Iranian MOIS Actors & the Cyber Crime Connection
Key Points Iran-linked actors are increasingly engaging with the cyber crime ecosystem. Their activity suggests a growing reliance on criminal tools, services, and operational models…
Author: Cybernoz
Top Cyber Threat Trends of 2025 from Deepfakes, ClickFix, and ViewState Exploits
Cloudflare Turnstile challenges leading to MetaStealer. Deepfake meetings impersonating company executives, which trick employees into downloading malicious extensions. Exposed ASP.NET machine keys that open the…
Ivanti Desktop and Server Management Vulnerability Allows Attackers to Escalate Privileges
Ivanti has issued a security update for its Desktop and Server Management (DSM) software, addressing a high-severity vulnerability that could allow a local authenticated attacker…
Microsoft Patch Tuesday, March 2026 Edition – Krebs on Security
Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pressing “zero-day”…
Microsoft Patch Tuesday security updates for March 2026 fixed 84 bugs
Microsoft Patch Tuesday security updates for March 2026 fixed 84 bugs Pierluigi Paganini March 10, 2026 Microsoft Patch Tuesday security updates for March 2026 addressed…
March Patch Tuesday: Three high severity holes in Microsoft Office
Satnam Narang, senior staff research engineer at Tenable, commented on the fix for Azure Model Context Protocol (MCP) tools. “This bug is a server-side request…
Build a Stronger Security Awareness Program with Huntress
One of the most effective ways to stop a cyberattack is to implement a security awareness training program. Every employee, from the C-suite to the…
New ‘BlackSanta’ EDR killer spotted targeting HR departments
For more than a year, a Russian-speaking threat actor targeted human resource (HR) departments with malware that delivers a new EDR killer named BlackSanta. Described as…
OpenAI to Acquire Promptfoo to Fix Vulnerabilities in AI Systems
OpenAI Acquire Promptfoo OpenAI has announced its acquisition of Promptfoo, an artificial intelligence security platform designed to help enterprises find and fix vulnerabilities during development.…
Re(AI)magining Melbourne: Persistent accelerates Australia’s enterprise AI momentum
Melbourne, Australia — Despite growing interest and investment in AI, Australian enterprises struggle to scale 80% of AI pilots, a failure rate twice that of…
Why Law Firm Breaches Destroy More than Data
In the wake of the Salesforce/Gainsight breach (kudos to Salesforce for transparently sharing indicators of compromise and updated progress on remediation), third-party cyber and exposure…
Ditch Lame Cybersecurity Tips: These Best Practices Actually Work
For years, we’ve heard the same advice on how to unlock higher levels of cybersecurity greatness. We’re here to tell you that these well-meaning cybersecurity…