Ranljivost RCE CVE-2024-7029 v napravah AVTECH IP kamer omogoča napadalcem daljinsko izvajanje ukazov z višjimi privilegiji, kar se lahko uporabi za širjenje različice Mirai v cilj sistem. CISA je zaradi nizke kompleksnosti napadov in znane javne izkoriščenosti izdala ICS svetovalno obvestilo za to ranljivost. Kampanja botnet izkorišča različne ranljivosti, vključno z AVTECH ranljivostmi, Hadoop YARN…
Failed Data Extortion Campaign Leads to Arrest of Missouri Man A 57-year-old man from Kansas City, Missouri, found himself in hot water as law enforcement authorities apprehended him in connection with a failed data extortion campaign. Daniel Rhyne faced charges that included extortion, intentional damage to a protected computer, and wire fraud. His alleged scheme…
RansomHub Ransomware Group Strikes 210 Victims Recently, threat actors associated with the notorious RansomHub ransomware group have left a trail of havoc by encrypting and exfiltrating data from a staggering 210 victims. The group sprouted its nefarious activities back in February 2024, cunningly targeting entities across different sectors. From water and wastewater to government services,…
Evropska unija je nedavno sprejela drugo različico Direktive o varnosti omrežij in informacijskih sistemov, znano kot NIS 2. Ta nova direktiva postavlja višje standarde kibernetske varnosti za širok nabor organizacij v EU. Z rokom za implementacijo oktobra 2024 se mnoge organizacije sprašujejo, kako najbolje izpolniti te nove zahteve. Tu nastopi Entrust s svojimi celovitimi rešitvami…
The Role of Artificial Intelligence in Revolutionizing Vulnerability Management In the ever-evolving world of cybersecurity, staying ahead of the game is crucial. With new vulnerabilities surfacing daily and cyber attackers continually upping their game, security leaders are constantly on the lookout for innovative solutions to bolster their defenses. This is where Artificial Intelligence (AI) steps…
The FBI and CISA Joint Advisory on New Threats The FBI and CISA recently joined forces to combat the growing threat of ransomware attacks with their latest advisory, AA24-242A. In this joint effort, the two organizations shed light on a new cybercriminal group and their sophisticated attack methods, emphasizing the importance of staying vigilant in…
APT-Q-12 uporablja kompleksne tehnike za zbiranje podatkov in izvajanje prilagojenih napadov Napadalna skupina, znana kot APT-Q-12, nadgrajuje svoje metode za zbiranje podatkov z uporabo naprednih linij napadalnih vektorjev in zanjo posebej prilagojene tehnike. Ena izmed tehnik, ki jo skupina uporablja, so periodična preverjanja e-pošte z različnimi vsebinami. S temi tehnikami lahko zberejo informacije o uporabniških…
Roblox Developers Targeted by Malicious npm Packages In a recent cyber threat, Roblox developers have fallen victim to a relentless campaign aimed at infiltrating systems through fake npm packages. This occurrence highlights a recurring trend where malicious actors exploit trust within the open-source community to distribute malware efficiently. The Mimicry Strategy The attackers behind this…
Raziskovalci so odkrili nov način grožnje v obliki izvršljive datoteke, sestavljene s programom AutoIT, ki posebej cilja na Gmail račune. Program vsebuje vrsto funkcij, ki so zasnovane za krajo gesel, preprečitve zaznavanja in vzpostavitev trajnosti na okuženem sistemu. Zlonamerna programska oprema cilja na prijavne strani za Gmail v priljubljenih spletnih brskalnikih, vključno z Microsoft Edge,…
Google Chrome Security Flaw Exploited by North Korean Actors A security flaw in Google Chrome and other Chromium-based web browsers, which was recently patched, was exploited as a zero-day vulnerability by North Korean actors. These malicious actors leveraged the vulnerability in a campaign aimed at distributing the FudModule rootkit. This incident highlights the ongoing and…