Understanding GodLoader Malware Campaign Targeting Godot Engine The Godot Engine, a popular open-source game development platform, has been exploited in a recent malware campaign known as GodLoader. Since June 2024, over 17,000 systems have been impacted. Cybercriminals have misused this game engine to execute harmful GDScript code. This code triggers malicious commands, delivering malware to…
T-Mobile Detects Attempts to Breach Its Systems In recent weeks, T-Mobile detected attempts made by bad actors to infiltrate its systems. Fortunately, the U.S. telecom service provider stated that no sensitive data was accessed during these intrusion attempts. Jeff Simon, T-Mobile's chief security officer, confirmed that these attempts originated from a wireline provider's network connected…
Kršitev kibernetske varnosti, ki je po poročilih razkrila več kot 800.000 zapisov, je sprožila resne pomisleke glede varnosti osebnih in finančnih podatkov, ki jih hrani podjetje. Kibernetska varnost v današnjem svetu postaja vse bolj pomembna, še posebej ob takih incidentih. Po poročanjih naj bi razkriti podatki vsebovali imena, e-poštne naslove in druge občutljive informacije uporabnikov,…
Critical Security Flaw in ProjectSend: What You Need to Know A critical security flaw in the ProjectSend open-source file-sharing application has potentially been exploited. This vulnerability was identified by VulnCheck, raising concerns for users and developers alike. The issue initially received a patch over a year and a half ago, as part of a commit…
Understanding the Bootkitty: A Revolutionary UEFI Bootkit for Linux Recent discoveries in cybersecurity have revealed a groundbreaking threat: the Bootkitty, the first Unified Extensible Firmware Interface (UEFI) bootkit specifically designed for Linux systems. This troubling development was created by a group known as BlackCat. Although researchers describe Bootkitty as a proof-of-concept (PoC), there’s currently no…
Understanding Multi-Stage Cyber Attacks Multi-stage cyber attacks are becoming more common in today's digital landscape. These attacks involve a series of steps designed to bypass security measures and ensure that victims do not realize they are under threat. By understanding how these attacks work, we can better defend against them. What Are Multi-Stage Cyber Attacks?…
Understanding Bootkitty: The First Linux UEFI Bootkit Cybersecurity researchers have recently disclosed important findings about Bootkitty, a groundbreaking UEFI bootkit specifically designed for Linux systems. This bootkit, created by a group calling itself BlackCat, is noted as the first of its kind. Although currently assessed as a proof-of-concept (PoC), it has not yet been observed…
APT-C-60 Cyber Attack: A Closer Look APT-C-60 has emerged as a significant threat actor in recent cyber attacks, notably targeting an organization in Japan. This attack utilized a job application-themed lure to deliver the SpyGlace backdoor, raising alarms across the cybersecurity community. According to findings from JPCERT/CC, the incident occurred around August 2024. Incident Overview…
INTERPOL's Serengeti Operation: A Major Blow to Cybercrime in Africa In late 2024, INTERPOL launched an unprecedented operation named Serengeti, resulting in the arrest of 1,006 suspects across 19 African nations. This significant effort aimed to disrupt various cybercrime activities, including ransomware attacks and business email compromise schemes. In total, law enforcement agencies dismantled an…
Matrix Botnet Targets IoT Vulnerabilities A threat actor known as Matrix is behind a significant distributed denial-of-service (DoS) campaign targeting Internet of Things (IoT) devices. By exploiting vulnerabilities and misconfigurations, Matrix has successfully co-opted these devices to create a disruptive botnet. This operation has become a one-stop shop for scanning, exploiting weaknesses, deploying malware, and…