Forward-thinking CISOs are shining a light on shadow IT
In this Help Net Security interview, Curtis Simpson, CISO and Chief Advocacy Officer at Armis, discusses how CISOs can balance security and innovation while managing…
Author: Cybernoz
Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware
Apr 04, 2025Ravie LakshmananMalware / Vulnerability Ivanti has disclosed details of a now-patched critical security vulnerability impacting its Connect Secure that has come under active…
Getting Worried About Linux | Daniel Miessler
So I’m getting a little freaked out lately. I keep hearing that both the Gentoo and Debian projects are in trouble. I haven’t researched how…
Apache Traffic Server Flaw Allows Request Smuggling Attacks
A critical vulnerability has been discovered in Apache Traffic Server (ATS), an open-source caching proxy server. Identified as CVE-2024-53868, this flaw enables attackers to exploit request…
April 2025 Patch Tuesday forecast: More AI security introduced by Microsoft
Microsoft is continuing to build on their AI cybersecurity strategy and this month announced the introduction of new agents in Microsoft Security Copilot. They are…
Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code
Apr 04, 2025Ravie LakshmananVulnerability / Cloud Security A maximum severity security vulnerability has been disclosed in Apache Parquet’s Java Library that, if successfully exploited, could…
A Hacker Is A Criminal
A Hacker is a bad guy—someone trying to break into computers with the intent of causing harm. Don’t argue with it, and stop fighting it.…
OpenVPN Flaw Allows Attackers Crash Servers and Run Remote Code
OpenVPN, a widely-used open-source virtual private network (VPN) software, has recently patched a security vulnerability that could allow attackers to crash servers and potentially execute…
Connected cars drive into a cybersecurity crisis
Technology has entered all areas of life, and our cars are no exception. They have become computers on wheels, equipped with sensors, software, and connectivity…
CERT-UA Reports Cyberattacks Targeting Ukrainian State Systems with WRECKSTEEL Malware
Apr 04, 2025Ravie LakshmananCritical Infrastructure / Malware The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed that no less than three cyber attacks were…
What Mail Server Do The Fortune 100 Companies Use?
Ever wonder what mail servers the top U.S. companies run? I found myself wondering what the top universities used a while back, and I just…
DMZs: NATing vs. Using Public Addresses
Here’s a snip from a forum question that I’m getting ready to write a little piece on. My response is crude, but my next version…