Why I Like Nice Things
I often take criticism for my desire to own expensive things, live in nice neighborhoods, eat in quality restaurants, and otherwise surround myself with what…
Author: Cybernoz
LummaStealer Exploits Windows Utility to Run Remote Code Disguised as .mp4 File
The Cybereason Global Security Operations Center (GSOC) has shed light on the sophisticated tactics used by the LummaStealer malware to evade detection and execute malicious…
Woolworths extends agreement with Google Cloud
Woolworths Group has renewed an agreement with Google Cloud for a further five years. The retailer said that it would look “to further strengthen data,…
Beyond SSH Bookmarks | Daniel Miessler
I tripped over an article this week on creating “SSH Bookmarks”, which are basically aliases for hostnames within your ~/.ssh/config file. I think this is…
Ahold Delhaize confirms data stolen after threat group claims credit for November attack
Ahold Delhaize confirmed Thursday that certain files from its U.S. operations were stolen in a November cyberattack after a threat group claimed credit for the…
43% of Top 100 Enterprise Mobile Apps Expose Sensitive Data to Hackers
A comprehensive study by zLabs, the research team at Zimperium, has found that over 43% of the top 100 mobile applications used in business environments…
Blogging: Categories vs. Tags | Daniel Miessler
I recently attended a company blogging conference call where the topic was how to properly categorize and tag posts for company blog posts. Despite a…
Critical Erlang/OTP SSH pre-auth RCE is ‘Surprisingly Easy’ to exploit, patch now
A critical vulnerability in the Erlang/OTP SSH, tracked as CVE-2025-32433, has been disclosed that allows for unauthenticated remote code execution on vulnerable devices. The flaw was…
Microsoft Vulnerabilities Reach Record High with Over 1,300 Reported in 2024
The 12th Edition of the Microsoft Vulnerabilities Report has revealed a significant surge in the number of vulnerabilities detected within Microsoft’s ecosystem, setting a new…
CISA Urges Action on Potential Oracle Cloud Credential Compromise
Following reports of unauthorized access to a legacy Oracle cloud environment, CISA warns of potential credential compromise leading to phishing, network breaches, and data theft.…
China-linked APT Mustang Panda upgrades tools in its arsenal
China-linked APT Mustang Panda upgrades tools in its arsenal Pierluigi Paganini April 17, 2025 China-linked APT group Mustang Panda deployed a new custom backdoor, MQsTTang,…
Ubuntu: aptitude > apt-* | Daniel Miessler
For those who use Ubuntu or Debian and still use apt-get and apt-cache search, you might want to start thinking about using aptitude instead. Two…