Windows BitLocker Flaw Allows Privilege Escalation by Attackers
Microsoft has released a warning about two serious security flaws in Windows BitLocker that could allow attackers to gain elevated privileges on affected machines. These…
Author: Cybernoz
AI agents are here, now comes the hard part for CISOs
AI agents are being deployed inside enterprises today to handle tasks across security operations. This shift creates new opportunities for security teams but also introduces…
State of Security 2025: Cyber Resilience
Harnessing existing capabilities For many organisations, the starting point for defining a cyber resilience strategy was the organisation’s existing business continuity planning and disaster recovery…
Windows BitLocker Vulnerability Let Attackers Elevate Privileges
Microsoft has addressed two significant elevation of privilege vulnerabilities affecting its Windows BitLocker encryption feature. The flaws, tracked as CVE-2025-54911 and CVE-2025-54912, were disclosed on…
Critical SAP NetWeaver Flaw Allows Attackers to Execute Arbitrary Code
A critical security vulnerability has been discovered in SAP NetWeaver AS Java Deploy Service that enables authenticated attackers to execute arbitrary code and potentially achieve complete system…
Deepfakes are rewriting the rules of geopolitics
Deception and media manipulation have always been part of warfare, but AI has taken them to a new level. Entrust reports that deepfakes were created…
GitHub Abused by Kimsuky Hackers Delivering Malware Through LNK Files
GitHub repositories for malware delivery through sophisticated weaponized LNK files, according to recent analysis by S2W’s Threat Intelligence Center, TALON. This campaign demonstrates the group’s…
Garak: Open-source LLM vulnerability scanner
LLMs can make mistakes, leak data, or be tricked into doing things they were not meant to do. Garak is a free, open-source tool designed…
Fixing silent failures in security controls with adversarial exposure validation
Organizations often operate as if their security controls are fully effective simply because they’re deployed, configured, and monitored. Firewalls are in place, endpoints are protected,…
CISOs, stop chasing vulnerabilities and start managing human risk
Breaches continue to grow in scale and speed, yet the weakest point remains unchanged: people. According to Dune Security’s 2025 CISO Risk Intelligence Survey, over…
Workday Confirms Data Breach – Hackers Accessed Customers Data and Case Information
Workday has confirmed it suffered a data breach after a security incident involving a third-party application that compromised customer information. The breach originated from Salesloft’s…
Chrome Security Update Patches Critical Remote Code Execution Vulnerability
Google has issued an urgent security update for the Chrome browser on Windows, Mac, and Linux, addressing a critical vulnerability that could allow attackers to…