New Multi-Stage Tycoon2FA Phishing Attack Now Beats Top Security Systems
If you think phishing is just clicking a bad link and landing on a fake login page, Tycoon2FA will prove you wrong. This new wave…
Author: Cybernoz
Windows Remote Desktop Services Flaw Allows Network-Based Denial-of-Service Attacks
Microsoft disclosed a critical vulnerability in Windows Remote Desktop Services on August 12, 2025, that enables attackers to launch denial-of-service attacks remotely without requiring authentication…
The Looming Domino Effect of Cyberattacks on Energy and Utilities
When systems go dark and become unavailable, consumers and operators may feel frustration, panic, and anger. When there is disruption to energy and utilities that…
Hackers Deploy Dedicated Phishlet for FIDO Authentication Downgrade Attacks
Proofpoint researchers have uncovered a novel technique allowing threat actors to bypass FIDO-based authentication through downgrade attacks, leveraging a custom phishlet within adversary-in-the-middle (AiTM) frameworks.…
Croatian research institute confirms ransomware attack via ToolShell vulnerabilities
The Ruđer Bošković Institute (RBI), the largest Croatian science and technology research institute, has confirmed that it was the one of “at least 9,000 institutions…
Zoom and Xerox Release Critical Security Updates Fixing Privilege Escalation and RCE Flaws
Aug 13, 2025Ravie LakshmananVulnerability / Software Security Zoom and Xerox have addressed critical security flaws in Zoom Clients for Windows and FreeFlow Core that could…
Santander will make AI training mandatory for all staff in 2026
Banco Santander will introduce a mandatory artificial intelligence (AI) training programme for all its staff next year, as part of its plan to make the…
FortiOS, FortiProxy, and FortiPAM Auth Bypass Vulnerability Allows Attackers to Gain Full Control
A high-severity authentication bypass vulnerability affecting multiple Fortinet security products, including FortiOS, FortiProxy, and FortiPAM systems. The flaw, designated as CVE-2024-26009 with a CVSS score…
ShinyHunters May Have Teamed Up With Scattered Spider in Salesforce Attack Campaigns
The financially motivated threat group ShinyHunters has returned with a sophisticated series of attacks targeting Salesforce instances across high-profile enterprises in industries like retail, aviation,…
New Brute-Force Campaign Hits Fortinet SSL VPN in Coordinated Attack
A surge in brute-force attacks on Fortinet products could signal a new vulnerability. A timeline shows a strong link between attack spikes and security flaws.…
NIST finalizes lightweight cryptography standard for small devices
The National Institute of Standards and Technology (NIST) has finalized a lightweight cryptography standard to protect even the smallest networked devices from cyberattacks. Published as…
What the UK’s ransomware crackdown signals for Europe
Cyber attacks are no longer confined to the realm of IT – they are a systemic risk to economies, governments, and public trust. Nowhere is…