Introduction Recent reports indicate that the Iranian threat actor, known as TA455, has adapted tactics from a North Korean hacking group. This group has initiated its version of the Dream Job campaign, specifically targeting the aerospace industry by distributing fake job offers. This trend has been observed since September 2023 and poses a significant threat…
Microsoft recently revealed two critical security flaws concerning NT LAN Manager (NTLM) and Task Scheduler that are currently being actively exploited. These vulnerabilities are part of a broader release where Microsoft addressed a total of 90 security bugs during its November 2024 Patch Tuesday update. Among these, four vulnerabilities are labeled as Critical, while the…
Nova prevara z ribarjenjem se širi po Facebooku, kjer tarča uporabnikom grozi z izbrisom računa zaradi domnevno “neprimerne vsebine”. To ponarejeno obvestilo je zasnovano, da izkorišča strah uporabnikov pred izgubo dostopa do njihovih Facebook računov. Phishing napadi, kot je ta, predstavljajo resno grožnjo za varnost uporabnikov, še posebej v svetu, kjer je spletna zaščita vsak…
Cybersecurity Researchers Warn About GoIssue: A New Phishing Tool Targeting GitHub Users Cybersecurity researchers are raising alarms about a new tool known as GoIssue. This sophisticated program enables cybercriminals to send phishing messages at scale, specifically targeting GitHub users. Launched by a threat actor named cyberdluffy (also known as Cyber D' Luffy) on the Runion…
Nedavna objava na hekerskem forumu je dvignila alarm zaradi potencialne kršitve podatkov pri Finastri, enem vodilnih fintech podjetij na svetu, kar dodatno izpostavlja vprašanje kibernetske varnosti. Storilec, ki uporablja vzdevek “abyss0,” je prevzel odgovornost za kršitev in navedel, da je bilo iz sistemov Finastre odtujenih kar 400 GB stisnjenih podatkov novembra 2024. Podatki naj bi…
Cybersecurity researchers have revealed concerning security flaws in Citrix Virtual Apps and Desktop. These vulnerabilities could allow attackers to achieve unauthenticated remote code execution (RCE). According to recent findings from watchTowr, the issues mainly stem from the Session Recording component, which captures user activity, including keyboard and mouse inputs and video streams. Understanding these vulnerabilities…
Threat Actors Take Aim at Apple macOS Devices Threat actors with ties to the Democratic People's Republic of Korea (DPRK), also known as North Korea, have begun embedding malware within Flutter applications. This marks the first time this tactic has been used to target Apple macOS devices. The discovery was made by Jamf Threat Labs,…
The Evolution of Behavioral Analytics in Security Operations Behavioral analytics, long associated with threat detection—such as User and Entity Behavior Analytics (UEBA) or User Behavior Analytics (UBA)—is experiencing a renaissance. Once primarily used to identify suspicious activity, it is now being reimagined as a powerful post-detection technology that enhances incident response processes. By leveraging behavioral…
Understanding Ymir Ransomware Cybersecurity researchers have recently identified a new ransomware family called Ymir. This ransomware was deployed just two days after systems were initially compromised by a stealer malware known as RustyStealer. According to the Russian cybersecurity vendor Kaspersky, Ymir ransomware features a unique combination of tactics and technical elements that significantly enhance its…
Imagine this: the tools you trust to protect you online—your two-factor authentication, your car’s tech system, even your security software—are now silent allies for hackers. Sounds like a scene from a thriller, right? Yet in 2024, this isn’t fiction; it’s the new cyber reality. Today’s attackers have become increasingly sophisticated, using our trusted tools as…