Well shit... I can't access account balances in TWO different bank accounts. One just spins then says, "Try again later," the other is actually acknowledging they are having "technical difficulties." WHAT IS GOING ON?!!! Is anyone else having these issues?
Recent searches
Search options
Administered by:
#zeroday
12 posts12 participants0 posts today
Commvault Confirms Nation-State Attack via Zero-Day Exploit in Azure Environment
Commvault has confirmed that a nation-state threat actor exploited a zero-day vulnerability (CVE-2025-3928) to gain access to its Azure cloud environment in February 2025.
Key facts:
- Breach was first detected after Microsoft flagged suspicious activity on Feb 20.
- Attackers exploited a flaw in Commvault Web Server software to plant webshells.
- Exploit required authenticated access, suggesting credential theft or prior compromise.
- Customer backup data remained unaffected, and Commvault operations were not disrupted.
CISA has now added CVE-2025-3928 to its Known Exploited Vulnerabilities catalog.
- Federal agencies must secure affected systems by May 19, 2025.
- The vulnerability has a CVSS score of 8.8 — a high-severity threat vector.
Commvault’s response included:
- Immediate credential rotation
- Partnership with two leading cybersecurity firms, the FBI, and CISA
- New guidance for customers on Azure Conditional Access, secret rotation, and IP monitoring
- Blocklist of known malicious IPs published for proactive defense
This breach highlights how even security vendors are now being targeted by advanced threat actors — especially those with deep access to enterprise infrastructure.
At @Efani, we believe that protecting mobile and cloud infrastructure isn’t optional anymore. It’s mission-critical.
No system is immune. But full transparency and rapid action — like Commvault demonstrated — sets the standard for how we fight back.
Zerodays sind überwiegend staatlichen Akteuren zu verdanken | heise online
https://heise.de/-10367137 #Zeroday #0day
GIF
Zerodays sind überwiegend staatlichen Akteuren zu verdanken | Security https://www.heise.de/news/Steuergeld-finanziert-Angriffe-mit-Zerodays-10367137.html #0day #Zeroday #exploit #China 
#Russland 
#Russia #SouthKorea 
#NorthKorea 
#Windows 
#MicrosoftWindows #Android 
#Google : iOS #Apple 
heise online · Zerodays sind überwiegend staatlichen Akteuren zu verdanken
Google: 97 #zeroday #exploits in #2024, over 50% in #spyware attacks
They noted that cyber-espionage threat actors—including government-backed groups and commercial #surveillance vendors' customers—were responsible for more than half of attributable #0day attacks in 2024.
End-user platforms and products (e.g., web browsers, mobile devices, and desktop operating systems) made up 56% of the tracked #zerodays.
https://www.bleepingcomputer.com/news/security/google-97-zero-days-exploited-in-2024-over-50-percent-in-spyware-attacks/
#Government #Hackers Behind Most 2024 #ZeroDay Attacks, #Google Flags 23 #StateSponsored Cases, 8 #Spyware-Based
https://www.digitalinformationworld.com/2025/04/government-hackers-behind-most-2024.html
Digital Information WorldGovernment Hackers Behind Most 2024 Zero-Day Attacks, Google Flags 23 State-Sponsored Cases, 8 Spyware-BasedGoogle’s report reveals persistent spyware threats, evolving government surveillance demand, and increasing complexity for exploit creators.
Eine neue Analyse zeigt: Steuergeld finanziert mehr als 2/3 der aktiven Zeroday-Angriffe 2024! Staaten wie China, Nordkorea & Co. nutzen gefährliche Sicherheitslücken, um zu spionieren oder Profit zu machen. Besonders betroffen sind Windows & Unternehmensnetzwerke. 
#Cybersecurity #Zeroday #ITsicherheit #Spionage #Hacker #Steuergeld #newz
https://www.heise.de/news/Steuergeld-finanziert-Angriffe-mit-Zerodays-10367137.html
Kurzlink: https://heise.de/-10367137
heise online · Zerodays sind überwiegend staatlichen Akteuren zu verdanken
Oligo: Wormable Zero-Click Remote Code Execution (RCE) in AirPlay Protocol Puts Apple & IoT Devices at Risk https://www.oligo.security/blog/airborne #cybersecurity #infosec #zeroday #IoT #Apple @catsalad
www.oligo.securityAirBorne: Wormable Zero-Click RCE in Apple AirPlay Puts Billions of Devices at Risk | Oligo Security | Oligo SecurityOligo Security reveals AirBorne, a new set of vulnerabilities in Apple’s AirPlay protocol and SDK. Learn how zero-click RCEs, ACL bypasses, and wormable exploits could endanger Apple and IoT devices worldwide — and how to protect yourself.
Google Threat Intelligence Group (#GTIG) tracked 75 actively exploited zero-day flaws in 2024
https://securityaffairs.com/177180/hacking/google-threat-intelligence-group-gtig-tracked-75-actively-exploited-zero-day-flaws-in-2024.html
#securityaffairs #hacking #zeroday
Security Affairs · Google Threat Intelligence Group (GTIG) tracked 75 actively exploited zero-day flaws in 2024Google tracked 75 zero-day flaws exploited in 2024, down from 98 in 2023, according to its Threat Intelligence Group's latest analysis.
Breaking news. Spain, Portugal and parts of France hit by massive power outage
""Such a widespread grid failure is extremely unusual and could be caused by a number of things: there could be a physical fault in the grid which brings down power, a coordinated cyber attack could be behind it, or a dramatic imbalance between demand and supply has tipped the grid system over the edge," Taco Engelaar, managing director at energy infrastructure experts Neara told Euronews."
Huge power cut causes chaos in Spain and Portugal as trains, traffic lights, and payments hit
‘Hunger Games: Sunrise On The Reaping’ Movie Taps Jesse Plemons To Play Plutarch Heavensbee In Lionsgate Adaptation
#Casting #JessePlemons #TheHungerGamesSunriseontheReaping #ZeroDay
https://deadline.com/2025/04/hunger-games-sunrise-on-the-reaping-jesse-plemons-1236377081/
Deadline · ‘Hunger Games: Sunrise On The Reaping’ Movie Taps Jesse Plemons To Play Plutarch Heavensbee In Lionsgate Adaptation
JPCERT/CC Eyes: DslogdRAT Malware Installed in Ivanti Connect Secure https://blogs.jpcert.or.jp/en/2025/04/dslogdrat.html
More:
The Hacker News: DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks https://thehackernews.com/2025/04/dslogdrat-malware-deployed-via-ivanti.html @thehackernews #cybersecurity #Infosec #Ivanti #zeroday #malware
JPCERT/CC EyesDslogdRAT Malware Installed in Ivanti Connect Secure - JPCERT/CC EyesIn a previous article of JPCERT/CC Eyes, we reported on SPAWNCHIMERA malware, which infects the target after exploiting the vulnerability in Ivanti Connect Secure. However, this is not the only malware observed in recent attacks. This time, we focus on...
Cybersecurity for Activists hit #1 Best Seller in Online Safety and Privacy. Thanks to those who purchased. Let's keep the ball rolling. Because Big Brother is not just watching.
Bug Bounty: For anyone who points out a factual error I will donate a copy to a student.
#SurveillanceState #Cellebrite #NoviSpy #ZeroDayExploit #DataPrivacy #ActivistsUnderAttack #PrivacyMatters #DigitalSecurity #EndTheCreep #Totalitarianism #SurveillanceCapitalism #DigitalRights #TechForGood #KnowYourRights #StaySafe #PhoneHacking #Spyware #ZeroDay #Resistance #ProtectYourData #cybersecurity #Fascism #TeslaTakedown #Indivisible #activism #DigitalSecurity #digitalsecuritymatters #cybersecuritycondor
#MAGAfascism #Trumpfascism #stopthefascistcreep #stopMAGA #StopElon #fElon47 #felon45 #resist #shepersisted #news #books #booktok #meta #2fa
I’ve compiled an A-Z field manual specifically for people who use their voice to challenge power—especially on social media. It’s written for activists, organizers, journalists, and anyone who has reason to believe they might be on someone’s watchlist. Not theory—just facts, tools, tactics, and what you’re really up against.
If you use your phone to speak truth, understand this:
Your phone might already be speaking back—for them.
https://www.amazon.com/Cybersecurity-Activists-Watermelon-Book-Condor/dp/B0F5NKC8Y5/
Stay alert. Stay encrypted. Stay dangerous.
#SurveillanceState #Cellebrite #NoviSpy #ZeroDayExploit #DataPrivacy #ActivistsUnderAttack #PrivacyMatters #DigitalSecurity #EndTheCreep #Totalitarianism #SurveillanceCapitalism #DigitalRights #TechForGood #KnowYourRights #StaySafe #PhoneHacking #Spyware #ZeroDay #Resistance #ProtectYourData
Cybersecurity for Activists
https://www.amazon.com/dp/B0F5NKC8Y5
International Link: https://mybook.to/opsec
If you use your phone to speak truth, understand this:
Your phone might already be speaking back—for them.
https://www.amazon.com/Cybersecurity-Activists-Watermelon-Book-Condor/dp/B0F5NKC8Y5/
Stay alert. Stay encrypted. Stay dangerous.
#SurveillanceState #Cellebrite #NoviSpy #ZeroDayExploit #DataPrivacy #ActivistsUnderAttack #PrivacyMatters #DigitalSecurity #EndTheCreep #Totalitarianism #SurveillanceCapitalism #DigitalRights #TechForGood #KnowYourRights #StaySafe #PhoneHacking #Spyware #ZeroDay #Resistance #ProtectYourData
Cybersecurity for Activists
https://www.amazon.com/dp/B0F5NKC8Y5
International Link: https://mybook.to/opsec
Watching episode 1 of #ZeroDay with Robert Di Nero.
At the 27:56 mark he's walking down a corridor and his legs are very odd. Almost like he's had a stroke. But more importantly, why are his pants so short??!
Windows NTLM flaw (CVE-2025-24054) is under active exploitation! Learn how this critical vulnerability impacts your security and what you can do to stay safe.
#CyberSecurity #InfoSec #ThreatIntel #Vulnerability #WindowsSecurity #CVE #ZeroDay #SecurityNews
Learn more: https://zerodaily.me/blog/2025-04-18-windows-ntlm-cve-2025-24054-under-active-exploitation
ZeroDaily - Cybersecurity News · Windows NTLM Hash Leak CVE-2025-24054 Under Active Exploitation: Patch Now to Prevent Credential TheftA critical Windows vulnerability (CVE-2025-24054) is under active exploitation, allowing attackers to leak NTLM hashes and compromise credentials via phishing and malicious .library-ms files. Immediate patching is strongly recommended.
Ein bekannter schickte folgende Nachricht:
"Hi,
Live from Belgium, all the public services of the French part of the country (Wallonia) are offline because a very serious intrusion has been discovered yesterday evening.
A friend told me it’s due to an exploited #zeroday #vulnerability in a Ivanti #VPN endpoint."
Es sieht so aus als wenn er recht hat DNS Auflösung und direkte ansprache via IP ist nicht möglich.
Apple just patched CVE-2025-31200 in CoreAudio & CVE-2025-31201 in RPAC, both zero-day flaws exploited in targeted iOS attacks. Update to iOS 18.4.1, iPadOS 18.4.1, & macOS Sequoia 15.4.1 ASAP! 
More info: https://cyberinsider.com/apple-fixes-two-new-zero-day-flaws-exploited-in-targeted-ios-attacks/ #AppleSecurity #ZeroDay #CyberSecurity #newz
CyberInsider · Apple Fixes Two New Zero-Day Flaws Exploited in Targeted iOS AttacksApple released security updates for iOS, iPadOS, and macOS to patch two zero-day flaws that are being actively exploited in targeted attacks.
Ein #Cyberangriff auf die Autovermietung #Hertz hat zur Veröffentlichung sensibler #Kundendaten geführt.
Betroffen sind u. a. #Zahlungsinformationen, #Führerscheindaten und Angaben zu #Unfallverletzungen.
Der Angriff nutzte Zero-Day-#Schwachstellen der #Datenplattform von #CleoCommunications.
Die Hackergruppe #Clop wird für den Vorfall verantwortlich gemacht.
Golem.de · Datenleck bei Autovermietung: Prominente Hacker erbeuten Kundendaten von Hertz - Golem.de