Blog – Page 731 – Cyber Mike

Steganography Explained: How XWorm Hides Inside Images

Inside the most innocent-looking image, a breathtaking landscape, or a funny meme, something dangerous could be hiding, waiting for its moment to strike.
No strange file names. No antivirus warnings. Just a harmless picture, secretly concealing a payload that can steal data, execute malware, and take over your system without a trace.
This is steganography, a cybercriminal’s secret weapon for

SideWinder APT Targets Maritime, Nuclear, and IT Sectors Across Asia, Middle East, and Africa

Maritime and logistics companies in South and Southeast Asia, the Middle East, and Africa have become the target of an advanced persistent threat (APT) group dubbed SideWinder.
The attacks, observed by Kaspersky in 2024, spread across Bangladesh, Cambodia, Djibouti, Egypt, the United Arab Emirates, and Vietnam. Other targets of interest include nuclear power plants and nuclear energy

Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches

Taiwanese company Moxa has released a security update to address a critical security flaw impacting its PT switches that could permit an attacker to bypass authentication guarantees.
The vulnerability, tracked as CVE-2024-12297, has been assigned a CVSS v4 score of 9.2 out of a maximum of 10.0.
“Multiple Moxa PT switches are vulnerable to an authentication bypass because of flaws in their

CISA Adds Five Actively Exploited Vulnerabilities in Advantive VeraCore and Ivanti EPM to KEV List

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting Advantive VeraCore and Ivanti Endpoint Manager (EPM) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild.
The list of vulnerabilities is as follows –

CVE-2024-57968 – An unrestricted file upload vulnerability in Advantive VeraCore

Cyber News

Steganography Explained: How XWorm Hides Inside Images

SideWinder APT Targets Maritime, Nuclear, and IT Sectors Across Asia, Middle East, and Africa

Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches

CISA Adds Five Actively Exploited Vulnerabilities in Advantive VeraCore and Ivanti EPM to KEV List

Elon Musk Claims X Being Targeted in ‘Massive Cyberattack’ as Service Goes Down

X hit by ‘massive cyberattack’ amid Dark Storm’s DDoS claims

US govt says Americans lost record $12.5 billion to fraud in 2024

Microsoft shares guidance on upcoming Publisher deprecation

Trump Coins Used as Lure in Malware Campaign

Details Disclosed for SCADA Flaws That Could Facilitate Industrial Attacks