Storm-2603 spotted deploying ransomware on exploited SharePoint servers
One of the groups that, in the past few weeks, has been exploiting vulnerabilities in on-prem SharePoint installation has been observed deploying Warlock ransomware, Microsoft…
Author: Cybernoz
IBM chief confident AI isn’t eroding other parts of the business
IBM expects to make $4.5bn in savings internally by scaling artificial intelligence (AI) initiatives. This is being achieved through a programme that Arvind Krishna, IBM’s…
Mitel warns of critical MiVoice MX-ONE authentication bypass flaw
Mitel Networks has released security updates to patch a critical-severity authentication bypass vulnerability impacting its MiVoice MX-ONE enterprise communications platform. MX-ONE is the company’s SIP-based…
Threat Actors Weaponizing .hwp Files to Deliver RokRAT Malware
Cybersecurity researchers have uncovered a sophisticated malware campaign where threat actors are exploiting Hangul Word Processor (.hwp) documents to distribute the notorious RokRAT malware. This…
Elephant APT Group Exploits VLC Player and Encrypted Shellcode in Attacks on Defense Sector
Arctic Wolf Labs has uncovered a sophisticated cyber-espionage operation attributed to the Dropping Elephant advanced persistent threat (APT) group, also known as Patchwork or Quilted…
Introducing the smarter, more sophisticated Malwarebytes Trusted Advisor, your cybersecurity personal assistant
You ever get that feeling when you double-check the locks, but still wonder if you’ve missed something? That’s what a lot of people feel about…
Sophos and SonicWall Patch Critical RCE Flaws Affecting Firewalls and SMA 100 Devices
Jul 24, 2025Ravie LakshmananNetwork Security / Vulnerability Sophos and SonicWall have alerted users of critical security flaws in Sophos Firewall and Secure Mobile Access (SMA)…
![[tl;dr sec] #289 - AI-powered Fuzzing, Incentives in Security, Malware in DNS](https://image.cybernoz.com/wp-content/uploads/2025/07/tldr-sec-289-AI-powered-Fuzzing-Incentives-in-Security-Malware.png)
[tl;dr sec] #289 – AI-powered Fuzzing, Incentives in Security, Malware in DNS
Building My Custom AI Therapist This week I played around with building my own custom AI therapist, and found it offered surprisingly direct and…
New AI-Powered Wi-Fi Biometrics WhoFi Tracks Humans Behind Walls with 95.5% Accuracy
WhoFi surfaced last on the public repository ArXiv, stunning security teams with a proof-of-concept that turns ordinary 2.4 GHz routers into covert biometric scanners. Unlike…
Threat Actors Using .hwp Files to Distribute RokRAT Malware and Evade Detection Mechanisms
The AhnLab Security intelligence Center (ASEC) has identified a sophisticated campaign where threat actors are leveraging Hangul Word Processor (.hwp) documents to disseminate the RokRAT…
Age verification: Child protection or privacy risk?
With governments demanding actual age verification on websites with adult content, and platforms like social media and Roblox introducing restrictions based on a user’s age,…
UK loses second spot in global fintech to UAE
The UAE has leapfrogged the UK in the latest fintech market rankings, following a $2bn investment by Abu Dhabi’s MGX in cryptocurrency exchange Binance. This…