The Looming Domino Effect of Cyberattacks on Energy and Utilities
When systems go dark and become unavailable, consumers and operators may feel frustration, panic, and anger. When there is disruption to energy and utilities that…
Author: Cybernoz
Hackers Deploy Dedicated Phishlet for FIDO Authentication Downgrade Attacks
Proofpoint researchers have uncovered a novel technique allowing threat actors to bypass FIDO-based authentication through downgrade attacks, leveraging a custom phishlet within adversary-in-the-middle (AiTM) frameworks.…
Croatian research institute confirms ransomware attack via ToolShell vulnerabilities
The Ruđer Bošković Institute (RBI), the largest Croatian science and technology research institute, has confirmed that it was the one of “at least 9,000 institutions…
Zoom and Xerox Release Critical Security Updates Fixing Privilege Escalation and RCE Flaws
Aug 13, 2025Ravie LakshmananVulnerability / Software Security Zoom and Xerox have addressed critical security flaws in Zoom Clients for Windows and FreeFlow Core that could…
Santander will make AI training mandatory for all staff in 2026
Banco Santander will introduce a mandatory artificial intelligence (AI) training programme for all its staff next year, as part of its plan to make the…
FortiOS, FortiProxy, and FortiPAM Auth Bypass Vulnerability Allows Attackers to Gain Full Control
A high-severity authentication bypass vulnerability affecting multiple Fortinet security products, including FortiOS, FortiProxy, and FortiPAM systems. The flaw, designated as CVE-2024-26009 with a CVSS score…
ShinyHunters May Have Teamed Up With Scattered Spider in Salesforce Attack Campaigns
The financially motivated threat group ShinyHunters has returned with a sophisticated series of attacks targeting Salesforce instances across high-profile enterprises in industries like retail, aviation,…
New Brute-Force Campaign Hits Fortinet SSL VPN in Coordinated Attack
A surge in brute-force attacks on Fortinet products could signal a new vulnerability. A timeline shows a strong link between attack spikes and security flaws.…
NIST finalizes lightweight cryptography standard for small devices
The National Institute of Standards and Technology (NIST) has finalized a lightweight cryptography standard to protect even the smallest networked devices from cyberattacks. Published as…
What the UK’s ransomware crackdown signals for Europe
Cyber attacks are no longer confined to the realm of IT – they are a systemic risk to economies, governments, and public trust. Nowhere is…
Patch the vulnerability: Confirm Sean Plankey as CISA director
Every chief information security officer understands that unresolved vulnerabilities can eventually become entry points for threats. In the private sector, we don’t ignore gaps in…
Microsoft removes PowerShell 2.0 from Windows 11, Windows Server
Microsoft will remove PowerShell 2.0 from Windows starting in August, eight years after announcing its deprecation and keeping it around as an optional feature. The…