Hackers are knocking on office doors pretending to be IT staff
The Silent Ransom Group (SRG) is targeting law firms using social engineering techniques and an unusual tactic for cybercriminals: showing up at victims’ offices in…
Author: Cybernoz
Kali365 phishing kit bypasses MFA and steals Microsoft logins
When the Federal Bureau of Investigation (FBI) publishes a dedicated public service announcement about a new phishing kit, it’s worth paying attention to. The agency…
UK has ‘narrowing window’ to stay ahead of tech threats, says GCHQ chief Keast-Butler
The UK and its allies have only a “narrowing window” to stay ahead of technology threats from Russia and China, the head of the UK’s…
Australian cyber teams test data security controls after Court transcriptions offshored
The Federal Court of Australia has brought in CyberCX to test data and security controls of the technical platform used for transcriptions after some of…
Vulnerability in Popular Conference Software Granted Attackers a 100% Talk Acceptance Rate
Researchers at Novee Security have disclosed a high-severity vulnerability in Pretalx, an open source platform that powers the call-for-papers (CFP) and scheduling processes for many…
The LA Metro Attack Wasn’t Hacktivism. It Was a State Operation With a Costume On.
The LA Metro Attack Wasn’t Hacktivism. It Was a State Operation With a Costume On. Pierluigi Paganini May 27, 2026 Iran’s “hacktivist” group Ababil of…
CrowdStrike disrupts Glassworm botnet that preyed on open-source supply chain
CrowdStrike has dismantled the Glassworm botnet in an operation aided by Google and Shadowserver, stripping the operators’ access to infrastructure that helped threat actors infect…
The NSA, ‘Mythos’ and the quiet emergence of AI cyber doctrine
I remember when cyber operations lived inside scripts. They moved into frameworks, then into automated pipelines, then into what we somewhat optimistically called orchestration. Each…
Texas HB 3834 Cyber Security Awareness Training Requirements
Did you know that Texas passed a new regulation for state employees to participate in a mandatory cyber security awareness training program? In June of…
FBI warns of in-person data theft attacks from extortion gang
The FBI warned on Tuesday that the Silent Ransom Group (SRG) extortion gang is now targeting U.S.-based law firms in in-person data theft attacks. “As…
ROADtools Misused in Cloud Attacks to Steal Tokens and Bypass MFA Controls
A well-known open-source security framework called ROADtools has been turned against the organizations it was originally built to protect. Once a legitimate red-teaming tool, attackers…
Most Organisations Can’t See Their AI Traffic and Attackers Are Already Exploiting That
A new report released today by Check Point Software lays out in stark terms how far enterprise security architecture has fallen behind AI adoption and…