“In an Exchange hybrid deployment, an attacker who first gains administrative access to an on-premises Exchange server could potentially escalate privileges within the organization’s connected…
Aug 07, 2025Ravie LakshmananNetwork Security / Vulnerability SonicWall has revealed that the recent spike in activity targeting its Gen 7 and newer firewalls with SSL…
US president Donald Trump has announced 100% tariffs on semiconductors imported into the US, unless firms make substantial commitments to build out US-based manufacturing. In…
Hacker Summer Camp Once more, hackers have descended onto Vegas for our annual Hacker Summer Camp pilgrimage. I hope you enjoy the talks, meet some…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released an urgent analysis in early July 2025, detailing a sophisticated exploit chain targeting on-premises Microsoft SharePoint…
Socket’s Threat Research Team has uncovered a sophisticated supply chain attack targeting developers integrating with the WhatsApp Business API. Two malicious npm packages, naya-flore and…
Cybersecurity researchers at SafeBreach Labs have uncovered a new kind of cyberattack that starts with something as ordinary as a Google Calendar invitation. According to…
Aug 07, 2025Ravie LakshmananVulnerability / Threat Intelligence Cybersecurity researchers have disclosed multiple security flaws in video surveillance products from Axis Communications that, if successfully exploited,…
US president Donald Trump has announced 100% tariffs on semiconductors imported into the US, unless firms make substantial commitments to build out US-based manufacturing. In…
A sophisticated new attack technique called “Ghost Calls” exploits web conferencing platforms to establish covert command and control (C2) channels. Presented by Adam Crosser from…
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding an exploitation chain dubbed “ToolShell” targeting on-premises Microsoft SharePoint servers. It leverages…
Cybersecurity researchers at SafeBreach Labs have uncovered a new kind of cyberattack that starts with something as ordinary as a Google Calendar invitation. According to…
![[tl;dr sec] #291 - Build a GuardDuty Triage Agent, Scaling Netflix's Threat Detection Pipelines, Claude for Security Review](https://image.cybernoz.com/wp-content/uploads/2025/08/tldr-sec-291-Build-a-GuardDuty-Triage-Agent-Scaling.png)
