Omenjena izpustitev, ki naj bi vključevala najnovejše popravke in posodobitve Rockstar Games, je povzročila veliko zaskrbljenost v igričarski skupnosti. Skrbi so se pojavile zaradi morebitne zlorabe izvorne kode s strani hekerjev in razvijalcev goljufij. Ta incident predstavlja resno težavo v okviru cyber varnosti, ki se razvija na hekerskih forumih. Podrobnosti o domnevni izpustitvi izvorne kode…
Influence Operations Targeting Ukraine: The Role of AI and Social Design Agency A Moscow-based company sanctioned by the U.S. earlier this year has been linked to yet another influence operation designed to turn public opinion against Ukraine and erode Western support since at least December 2023. This campaign, executed by the Social Design Agency (SDA),…
The lines between digital and physical realms increasingly blur, creating both opportunities and challenges for businesses. In our recent webinar, we delved into the topic of the cyber-physical future. This area promises to evolve significantly by 2025. Our discussion centered around key trends, challenges, and opportunities that will shape this evolving landscape. Understanding the Cyber-Physical…
Microsoft Addresses Security Flaws in AI and Cloud Services Microsoft recently took action by addressing four significant security vulnerabilities that affect its artificial intelligence (AI), cloud, enterprise resource planning (ERP), and Partner Center solutions. These flaws have raised concerns, especially one that is actively being exploited in the wild. The vulnerabilities, particularly CVE-2024-49035, which has…
Understanding the Threat: Rockstar 2FA Phishing-as-a-Service Toolkit Cybersecurity researchers have raised alarms about a new phishing threat known as Rockstar 2FA. This phishing-as-a-service (PhaaS) toolkit targets Microsoft 365 users. By using Rockstar 2FA, attackers aim to steal valuable account credentials, even from those who have multi-factor authentication (MFA) enabled. What is Phishing-as-a-Service (PhaaS)? PhaaS is…
U.S. Citizen Sentenced for Spying for China A 59-year-old U.S. citizen from Wesley Chapel, Florida, has been sentenced to four years in prison for conspiring to spy for the People's Republic of China (PRC). The case of Ping Li highlights critical concerns about national security and the risks posed by espionage activities. Background on the…
Kršitev, ki je domnevno prišla do javnosti novembra 2024, je zahteval grožnja akter, znan kot “888”. Ta incident je sprožil skrbi glede varnosti podatkov strank v energetskem sektorju, kar je ključna tema, povezana s kibernetsko varnostjo, hekerji in zaščito podatkov. Podrobnosti kršitve Po poročilih ThreatMon naj bi heker, odgovoren za kršitev, dostopal do širokega spektra…
Security Vulnerabilities in Advantech EKI Wireless Access Points Recently, nearly two dozen significant security vulnerabilities were disclosed in Advantech EKI industrial-grade wireless access point devices. These vulnerabilities pose substantial risks, as they allow unauthenticated remote code execution with root privileges. When exploited, attackers can bypass authentication and execute code, fully compromising the confidentiality and integrity…
Software Supply Chain Attack: A Comprehensive Look at @0xengine/xmlrpc Cybersecurity researchers have uncovered a concerning software supply chain attack within the npm package registry. This vulnerability began with an innocent-looking library, @0xengine/xmlrpc, which was first published on October 2, 2023. This JavaScript-based XML-RPC library initially offered harmless functionality. However, it later added malicious code that…
Understanding Serverless Environments Serverless environments, particularly those utilizing services like AWS Lambda, offer numerous benefits, including scalability and lower operational costs. However, as organizations shift to these models, they encounter significant challenges in securing their applications. This blog post will explore serverless security practices, focusing on two crucial components: log monitoring and static analysis. The…