There Are Plenty of Phish in The Sea: Here’s How to Avoid Them
When was the last time you revisited your organization’s email security practices? Is your current software up to the task of defending your data against…
Author: Cybernoz
Cisco Discloses Data Breach Exposed User Profiles from Cisco.com
Cisco Systems has disclosed a data breach that compromised basic profile information of users registered on Cisco.com following a successful voice phishing attack targeting one…
North Korean Hackers Weaponizing NPM Packages to Steal Cryptocurrency and Sensitive Data
A sophisticated North Korean cryptocurrency theft campaign has resurfaced with renewed vigor, weaponizing twelve malicious NPM packages to target developers and steal digital assets. The…
APT36 Targets Indian Government: Credential Theft Campaign Uncovered
A sophisticated phishing campaign attributed with medium confidence to the Pakistan-linked APT36 group, also known as Transparent Tribe or Mythic Leopard, has been uncovered targeting…
Cisco discloses data breach impacting Cisco.com user accounts
Cisco has disclosed that cybercriminals stole the basic profile information of users registered on Cisco.com following a voice phishing (vishing) attack that targeted a company…
Kimsuky APT Hackers Weaponizing LNK Files to Deploy Reflective Malware Bypassing Windows Defender
North Korean state-sponsored cyber-espionage group Kimsuky has unveiled a sophisticated new campaign targeting South Korean entities through malicious Windows shortcut (LNK) files, demonstrating the group’s…
North Korean Hackers Exploit NPM Packages to Steal cryptocurrency and Sensitive Data
Veracode Threat Research has uncovered a sophisticated North Korean cryptocurrency theft operation that continues to evolve, building on campaigns previously reported in February and June…
Discord CDN Link Abused to Deliver RAT Disguised as OneDrive File
In a new threat discovered by cybersecurity firm Sublime Security, which was observed on the Microsoft 365 email platform, hackers are using a clever malware…
The Costly Confusion Behind Security Risks
In SaaS security conversations, “misconfiguration” and “vulnerability” are often used interchangeably. But they’re not the same thing. And misunderstanding that distinction can quietly create real…
The Cost of Data Blindness
Exposed Without a Breach: The Cost of Data Blindness Pierluigi Paganini August 05, 2025 These are in plain sight without a Breach. No ransomware. No…
SonicWall urges admins to disable SSLVPN amid rising attacks
SonicWall has warned customers to disable SSLVPN services due to ransomware gangs potentially exploiting an unknown security vulnerability in SonicWall Gen 7 firewalls to breach…
Hackers Can Steal IIS Machine Keys by Exploit SharePoint Deserialization Vulnerability
A sophisticated attack method where hackers are exploiting a deserialization vulnerability in SharePoint to steal Internet Information Services (IIS) Machine Keys. This enables attackers to…