TP-Link Router Flaw CVE-2023-33538 Under Active Exploit, CISA Issues Immediate Alert

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw...

Meta Starts Showing Ads on WhatsApp After 6-Year Delay From 2018 Announcement

Meta Platforms on Monday announced that it’s bringing advertising to WhatsApp, but emphasized that the...

U.S. Seizes $7.74M in Crypto Tied to North Korea’s Global Fake IT Worker Network

The U.S. Department of Justice (DoJ) said it has filed a civil forfeiture complaint in...

Anubis Ransomware Encrypts and Wipes Files, Making Recovery Impossible Even After Payment

An emerging ransomware strain has been discovered incorporating capabilities to encrypt files as well as...

⚡ Weekly Recap: iPhone Spyware, Microsoft 0-Day, TokenBreak Hack, AI Data Leaks and More

Some of the biggest security problems start quietly. No alerts. No warnings. Just small actions...

Playbook: Transforming Your Cybersecurity Practice Into An MRR Machine

Introduction The cybersecurity landscape is evolving rapidly, and so are the cyber needs of organizations...

Malicious PyPI Package Masquerades as Chimera Module to Steal AWS, CI/CD, and macOS Data

Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that’s...

Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets

A new malware campaign is exploiting a weakness in Discord’s invitation system to deliver an...

Application Development Guidance: Introduction

Guidance for risk assessors, and developers of applications which will be run on devices handling...

Test

...

CYPRO SERVICE DESCRIPTION (for review)

1. Continuous Automated Red Teaming (CART) 2. Build operate transfer (BOT) Security Operational Centers (SOC)...

CYPRO E-NEWSLETTER

Volume 1 – 2023 September  Volume 2 – Q4 2023 – November Volume 3 –...

CYPRO PENETRATION TESTING SERVICE

External Security Assessment (OSINT + Blackbox)   Web & Mobile App Pentest   Network Pentest   IoT Pentest ...

CYPRO SERVICE DESCRIPTION (for download)

CYPRO Services Portfolio with Case Studies Why CYPRO?  Predict (White Team) service   Recover (Blue Team)...

8th Annual NICE K12 Cybersecurity Education Conference

Attend the NICE K12 Cybersecurity Education Conference in St. Louis, Missouri on December 5-6, 2022...

1 Comment

FISSEA Fall Forum: November 15, 2022

The FISSEA Forums are quarterly meetings to provide opportunities for policy and programmatic updates, the...

Stop Worrying About Passwords Forever

So far 2022 confirms that passwords are not dead yet. Neither will they be anytime...

Researchers Detail Emerging Cross-Platform BianLian Ransomware Attacks

The operators of the emerging cross-platform BianLian ransomware have increased their command-and-control (C2) infrastructure this...

Oktapus attack on Twilio exposes data of 163 companies

The data breach was caused by a phishing attack on Twilio...

Over 1,800 Android and iOS Apps Found Leaking Hard-Coded AWS Credentials

Researchers have identified 1,859 apps across Android and iOS containing hard-coded Amazon Web Services (AWS)...

Infra Used in Cisco Hack Also Targeted Workforce Management Solution

The attack infrastructure used to target Cisco in the May 2022 incident was also employed against an...

Microsoft Discover Severe ‘One-Click’ Exploit for TikTok Android App

Microsoft on Wednesday disclosed details of a now-patched “high severity vulnerability” in the TikTok app...

Apple Releases iOS Update for Older iPhones to Fix Actively Exploited Vulnerability

Apple on Wednesday backported security updates to older iPhones, iPads, and iPod touch devices to...

IOTW: Plex urges customers to change passwords following data breach

The streaming service suffered a data breach by a third-party that allowed them unauthorized access...

Google blocks ‘largest ever’ web DDoS attack

The DDoS attack against a Google cloud user was 76 percent larger than the previous...

Almost one million people affected by medical billing ransomware attack

A medical billing vendor has suffered a data breach due to a ransomware attack that...

IOTW: Signal users directly targeted in Twilio phishing attack

A phishing-based attack on Twilio has led to a potential 1,900 Signal users phone numbers...

Twitter confirms data from 5.4 million accounts has been stolen

A Twitter data breach has led to accounts being put up for sale on a...

Nomad offers $19m bounty for stolen crypto

A bridge hack against cryptocurrency firm Nomad has led to the loss of $190m, with...

Social engineering “most dangerous” threat, say 75% of security professionals

Respondents to CS Hub’s Mid-Year Market Report cited social engineering and phishing attacks as the...