RansomHub Affiliate leverages Python-based backdoor

In an incident response in Q4 of 2024, GuidePoint Security identified evidence of a threat actor utilizing a Python-based backdoor to maintain access to compromised endpoints. The threat actor later leveraged this access to deploy RansomHub encryptors throughout the entire impacted network. ReliaQuest documented an earlier version of this malware on their website in February 2024….

Read More

US Treasury Department imposes sanctions on Chinese company over Salt Typhoon hack

The U.S. Treasury Department on Friday imposed sanctions on alleged hacker Yin Kechen and cybersecurity company Sichuan Juxinhe Network Technology Co., accusing both of being involved in a series of hacks against American telecom companies. The Department of the Treasury’s Office of Foreign Assets Control (OFAC)  in US is sanctioning Yin Kecheng, a Shanghai-based cyber…

Read More

Palo Alto Networks Expedition Tool Vulnerability Exposes Cleartext Firewall Passwords

Palo Alto Networks has disclosed multiple critical security vulnerabilities in its Expedition migration tool, including a concerning OS command injection flaw that enables attackers to execute arbitrary commands and access sensitive firewall credentials. The command injection vulnerability (CVE-2025-0107) allows authenticated attackers to run arbitrary OS commands as the www-data user, potentially exposing usernames, cleartext passwords, device…

Read More

2025 Predictions for Cyber Trends, Bolster CEO, Rod Schultz

As organization prepare for 2025 to defend and prepare cybersecurity strategies, we can vouch that there would be AI for sophisticated phishing, vishing, and social engineering attacks. This would be accompanied by ransomware and multifaceted extortion can be more  disruptive form of cyber crime, impacting various sectors and countries. Along with AI-powered attacks, geopolitical tensions,…

Read More

Keycentrix and UST Announce Strategic Partnership to Drive Innovation & Scale

Partnership announcement UST, a leading digital transformation solutions company, announced its partnership with Keycentrix, a leading provider of pharmacy software and technology solutions, to enhance Keycentrix’s product suite, expand market reach, and increase value for customers. With this strategic alliance, Keycentrix is better positioned to deliver next-level pharmacy solutions that harness innovation, advanced technology, and accelerated go-to-market capabilities. This partnership will…

Read More

Cloud Box Technologies FortiSASE certification enhances its cybersecurity solutions

Cloud Box Technologies (CBT), a premier systems integrator and IT services specialist in the Middle East, today announced that the company has received the prestigious FortiSASE certification after successfully navigating Fortinet’s rigorous certification process. The FortiSASE certification aligns with CBT’s vision to address the growing demand for secure, scalable, and flexible cloud-based solutions. The certification…

Read More

MeitY releases Draft Digital Personal Data Protection Rules, 2025

Meity has drafted the Digital Personal Data Protection Rules, 2025 to facilitate the implementation of the Digital Personal Data Protection Act, 2023 (DPDP Act). It aims to strengthen the legal framework for the protection of digital personal data by providing necessary details and an actionable framework. Stakeholder are invited to share feedback/comments on the draft Rules. Please Click here to view Draft…

Read More

‘Security by Design Principal’ is not an option but an important security Strategy;  Srinivas Shekar, Pantherun Technologies

Pantherun Technologies in cybersecurity space has Innovating offerings, a  unique approach to protecting any device that uses or stores data. The company’s pioneering data protection approach involves the real-time encryption of data, making breaches 10x harder. Pantherun’s vision is to make encryption secure, easy to use and affordable for industries and users everywhere. Today, Pantherun…

Read More

16 Chrome Extensions Hacked, Exposing Over 600,000 Users to Data Theft

Hackers target Chrome browser extensions 16 extensions being compromised Exposed over 600,000 users to data exposure and credential theft The attack targeted publishers of browser extensions on the Chrome Web Store via a phishing campaign Hackers used their access permissions to insert malicious code into legitimate extensions in order to steal cookies and user access…

Read More