digital privacy – Threat Note

From Cyber Security News – 3 in 4 Enterprise Users Upload Data to GenAI Including Passwords and Keys

In a startling revelation, a new report indicates that three out of four enterprise users are uploading data to generative AI (genAI) applications, including sensitive information such as passwords and…

shaikh Saqib March 26, 2025

News

From Cyber Security News – CrushFTP HTTPS Port Vulnerability Leads to Unauthorized Access

Two critical vulnerabilities have been identified in widely used software: CrushFTP and Next.js. CrushFTP, a file transfer solution, contains a vulnerability allowing unauthorized access through standard web ports, bypassing security…

shaikh Saqib March 26, 2025

News

From Cyber Security News – Operation ForumTroll – APT Hackers Exploit Google Chrome Zero-Day To Bypass Sandbox Protections

In mid-March 2025, cybersecurity researchers uncovered “Operation ForumTroll,” targeting Russian media outlets and educational institutions. Victims are infected by clicking phishing links disguised as invitations to the “Primakov Readings” forum,…

shaikh Saqib March 26, 2025

News

From Cyber Security News – Your Smart TV May Bring Down the Entire Network

CYFOX has uncovered significant vulnerabilities in smart TVs that could potentially disrupt entire enterprise networks. This discovery was made possible by their groundbreaking OmniSec vCISO platform, the first GenAI-powered autonomous…

shaikh Saqib March 26, 2025

News

From Dark Reading – ‘Lucid’ Phishing-as-a-Service Exploits Faults in iMessage, Android RCS

Cybercriminals in China have figured out how to undermine the strengths of mobile messaging protocols. Read More

shaikh Saqib March 26, 2025

News

From Dark Reading – Beyond STIX: Next-Level Cyber-Threat Intelligence

While industry experts continue to analyze, interpret, and act on threat data, the complexity of cyber threats necessitates solutions that can quickly convert expert knowledge into machine-readable formats. Read More

shaikh Saqib March 26, 2025

News

From The Hacker News – EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware

The threat actor known as EncryptHub exploited a recently-patched security vulnerability in Microsoft Windows as a zero-day to deliver a wide range of malware families, including backdoors and information stealers such as Rhadamanthys and StealC. "In this attack, the threat actor manipulates .msc files and the Multilingual User Interface Path (MUIPath) to download and execute malicious payload,

shaikh Saqib March 26, 2025

News

From The Hacker News – RedCurl Shifts from Espionage to Ransomware with First-Ever QWCrypt Deployment

The Russian-speaking hacking group called RedCurl has been linked to a ransomware campaign for the first time, marking a departure in the threat actor's tradecraft. The activity, observed by Romanian cybersecurity company Bitdefender, involves the deployment of a never-before-seen ransomware strain dubbed QWCrypt. RedCurl, also called Earth Kapre and Red Wolf, has a history of orchestrating

shaikh Saqib March 26, 2025

News

From Cyber Security News – Critical NetApp SnapCenter Server Vulnerability Let Attackers Become an Admin User

A high-severity security vulnerability discovered in NetApp SnapCenter could allow authenticated users to gain administrative privileges on remote systems, posing significant risks to organizational data and infrastructure security. Security researchers…

shaikh Saqib March 26, 2025

News

From Cyber Security News – Cloudflare Attributes Recent Service Outage to Password Rotation Error

A credential rotation error led to widespread service disruptions across multiple Cloudflare products on March 21, 2025, affecting customers globally for over an hour. The company disclosed that 100% of…

shaikh Saqib March 26, 2025

News

From Cyber Security News – 200 Unique Domains Used by Raspberry Robin Unveiled

Raspberry Robin, a complex and evolving malware threat, has been operating since 2019, initially spreading through infected USB drives at print and copy shops. This sophisticated malware has transformed from…

shaikh Saqib March 26, 2025

News

From Dark Reading – New Testing Framework Helps Evaluate Sandboxes

The Anti-Malware Testing Standards Organization published a Sandbox Evaluation Framework to set a standard among various sandbox offerings that help protect organizations from rising threats. Read More

shaikh Saqib March 26, 2025

News

From Cyber Security News – Clevo Devices Boot Guard Private Key Exposed Via Firmware Update Packages

Researchers have discovered a major security vulnerability affecting multiple gaming laptop models using Clevo hardware. Boot Guard private keys were found exposed within firmware update packages, potentially allowing attackers to…

shaikh Saqib March 26, 2025

News

From Security Week – New Ransomware Group Claims Attack on US Telecom Firm WideOpenWest

[[{"value":"A new ransomware group called Arkana claims to have compromised the US telecommunications provider WideOpenWest. The post New Ransomware Group Claims Attack on US Telecom Firm WideOpenWest appeared first on…

shaikh Saqib March 26, 2025

News

From Security Week – SplxAI Raises $7 Million for AI Security Platform

[[{"value":"SplxAI has raised $7 million in a seed funding round led by LAUNCHub Ventures to secure agentic AI systems. The post SplxAI Raises $7 Million for AI Security Platform appeared…

shaikh Saqib March 26, 2025