Vulnerability Management (VM) is a vital aspect of organizational cybersecurity. It helps organizations identify and fix security issues before they escalate into serious threats. While Vulnerability Management has served as a fundamental approach for many years, the limitations of this method are becoming clear. In today’s rapidly changing cyber landscape, it’s essential to adapt and…
Cybersecurity Alert: Major U.S. Organization Targeted by Chinese Threat Actor A suspected Chinese threat actor targeted a large U.S. organization earlier this year in a significant cybersecurity intrusion. According to Symantec, a Broadcom subsidiary, the first signs of this malicious activity were detected on April 11, 2024, and the attack persisted for four months, concluding…
MirrorFace: A New Spear-Phishing Campaign Targeting Japan In June 2024, a China-linked threat actor known as MirrorFace launched a spear-phishing campaign primarily targeting individuals and organizations in Japan. This campaign has raised concerns due to its focus on delivering malicious backdoors such as NOOPDOOR (also known as HiddenFace) and ANEL (also known as UPPERCUT). According…
Security Flaws Identified in Zyxel, North Grid Proself, ProjectSend, and CyberPanel: What You Need to Know The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently added several critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. These flaws affect products from companies like Zyxel, North Grid Proself, ProjectSend, and CyberPanel. This alarming news indicates that…
The U.K. National Crime Agency (NCA) has taken significant action to combat Russian money laundering networks. These networks are known to support serious and organized crime across various regions, including the U.K., the Middle East, Russia, and South America. The operation was officially disclosed on Wednesday and is part of a larger ongoing effort to…
## Cyber Security: Razumevanje Android Malware in Trojan Horse ### Kaj je Android.FakeApp.1669? Android.FakeApp.1669 je unikaten trojanski konj, ki izkorišča spremenjeno knjižnico dnsjava. Ta trojanski konj pridobiva zlonamerne povezave s specifičnih [DNS strežnikov](https://cyberpress.org/secshow-hackers-exploiting-open-dns-resolvers-to-attack-organization/), ko se poveže z določenimi internetnimi operaterji. Značilnost, zaradi katere je ta zlonamerna programska oprema tako nevarna, je ta, da ostaja v…
Turla's Infiltration of Storm-0156: A New Threat Landscape The Russia-linked advanced persistent threat (APT) group known as Turla has recently made headlines due to its involvement in a previously undocumented campaign. Since 2022, Turla has infiltrated the command-and-control (C2) servers of a Pakistan-based hacking group called Storm-0156. This activity first came to light in December…
Transitioning to Cloud: Understanding Risks and Benefits Are you using the cloud or thinking about making the switch? Multi-cloud and hybrid environments present many advantages for organizations. However, while the cloud offers incredible flexibility, scalability, and efficiency, it also introduces significant risks. One major risk is the expanded attack surface. The decentralization that comes with…
Europol recently announced a significant operation targeting an invite-only encrypted messaging service known as MATRIX. This platform was developed by criminals for criminal activities. The joint initiative, dubbed Operation Passionflower, was spearheaded by French and Dutch authorities following an investigation that began in 2021. This investigation was prompted by the discovery of the MATRIX app…
Cybersecurity Alert: Malicious Software Supply Chain Attack on @solana/web3.js Cybersecurity researchers have raised concerns over a software supply chain attack targeting the popular @solana/web3.js npm library. This attack involved pushing two malicious versions of the software that were designed to harvest users' private keys. The ultimate goal was to drain users' cryptocurrency wallets. The compromised…