Why most zero-trust architectures fail at the traffic layer
What is often overlooked is how traffic enters and moves through the environment before those controls are applied. The traffic layer includes ingress paths, load…
Author: Cybernoz
Here’s to the Future | Huntress
When Chris Bisnett, John Ferrell, and I founded Huntress in 2015, our goal was simple: make a difference. We were a team of three with…
Canadian employees targeted in payroll pirate attacks
A financially motivated threat actor tracked as Storm-2755 is stealing Canadian employees’ salary payments after hijacking their accounts in payroll redirection (also known as payroll…
Google Launches Gmail End-to-End Encryption for Android and iOS
Google has officially rolled out End-to-End Encryption (E2EE) for the Gmail application on Android and iOS devices. This major update targets users utilizing Gmail client-side…
Your Push Notifications Aren’t Safe From the FBI
Amid horrific threats from United States president Donald Trump as the US and Iran negotiated a ceasefire, the US government warned this week that Iran-linked…
Google Locks Chrome Sessions to Devices to Stop Cookie Theft
Google has officially launched a major security upgrade to protect users from session hijacking. Starting with Chrome version 146 for Windows users, Device Bound Session…
Correlation Velocity and Organizational Risk in AI-Enabled OSINT
Every organization contends with digital exposure. Isolated data points reside across fragmented public sources, yet search engines, data brokers, and people-search aggregators weave this dispersed…
Apiiro CLI turns AI coding assistants into full-stack security engineers
The Apiiro CLI brings the Apiiro platform to your terminal and to your AI coding assistants, giving them six native security capabilities: scanning, risk management,…
Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data
Hungarian domestic intelligence, the national police in El Salvador, and several U.S. law enforcement and police departments have been attributed to the use of an advertising-based…
MITRE Releases Fight Fraud Framework
The non-profit MITRE Corporation on Thursday released a new framework to help organizations fight fraudsters. MITRE’s Fight Fraud Framework (MITRE F3) is a curated knowledge…
Here’s how to avoid a ‘second strike’
If you’ve been the victim of fraud, you’re likely already a lead on a ‘sucker list’ – and if you’re not careful, your ordeal may…
Hungarian government email passwords exposed ahead of election
When voters in the forthcoming Hungarian election assess the current government, its record on internet security will not be one of its proudest achievements. An…