Tag: CLOUD

Microsoft’s killing script used to avoid Microsoft Account in Windows 11
Summary: Microsoft has removed the ‘BypassNRO.cmd’ script from Windows 11 preview builds, which enabled users to bypass the Microsoft Account requirement during OS installation. This change aims to enhance security and promote cloud-based services associated with Microsoft Accounts. While the script is gone, users can still create the bypass manually via the Windows Registry, potentially facing future restrictions on this method.…
Read More

Summary: The video discusses the latest developments in cybersecurity, including the case of Matt Weiss, a former Michigan quarterback coach facing serious federal charges for hacking student accounts. Additionally, it covers the ongoing issues around data breaches, scam-busting initiatives, and the introduction of new AI technologies aimed at thwarting data scraping.…
Read More

Summary: The video discusses a ransomware technique targeting Amazon S3 buckets, illustrating how attackers can gain access to sensitive data and encrypt it, leading organizations to pay a ransom to retrieve their files. It highlights the vulnerabilities associated with compromised IAM credentials and overly permissive IAM rules, and explains how security professionals can detect and prevent such attacks.…
Read More
Summary: The Cybersecurity and Infrastructure Security Agency (CISA) has issued a Malware Analysis Report on a new malware variant called RESURGE, which has sophisticated persistence and manipulation capabilities, particularly linked to a known vulnerability in Ivanti products. The report highlights detailed mitigation measures in response to RESURGE’s exploitation of the CVE-2025-0282 vulnerability.…
Read More
BlackLock Ransomware Exposed After Researchers Exploit Leak Site Vulnerability
Summary: Threat hunters infiltrated the infrastructure of the BlackLock ransomware group, revealing significant operational security flaws and exposing data linked to its activities. A critical vulnerability was identified in their Data Leak Site (DLS), allowing access to sensitive configuration files and command histories. This incident highlights the increasing complexity of ransomware operations and their interconnections in the underground economy.…
Read More
UK braced for ‘free speech’ row with JD Vance as far-right websites spurn Online Safety Act
Summary: UK officials face potential conflict with the US as far-right social media platforms resist compliance with the Online Safety Act, which aims to curb illegal content. Platforms like Gab and Kiwi Farms have publicly rejected Ofcom’s legal requests, citing concerns over perceived censorship. The British government remains firm on enforcing compliance, risking sanctions against non-compliant platforms despite US backlash.…
Read More
Report: Personal info on federal judges is widely accessible online, leading to safety risks
Summary: A study revealed that over half of U.S. appellate judges have their personal data exposed on people search sites, increasing their risk of threats and violent retaliation. Legislation, including Daniel’s Law and a similar bill in Vermont, aims to protect judicial figures by limiting the visibility of their personal information online.…
Read More
Oracle Health breach compromises patient data at US hospitals
Summary: A breach at Oracle Health has compromised patient data from multiple US healthcare organizations after a threat actor accessed legacy servers. Oracle Health, formerly Cerner, confirmed the incident but has faced criticism for its lack of transparency and communication. Healthcare organizations are advised to determine their own notification responsibilities regarding potential HIPAA violations due to the breach.…
Read More
The Lotus Blossom, also known as Lotus Panda, is a sophisticated Chinese APT group involved in cyber espionage for over a decade. They have recently enhanced their tactics by deploying new Sagerunex backdoor variants that utilize third-party cloud services and social media for command-and-control activities. This article examines their tactics, techniques, and procedures, detailing their operational framework along with the challenges we face against such persistent threats.…
Read More
New Ubuntu Linux security bypasses require manual mitigations
Summary: Researchers from Qualys have identified three security bypasses in Ubuntu Linux that allow unprivileged local users to create user namespaces with full administrative capabilities, potentially exploiting kernel vulnerabilities. The affected versions include Ubuntu 23.10 and 24.04, where user namespace restrictions are implemented. Canonical, the organization behind Ubuntu, is working on improving AppArmor protections as a response to these findings.…
Read More
Researchers Uncover 46 Critical Flaws in Solar Inverters From Sungrow, Growatt, and SMA
Summary: Researchers have identified 46 vulnerabilities in solar inverter products from Sungrow, Growatt, and SMA, potentially allowing attackers to execute remote code or take control of devices, posing severe risks to electrical grids. The vulnerabilities, dubbed SUN:DOWN, could lead to significant disruptions and potential blackouts if exploited.…
Read More
Firefox fixes flaw similar to Chrome zero-day used against Russian organizations
Summary: Mozilla has addressed a critical security vulnerability in its Firefox browser, identified as CVE-2025-2857, which could allow attackers to bypass sandbox protections on Windows. This follows a similar vulnerability in Google Chrome that was exploited during espionage attacks in Russia. Currently, there is no evidence that this Firefox flaw has been exploited in the wild.…
Read More
Product Walkthrough: How Datto BCDR Delivers Unstoppable Business Continuity
Summary: As modern IT environments face increasing risks, businesses are shifting focus from basic backups to comprehensive Business Continuity and Disaster Recovery (BCDR) solutions. Datto BCDR offers a streamlined platform that integrates local and cloud recovery options to ensure minimal downtime and data loss. With advanced features such as automated backup verification and 1-Click Disaster Recovery, organizations can enhance their resilience against IT disasters.…
Read More
How an Exposed Jenkins Instance Led to a Full-Scale Infrastructure Compromise
This article discusses the risks associated with misconfigured Jenkins instances in CI/CD pipelines, highlighting a specific case where an exposed Jenkins service led to unauthorized access and severe security vulnerabilities. The findings from CloudSEK’s BeVigil underscore the potential consequences of such misconfigurations, including remote code execution, credential theft, and regulatory risks.…
Read More
PJobRAT Malware Campaign Targeted Taiwanese Users via Fake Chat Apps
Summary: A new campaign utilizing the PJobRAT Android malware has been detected, targeting users in Taiwan under the guise of chat applications. This malware, previously aimed at Indian military personnel, has evolved to harvest sensitive information while masquerading as messaging apps. Security researchers indicate its operation spanned nearly two years before pausing in October 2024.…
Read More