In the cybersecurity world, analysts often focus on the adversary’s tactics, techniques, and procedures (TTPs), but what...
Do Son
Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.
A newly discovered vulnerability in the Deep Java Library (DJL) has been found to leave systems open...
Since its initial release on GitHub in 2022 by user XZB-1248, SparkRAT has evolved into a widely...
A recent Cofense Intelligence report has uncovered a troubling trend: threat actors are increasingly abusing .gov top-level...
A recent report by CloudSEK’s BeVigil reveals how a common web misconfiguration, namely enabled directory listings, led...
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert regarding the Contec CMS8000,...
A new Google Threat Intelligence Group (GTIG) report titled “Adversarial Misuse of Generative AI” provides a detailed...
The mailcow project, an open-source email server platform, has addressed a session fixation vulnerability that could allow...
McAfee Labs has issued a warning about a new wave of malware targeting young gamers on YouTube....
Rockwell Automation has recently released security advisories to address multiple vulnerabilities in FactoryTalk View Machine Edition (ME),...
The world of cryptocurrency mining has always been complex, requiring significant investment, technical expertise, and time. But...
A recent security analysis by Yaniv Nizry, a vulnerability researcher at SonarSource, has revealed multiple critical vulnerabilities...
The Maverits Special Report provides a comprehensive analysis of APT28, a notorious Russian cyber espionage group affiliated...
Moxa, a leading provider of industrial networking and communication solutions, has recently addressed a critical out-of-bounds write...
Early this month, SonicWall disclosed a critical authentication bypass vulnerability in SonicOS, the operating system powering many...
D-Link has addressed a critical unauthenticated remote code execution (RCE) vulnerability affecting its DSL-3788 router. The vulnerability,...
Google’s ongoing efforts to bolster the security and privacy of the Android ecosystem have yielded significant results...
A critical zero-day vulnerability affecting Zyxel CPE (Customer Premises Equipment) devices, tracked as CVE-2024-40891, is currently being...
The Apache Hive project has recently addressed two important security vulnerabilities that could potentially allow attackers to...
The Cybereason Security Services Team has uncovered a new attack campaign where the Phorpiex botnet is being...
The Internet Systems Consortium (ISC) has recently disclosed two critical vulnerabilities affecting BIND, its widely used Domain...
The Cofense Phishing Defense Center (PDC) has uncovered a new wave of phishing attacks targeting organizations in...