Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware – Go Health Pro

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware – Go Health Pro

May 03, 2025Ravie LakshmananMalware / Operational Technology An Iranian state-sponsored threat group has been attributed to a long-term cyber intrusion aimed at a critical national infrastructure (CNI) in the Middle East that lasted nearly two years. The activity, which lasted from at least May 2023 to February 2025, entailed “extensive espionage operations and suspected network … Read more

Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Flaws and ThreatNeedle Malware – Go Health Pro

Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Flaws and ThreatNeedle Malware – Go Health Pro

Apr 24, 2025Ravie LakshmananMalware / Threat Intelligence At least six organizations in South Korea have been targeted by the prolific North Korea-linked Lazarus Group as part of a campaign dubbed Operation SyncHole. The activity targeted South Korea’s software, IT, financial, semiconductor manufacturing, and telecommunications industries, according to a report from Kaspersky published today. The earliest … Read more

‘Vibe coding’ using LLMs susceptible to most common security flaws – Go Health Pro

‘Vibe coding’ using LLMs susceptible to most common security flaws – Go Health Pro

“Vibe coding,” a recent trend of using large language models (LLMs) to generate code based on plain-language prompts, can yield code that is vulnerable to up to nine out of the top 10 weaknesses in the Common Weakness Enumeration (CWE), according to Backslash Security.Vibe coding, while only gaining popularity within the last few months, is … Read more

Critical mySCADA myPRO Flaws Could Let Attackers Take Over Industrial Control Systems – Go Health Pro

Critical mySCADA myPRO Flaws Could Let Attackers Take Over Industrial Control Systems – Go Health Pro

Mar 19, 2025Ravie LakshmananVulnerability / Network Security Cybersecurity researchers have disclosed details of two critical flaws impacting mySCADA myPRO, a Supervisory Control and Data Acquisition (SCADA) system used in operational technology (OT) environments, that could allow malicious actors to take control of susceptible systems. “These vulnerabilities, if exploited, could grant unauthorized access to industrial control … Read more

Hidden flaws exist in millions of RSA digital certificates – Go Health Pro

Hidden flaws exist in millions of RSA digital certificates – Go Health Pro

Millions of the cryptographic digital certificates that secure internet communications and software updates have serious flaws that can be exploited, a presentation at the Keyfactor Tech Days conference in Miami last week demonstrated.”You stand up a web server, your customers come to you, a little lock pops up,” Keyfactor Chief Security Officer Chris Hickman told … Read more