-
A critical security vulnerability has emerged in Azure Active Directory (Azure AD) configurations that exposes sensitive application credentials, providing attackers with unprecedented access to cloud environments. This vulnerability centers around the exposure of appsettings.json files containing ClientId and ClientSecret credentials, effectively handing adversaries the keys to entire Microsoft 365 tenants. The vulnerability was identified during […] The post Azure Active Directory Vulnerability Exposes Credentials and Enables Attackers to Deploy Malicious Apps appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Over the past two years, Fox-IT and NCC Group have tracked a sophisticated Lazarus subgroup targeting financial and cryptocurrency firms. This actor overlaps with AppleJeus, Citrine Sleet, UNC4736 and Gleaming Pisces campaigns and leverages three disti…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Nmap has remained at the forefront of network discovery and security assessment for nearly three decades. Originally introduced on September 1, 1997, in Phrack magazine as a modest, 2,000-line Linux-only port scanner, Nmap has since matured into a sprawling toolkit encompassing OS and version detection, scripting, packet crafting, and more. As Nmap celebrates its 28th […] The post 28 Years of Nmap – From Simple Port Scanner to Comprehensive Network Security Suite appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft announced that it will enforce mandatory multi-factor authentication (MFA) for all sign-in attempts to the Azure portal and other administrative interfaces. The new requirement, which builds on Microsoft’s long-standing commitment t…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Wireshark Foundation today announced the release of Wireshark 4.4.9, delivering critical stability improvements and updates to its protocol dissectors. This incremental release, the ninth maintenance update in the 4.4 series, addresses a high-…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated new keylogger malware dubbed “TinkyWinkey” that is targeting Windows systems with advanced stealth capabilities and comprehensive data exfiltration features. First observed in late June 2025, this malware represents a signif…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity firm Zscaler has disclosed a data breach affecting customer contact information after unauthorized actors gained access to the company’s Salesforce database through compromised third-party application credentials. The breach origina…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Wireshark team has rolled out version 4.4.9, a maintenance release for the world’s most popular network protocol analyzer. This update focuses on stability and reliability, delivering a series of important bug fixes and enhancing support for several existing protocols. The new version is now available for all supported platforms, including Windows, macOS, and Linux. […] The post Wireshark 4.4.9 Released With Fix For Critical Bugs and Updated Protocol Support appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A group claiming to be a coalition of hackers has reportedly issued an ultimatum to Google, threatening to release the company’s databases unless two of its employees are terminated. The demand, which appeared in a Telegram post, specifically named Austin Larsen and Charles Carmakal, both members of Google’s Threat Intelligence Group. According to a post […] The post Hackers Reportedly Demand Google Fire Two Employees, Threaten Data Leak appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The telecommunications landscape is facing an unprecedented crisis as SIM swapping attacks surge to alarming levels, with the United Kingdom alone reporting a staggering 1,055% increase in incidents during 2024, jumping from just 289 cases in 2023 to nearly 3,000 cases. This explosive growth in telecommunications fraud has prompted urgent calls for enhanced security measures, […] The post SIM Swapping Attacks on the Rise – How eSIM can Make SIM Swapping Harder appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
