As organizations accelerate cloud adoption, CISOs face unprecedented challenges securing dynamic, multi-cloud environments. The shift to cloud-native architectures, hybrid workloads, and decentralized data storage has […]
Author: cyberbytes
How CISOs Can Strengthen Supply Chain Security in 2025
The responsibilities of Chief Information Security Officers (CISOs) are rapidly evolving as digital transformation and global interconnectivity reshape the modern supply chain. In 2025, the […]
Cybercriminals Trick Tenants into Sending Rent to Fraudulent Accounts
Proofpoint, a leading cybersecurity firm, has identified and named a new financially motivated Business Email Compromise (BEC) threat actor, dubbed TA2900, actively targeting individuals in […]
Researchers Turned Azure Storage Wildcards into a Stealthy Internal SOCKS5 Backdoor
Security researchers at Quarkslab have developed a new covert channel technique that exploits Microsoft’s recommended Azure Storage firewall configurations to bypass network restrictions. Their proof-of-concept […]
Researchers Uncovered RansomHub Operation and it’s Relation With Qilin Ransomware
Security researchers have identified significant connections between two major ransomware-as-a-service (RaaS) operations, with evidence suggesting affiliates from the recently-disabled RansomHub group may have migrated to […]
SonicWALL Connect Tunnel Vulnerability Could Allow Attackers to Trigger DoS Attacks
A newly disclosed vulnerability in SonicWall’s Connect Tunnel Windows Client could allow malicious actors to trigger denial-of-service (DoS) attacks or corrupt files, according to a […]
TheWizards Deploy ‘Spellbinder Hacking Tool’ for Global Adversary-in-the-Middle Attack
ESET researchers have uncovered sophisticated attack techniques employed by a China-aligned threat actor dubbed “TheWizards,” which has been actively targeting entities across Asia and the […]
Cato Networks macOS Client Vulnerability Enables Low-Privilege Code Execution
A critical vulnerability in Cato Networks’ widely used macOS VPN client has been disclosed, enabling attackers with limited access to gain full control over affected […]
DARPA Highlights Critical Infrastructure Security Challenges
Leaders at federal research organizations DARPA, ARPA-I, and ARPA-H discussed the myriad obstacles in addressing critical infrastructure security at RSAC Conference 2025. The original article […]
Chinese Hackers Abuse IPv6 SLAAC for AitM Attacks via Spellbinder Lateral Movement Tool
A China-aligned advanced persistent threat (APT) group called TheWizards has been linked to a lateral movement tool called Spellbinder that can facilitate adversary-in-the-middle (AitM) attacks. […]