Attackers phish OAuth codes, take over Microsoft 365 accounts
Suspected Russian threat actors are using OAuth-based phishing attacks to get targets to grant them access to their Microsoft 365 (M365) accounts. “The primary tactics…
Author: Cybernoz
Podcast: Quantum lacks profitability but it will come, says CEO
In this podcast, we talk to Quantum CEO Jamie Lerner about the company’s plans as it orients from a historical legacy in tape storage to…
The popular xrpl.js Ripple cryptocurrency library was compromised in a supply chain attack
The popular xrpl.js Ripple cryptocurrency library was compromised in a supply chain attack Pierluigi Paganini April 23, 2025 The xrpl.js Ripple cryptocurrency library was compromised…
AI can help defenders stop nation-state threat actors at machine speed
Last year, the escalating concerns about Chinese threat actors breaching U.S. organizations reached a crescendo as federal authorities issued increasingly urgent advisories about China’s “Typhoon”…
Cookie-Bite Attack Enables MFA Bypass and Persistent Cloud Server Access
Researchers have exposed a sophisticated cyberattack technique dubbed the “Cookie-Bite Attack,” which allows adversaries to bypass Multi-Factor Authentication (MFA) and maintain persistent access to cloud…
M&S Cyberattack Disrupts Contactless Payments and Click & Collect Services
Marks & Spencer (M&S) cyberattack disrupts contactless payments and Click & Collect; investigation launched as retailer apologises and claims to boost cybersecurity measures. British retailer…
British retailer giant Marks & Spencer (M&S) is managing a cyber incident
British retailer giant Marks & Spencer (M&S) is managing a cyber incident Pierluigi Paganini April 23, 2025 Marks & Spencer (M&S) confirmed it’s managing a…
From Response to Resilience – Shifting the CISO Mindset in Times of Crisis
In an era where cyber threats evolve faster than defense mechanisms, Chief Information Security Officers (CISOs) must transition their leadership approach from response to resilience.…
Synology Network File System Vulnerability Allows Unauthorized File Access
A critical security vulnerability in Synology’s Network File System (NFS) service, tracked as CVE-2025-1021, has been resolved after allowing unauthorized remote attackers to access sensitive…
Qualys goes to bat for US cricket side San Francisco Unicorns
California-based Twenty20 (T20) cricket side the San Francisco Unicorns has enlisted cloud security and compliance technology specialist Qualys as its inaugural cyber security partner for…
Boston: Authorities Missed Intelligence Opportunities
The senior law enforcement official said the Russians feared he could be a risk, and “they had something on him and were concerned about him,…
The Role of AI in Modernizing Cybersecurity Programs
In the face of relentless cyber threats and an ever-expanding digital attack surface, security leaders are under growing pressure to modernize their cybersecurity programs by…