Netizen Blog and News
The Netizen team sharing expertise, insights and useful information in cybersecurity, compliance, and software assurance.
Category: Security
-
Functioning as a Telegram bot-based toolkit, Telekopye, an e-commerce threat vector, streamlines the execution of advanced phishing operations. It enables perpetrators, referred to as ‘Neanderthals’, to deploy a range of tactics including spear-phishing through crafted HTML pages, domain spoofing, and social engineering via SMS and email phishing campaigns. This toolkit marks a significant escalation in…
-
Security vulnerabilities are a constant threat to businesses. Netizen’s Security Operations Center has identified five critical vulnerabilities from November that require immediate attention. These include privilege escalation, path traversal, SQL injection, CSRF, and local privilege escalation issues in various software. Netizen offers advanced solutions and services to help businesses enhance their cybersecurity posture.
-
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has taken a significant step towards enhancing the cybersecurity posture of the nation’s critical infrastructure sectors. The agency has announced the launch of an innovative pilot program, aimed at extending cutting-edge cybersecurity shared services to critical infrastructure entities, especially those most in need of such support. This…
-
Cryptocurrency wallets, particularly those created between 2011 and 2015, have recently been thrust into the spotlight due to a significant vulnerability known as “Randstorm.” This vulnerability has raised concerns across the cryptocurrency community, highlighting the risks associated with outdated software and insufficient security measures in digital asset management. What is the Randstorm Vulnerability? The Randstorm…
-
In a critical update, Microsoft has addressed 63 vulnerabilities in its operating systems as part of its November 2023 Patch Tuesday. This includes the patching of five zero-day vulnerabilities, three of which are currently being exploited by attackers. These updates are vital for securing systems against potential breaches and attacks. Zero-Day Vulnerabilities in the November…
-
In a landmark operation in early 2023, the FBI, along with German and Dutch authorities, dismantled Hive, a prolific ransomware group. This collective had extorted over $100 million since June 2021, targeting a wide range of sectors. The FBI’s operation infiltrated Hive’s network over seven months, obtaining decryption keys for over 300 recent victims and…
-
The discovery of CVE-2023-22518 presents a significant concern for organizations using Confluence Data Center and Server. Atlassian has granted the vulnerability a 10/10 CVSS score based on an internal assessment, however the NVD has yet to provide a score. This is the second major vulnerability discovered in Atlassian Confluence over the past few weeks; CVE-2023-22515,…
-
The Common Vulnerability Scoring System (CVSS) serves as a standard for assessing the severity of computer system security vulnerabilities. Its latest iteration, CVSS version 4.0, was originally shown in a public preview on June 8, 2023, at the 35th Annual FIRST Conference in Montreal, and was officially launched in General Availability (GA) on November 1st,…
-
The phrase “deepfake”, an amalgamation of the words “deep learning” and “fake,” is defined as any method of synthetic media, images, or video, that is manipulated in order to create a piece of media that conveys a different message. Using machine learning algorithms, malicious actors compile images and sounds from various sources, creating hoax videos…
-
Intrusion Detection Systems (IDS) serve as a critical layer in the cybersecurity infrastructure of organizations. These systems monitor network traffic or host activities for malicious actions or policy violations. Deployed as software or hardware, IDS are categorized into Network Intrusion Detection Systems (NIDS) and Host Intrusion Detection Systems (HIDS). The former scrutinizes the traffic on…
Netizen Blog and News 