![[tl;dr sec] #299 - The Security Engineer's Guide to MCP, IAM Hound Dog, IMDS Anomaly Detection](https://image.cybernoz.com/wp-content/uploads/2025/10/tldr-sec-299-The-Security-Engineers-Guide-to-MCP.png)
[tl;dr sec] #299 – The Security Engineer’s Guide to MCP, IAM Hound Dog, IMDS Anomaly Detection
I hope you’ve been doing well! Zero Signal Podcast – AI in Cybersecurity In Vegas this year I joined my friends Conor Sherman (Sysdig CISO…
Author: Cybernoz
Brave browser surpasses the 100 million active monthly users mark
Brave browser reached 101 million monthly active users and 42 million daily active users this September, marking a new record in the project’s history. At…
PoC exploit Released for VMware Workstation guest-to-host escape Vulnerability
A proof-of-concept (PoC) exploit has been released for a critical vulnerability chain in VMware Workstation that allows an attacker to escape from a guest virtual…
The Digital Campus Challenge: Why Universities Need to Reassess Cyber Risks
In February 2024, several British universities were hit by a major DDoS attack. In the past, a disruption to connectivity would mostly have been a problem…
OpenSSL 3.6.0: New features, crypto support
The OpenSSL Project has announced the release of OpenSSL 3.6.0, a feature update that brings significant functionality improvements, standards compliance, and a few key deprecations…
Fujitsu’s role in the Post Office scandal: Everything you need to know
The Post Office scandal began in the late 1990s, when the organisation rolled out Fujitsu’s Horizon computer system across its branch network. What unfolded over…
Many Attacks Aimed at EU Targeted OT, Says Cybersecurity Agency
The European Union’s cybersecurity agency ENISA has published its 2025 Threat Landscape report, which shows that a significant percentage of the attacks aimed at the…
North Korea IT worker scheme swells beyond US companies
North Korean nationals who conceal their identities to infiltrate businesses as employees or contractors continue to expand their presence beyond technology companies and America’s borders. …
Microsoft Defender bug triggers erroneous BIOS update alerts
Microsoft is working to resolve a bug that causes Defender for Endpoint to incorrectly tag some devices’ BIOS (Basic Input/Output System) firmware as outdated, prompting users…
New Obex Tool Blocks EDR Dynamic Libraries From Loading at Runtime
A new proof-of-concept (PoC) tool named Obex has been released, offering a method to prevent Endpoint Detection and Response (EDR) and other monitoring solutions’ dynamic-link…
$20 YoLink IoT Gateway Vulnerabilities Put Home Security at Risk
Cybersecurity researchers at Bishop Fox have revealed security vulnerabilities in the popular, inexpensive YoLink Smart Hub (v0382), leaving users exposed to remote attackers. The hub…
Scam Facebook groups send malicious Android malware to seniors
An infostealer and banking Trojan rolled into one is making the rounds in Facebook groups aimed at “active seniors”. Attackers used social engineering methods to…