OPPO Clone Phone Weak WiFi Hotspot Exposes Sensitive Data
A critical security vulnerability has been discovered in OPPO’s Clone Phone feature that could expose sensitive user data through inadequately secured WiFi hotspots. The vulnerability,…
Author: Cybernoz
Trends in Ransomware Attacks in Q3, 2024
In the latest Q3 Ransomware Report from our team at Cyberint – a Check Point Software company and a leading voice in external cyber-risk management…
Zimbra Classic Web Client Vulnerability Allows Arbitrary JavaScript Execution
A critical security flaw has been discovered and patched in the Zimbra Collaboration Suite (ZCS) Classic Web Client, exposing millions of business users to the…
Deep Dive into Automated Security Testing Tools
Data breaches cost businesses globally an average of $4.88 million, according to IBM, but it doesn’t have to be that way. Security testing has become…
Pro-Iranian Hacktivists Targeting US Networks Department of Homeland Security Warns
The Department of Homeland Security has issued a critical advisory warning of escalating cyber threats from pro-Iranian hacktivist groups targeting United States networks, as tensions…
NCSC Warns of SHOE RACK Malware Targeting Fortinet Firewalls via DOH & SSH Protocols
The National Cyber Security Centre (NCSC) has issued a critical alert regarding a newly identified malware, dubbed SHOE RACK, which has been observed targeting Fortinet…
Trojanized SonicWall NetExtender app exfiltrates VPN credentials
Unknown attackers have trojanized SonicWall’s SSL-VPN NetExtender application, the company has warned on Monday, and have been tricking users into downloading it from a lookalike…
The CTEM Conversation We All Need
Jun 24, 2025Ravie LakshmananThreat Exposure Management I had the honor of hosting the first episode of the Xposure Podcast live from Xposure Summit 2025. And…
Weaponized DMV-Themed Phishing Attacking U.S. Citizens to Harvest Personal and Financial Data
A sophisticated phishing campaign emerged in May 2025, targeting U.S. citizens through a coordinated impersonation of state Department of Motor Vehicles (DMV) agencies. This large-scale…
Critical Convoy Flaw Allows Remote Code Execution on Servers
Credential Abuse Unmasked Credential abuse is #1 attack vector in web and API breaches today (Verizon DBIR 2025). Join our live, 15-min attack simulation with…
One year since being freed, Julian Assange still a victim of state secrecy
It is one year since WikiLeaks founder Julian Assange became a free man again. When he addressed the Council of Europe last October, he was…
Africa Faces A Digital Sextortion Crisis As Numbers Surge
A continent-wide takedown of 63,000 Instagram accounts in Nigeria in mid-2024 has spotlighted one of Africa’s fastest growing cyber threats: digital sextortion. The figure, disclosed…