Whole Foods Elitism | Daniel Miessler
I like the way Whole Foods makes me feel, but I don’t like the fact that it makes me feel that way. It reeks of…
Author: Cybernoz
This month in security with Tony Anscombe – February 2025 edition
Ransomware payments trending down, the cyber-resilience gap facing SMBs, and APT groups embracing generative AI – it’s a wrap on another month filled with impactful…
RansomHub RaaS in Disarray After Affiliate Chat Access Suddenly Revoked
RansomHub, a leading Ransomware-as-a-Service (RaaS) group that emerged in early 2024, has found itself grappling with internal turmoil. The instability came to light on April…
U.S. CISA adds Linux Kernel flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Linux Kernel flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini April 10, 2025 U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Linux…
A Crazy Idea Regarding the Obama Administration and Security
I have a wicked crazy idea. What if we in the information security community were to organize a campaign to get level-headed, rational thinkers into…
Judges strike skeptical note of NSO Group’s argument to dismiss case from El Salvadoran journos
A panel of U.S. judges considering an appeal of a ruling that went against El Salvadoran journalists suing NSO Group over alleged infections of their…
Bernhard Schölkopf: Is AI intelligent?
With AI’s pattern recognition capabilities well-established, Mr. Schölkopf’s talk shifts the focus to a pressing question: what will be the next great leap for AI?…
Hackers exploit WordPress plugin auth bypass hours after disclosure
Hackers started exploiting a high-severity flaw that allows bypassing authentication in the OttoKit (formerly SureTriggers) plugin for WordPress just hours after public disclosure. Users are strongly…
A Seven‑Year‑Old Cisco Flaw Now Lets Hackers Execute Code Remotely on Network Gear
A Cisco’s Smart Install protocol (CVE-2018-0171), first patched in 2018, remains a pervasive threat to global network infrastructure due to widespread misconfigurations and exploitation by…
Entering the “Cloud Security” Fray
I’ve not spent a lot of time thinking about this, but here’s how the CloudSec variables move in my mind. The current state of Security…
Infostealer shakeup, new attack vector for mobile, and Nomani
Big shifts in the infostealer scene, novel attack vector against iOS and Android, and a massive surge in investment scams on social media 28 Feb…
GOFFEE Deploys PowerModul in Coordinated Strikes on Government and Energy Networks
The threat actor known as GOFFEE has launched a series of targeted attacks against critical sectors within the Russian Federation, utilizing advanced malware and phishing…