From Alcatraz to Zero Trust: A Journey to RSA 2025 in San Francisco
During the winter months, the fog hangs heavy over San Francisco, mirroring the shroud of uncertainty that often accompanies discussions around cybersecurity. As I prepare…
Author: Cybernoz
Pastor who saw crypto project in his “dream” indicted for fraud
A pastor at a Pasco, Washington, church has been indicted on 26 counts of fraud for allegedly operating a cryptocurrency scam that defrauded investors of millions…
Phishing in 2024: Navigating the Persistent Threat and AI’s Double-Edged Sword
In 2024, phishing remains one of the most prevalent and dangerous cybersecurity threats. Despite advancements in technology and increased awareness, cybercriminals continue to exploit human…
Elevating Security: The Crucial Role of Effective API Management in Today’s Digital Landscape
In today’s digital landscape, the increasing reliance on Application Programming Interfaces (APIs) brings significant security challenges that organizations must address. The Salt Labs State of API…
How a researcher earned $100,000 hacking a Facebook server
How a researcher earned $100,000 hacking a Facebook server Pierluigi Paganini January 12, 2025 Facebook paid $100,000 to a researcher for discovering a bug that…
Week in review: Exploited Ivanti Connect Secure zero-day, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282)Ivanti has fixed…
IBM watsonx.ai Vulnerability Let Attackers Embed Arbitrary JavaScript Code in Web UI
IBM disclosed a significant vulnerability in its watsonx.ai platform, potentially exposing users to cross-site scripting (XSS) attacks. The vulnerability, identified as CVE-2024-49785, affects both IBM…
DoJ charged three Russian citizens with operating crypto-mixing services
DoJ charged three Russian citizens with operating crypto-mixing services Pierluigi Paganini January 11, 2025 The U.S. Department of Justice charged three Russian citizens with operating…
Scammers file first — Get your IRS Identity Protection PIN now
The IRS relaunched its Identity Protection Personal Identification Number (IP PIN) program this week and all US taxpayers are encouraged to enroll for added security against…
Fake LDAPNightmware exploit on GitHub spreads infostealer malware
A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka “LDAPNightmare”) on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server.…
Guardians Of the Grid – Cyber Defense Magazine
The surge in cyberattacks and the emerging role of Generative AI The importance of cyber security tools in protecting sensitive information, sustaining organization’s resilience and…
Fake CrowdStrike Recruiters Distribute Malware Via Phishing Emails
SUMMARY Phishing Scam Targets Job Seekers: Cybercriminals impersonate CrowdStrike recruiters to distribute cryptominer malware via fake job offers. Malware Delivery: Victims are tricked into downloading…