Deep Dive into Automated Security Testing Tools
Data breaches cost businesses globally an average of $4.88 million, according to IBM, but it doesn’t have to be that way. Security testing has become…
Author: Cybernoz
Pro-Iranian Hacktivists Targeting US Networks Department of Homeland Security Warns
The Department of Homeland Security has issued a critical advisory warning of escalating cyber threats from pro-Iranian hacktivist groups targeting United States networks, as tensions…
NCSC Warns of SHOE RACK Malware Targeting Fortinet Firewalls via DOH & SSH Protocols
The National Cyber Security Centre (NCSC) has issued a critical alert regarding a newly identified malware, dubbed SHOE RACK, which has been observed targeting Fortinet…
Trojanized SonicWall NetExtender app exfiltrates VPN credentials
Unknown attackers have trojanized SonicWall’s SSL-VPN NetExtender application, the company has warned on Monday, and have been tricking users into downloading it from a lookalike…
The CTEM Conversation We All Need
Jun 24, 2025Ravie LakshmananThreat Exposure Management I had the honor of hosting the first episode of the Xposure Podcast live from Xposure Summit 2025. And…
Weaponized DMV-Themed Phishing Attacking U.S. Citizens to Harvest Personal and Financial Data
A sophisticated phishing campaign emerged in May 2025, targeting U.S. citizens through a coordinated impersonation of state Department of Motor Vehicles (DMV) agencies. This large-scale…
Critical Convoy Flaw Allows Remote Code Execution on Servers
Credential Abuse Unmasked Credential abuse is #1 attack vector in web and API breaches today (Verizon DBIR 2025). Join our live, 15-min attack simulation with…
One year since being freed, Julian Assange still a victim of state secrecy
It is one year since WikiLeaks founder Julian Assange became a free man again. When he addressed the Council of Europe last October, he was…
Africa Faces A Digital Sextortion Crisis As Numbers Surge
A continent-wide takedown of 63,000 Instagram accounts in Nigeria in mid-2024 has spotlighted one of Africa’s fastest growing cyber threats: digital sextortion. The figure, disclosed…
Sophisticated Malware Campaign Targets WordPress and WooCommerce Sites with Obfuscated Skimmers
A sophisticated malware campaign has emerged targeting WordPress and WooCommerce websites with highly obfuscated credit card skimmers and credential theft capabilities, representing a significant escalation…
OPPO Clone Phone Vulnerability Leaks Sensitive Data via Weak WiFi Hotspot
A newly disclosed security vulnerability in OPPO’s widely used Clone Phone app has raised significant concerns over user privacy, as it exposes sensitive data through…
Hackers Exploit Misconfigured Docker APIs to Mine Cryptocurrency via Tor Network
Jun 24, 2025Ravie LakshmananCloud Security / Cryptojacking Misconfigured Docker instances are the target of a campaign that employs the Tor anonymity network to stealthily mine…