Brute-force attacks target Apache Tomcat management panels
A coordinated campaign of brute-force attacks using hundreds of unique IP addresses targets Apache Tomcat Manager interfaces exposed online. Tomcat is a popular open-source web…
Author: Cybernoz
Windows Common Log File System Driver Flaw Allows Attackers to Escalate Privileges
Microsoft addressed a critical security flaw (CVE-2025-32713) in the Windows Common Log File System (CLFS) driver during its June 2025 Patch Tuesday. The heap-based buffer…
ConnectWise is rotating code signing certificates. What happened?
Connectwise customers who use the company’s ScreenConnect, Automate, and ConnectWise RMM solutions are urged to update all agents and/or validate that the update has been…
West Brom Building Society project to meet customers’ digital demands
West Brom Building Society is embarking on a three-stage project to build the digital capabilities its customers want. The organisation, which offers mortgages and savings…
How AI agents could revolutionize the SOC — with human help
Listen to the article 8 min This audio is auto-generated. Please let us know if you have feedback. NATIONAL HARBOR, Md. — Artificial intelligence is poised…
Operation Secure disrupts global infostealer malware operations
An international law enforcement action codenamed “Operation Secure” targeted infostealer malware infrastructure in a massive crackdown across 26 countries, resulting in 32 arrests, data seizures,…
Windows Task Scheduler Flaw Allows Attackers to Escalate Privileges
A critical elevation of privilege vulnerability has been identified in the Windows Task Scheduler service, tracked as CVE-2025-33067. Officially published on June 10, 2025, by…
SpecterOps Privilege Zones enables security teams to define logical access boundaries
SpecterOps introduced Privilege Zones, a new addition to its flagship BloodHound Enterprise platform. Privilege Zones enable teams to define custom security boundaries around business-critical resources…
Government using national security as ‘smokescreen’ in Apple encryption row
The government is using national security as a “smokescreen” to refuse to disclose how many technical capability notices (TCNs) it has issued to telecoms and…
Microsoft fixes unreachable Windows Server domain controllers
Microsoft has resolved a known issue that caused some Windows Server 2025 domain controllers to become unreachable after a restart and triggered app or service…
Modernizing Critical Infrastructure Security to Meet Today’s Threats
Ransomware attacks are no longer just a cybersecurity concern – they are a direct threat to national security. A recent study found that among organizations hit by…
Multiple Microsoft Office Vulnerabilities Enable Remote Code Execution by Attackers
Microsoft has disclosed four critical remote code execution (RCE) vulnerabilities in its Office suite as part of the June 2025 Patch Tuesday updates, posing significant…