Issues Urgent Firefox Update Warning to Prevent Add-on Failures appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

2025年2月，勒索软件攻击量创下历史新高，较去年同期增加了126%，其中Cl0p勒索软件团伙表现尤为突出。

Cybersecurity firm Bitdefender has disclosed two high-severity security vulnerabilities affecting its legacy BOX v1 device, exposing users to potential remote code execution and man-in-the-middle attacks. The vulnerabilities, identified on March 12th, 2025, affect a product that is no longer sold or supported by the company, but the disclosure demonstrates Bitdefender’s ongoing commitment to security transparency […]

The post Bitdefender Identifies Security Vulnerabilities Enabling Man-in-the-Middle Exploits appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Meta warned that a vulnerability, tracked as CVE-2025-27363, impacting the FreeType library may have been exploited in the wild. Meta warned that an out-of-bounds write flaw, tracked as CVE-2025-27363 (CVSS score of 8.1), in the FreeType library may have been actively exploited in attacks. “An out of bounds write exists in FreeType versions 2.13.0 and below when attempting to […]

As IT environments grow more complex, IT professionals are facing unprecedented pressure to secure business-critical data. With hybrid work the new standard and cloud adoption on the rise, data is increasingly distributed across different environments, providers and locations, expanding the attack surface for emerging cyberthreats. While the need for a strong data protection strategy has become

A new campaign involving the DCRat backdoor has recently been uncovered, leveraging YouTube as a primary distribution channel. Since the beginning of the year, attackers have been using the popular video-sharing platform to target users by creating fake or stolen accounts. These malicious actors upload videos that appear to offer cheats, cracks, game bots, and […]

The post New DCRat Campaign Uses YouTube Videos to Target Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Хакеры создали карту уязвимостей для блэкаута американских городов.

VC firms invested 35% more in cybersecurity startups in North America and Europe in Q4 2024 than a year previously

The cybersecurity landscape has witnessed a concerning development as the threat actor group known as Blind Eagle (also tracked as APT-C-36) has launched a sophisticated campaign targeting organizations primarily in South America with a novel attack vector. The group, known for its persistent targeting of Colombian entities, has expanded its tactical repertoire to include weaponized […]

The post Blind Eagle Attacking Organizations With Weaponized .url Files To Extract User Hash appeared first on Cyber Security News.