The Evolution of IT Security Defense Mechanisms In the fast-evolving landscape of cybersecurity, the traditional approach of focusing solely on detecting and responding to threats like malware, ransomware, and phishing attacks has been undergoing a notable shift. As cyber threats continue to grow in complexity and sophistication, there is a heightened awareness of the necessity…
FBI Disrupts Infrastructure of Ransomware Group Dispossessor The U.S. Federal Bureau of Investigation (FBI) recently made headlines by announcing its successful operation in disrupting the online infrastructure linked to a burgeoning ransomware group known as Dispossessor, also known by the name Radar. This significant endeavor involved the dismantling of key servers and criminal domains associated…
New Phishing Campaign Targets Ukrainian Computers The Computer Emergency Response Team of Ukraine (CERT-UA) has raised an alarm about a recent phishing campaign targeting Ukrainian computers. This malicious campaign pretends to be from the Security Service of Ukraine, but in reality, it is a cleverly disguised attempt to distribute malware that can grant remote desktop…
Severnokorejska skupina Kimsuky cilja na univerzitetne profesorje s sofisticiranimi phishing napadi Severnokorejska APT skupina Kimsuky izvaja globalne obveščevalne operacije že od leta 2012. Njihovi cilji vključujejo predvsem Južno Korejo, Združene države Amerike ter Evropo. Skupina začenja svoje operacije z vzpostavljanjem zaupanja prek elektronske pošte in nato dostavi zlonamerne priloge. Nedavna opozorila NSA in FBI izpostavljajo…
Phishing Attacks on the Rise: The AI Factor Phishing attacks have been on the rise in recent years, with a staggering 94 percent of businesses reporting being impacted by such attacks in 2023. This represents a 40 percent increase compared to the previous year, as revealed by research from Egress. But what is driving this…
The Hangover Arrives: Market Correction and Reassessment After a period of sustained exuberance, the IT industry is now facing a gentle hangover as the market corrects the share prices of major players such as Nvidia, Microsoft, and Google. This correction comes as a sobering moment for the industry, prompting players to reassess market conditions and…
Critical Security Flaws Discovered in Chinese Solar Management Platforms In a concerning revelation, cybersecurity researchers have uncovered critical security vulnerabilities in the photovoltaic system management platforms utilized by prominent Chinese companies Solarman and Deye. These vulnerabilities have the potential to be exploited by malicious actors, posing a significant threat to the stability of power grids…
FreeBSD Project Releases Security Updates for High-Severirty OpenSSH Vulnerability The FreeBSD Project has recently rolled out security updates to tackle a significant flaw found within OpenSSH. This flaw opens the door for potential attackers to remotely execute arbitrary code with elevated privileges, which is quite the nightmare for security professionals. The Details of the Vulnerability…
Security Vulnerabilities in Ewon Cosy+ Industrial Remote Access Solution Recently, security researchers uncovered vulnerabilities in the Ewon Cosy+ industrial remote access solution, shedding light on potential risks that could compromise the security of connected devices. These vulnerabilities provide a pathway for threat actors to exploit the system and gain root privileges, opening the door for…
V oktobru 2023 je bilo odkrito razširjeno kibernetsko grožnjo, imenovano Botnet 7777. Ta botnet vključuje približno 10.000 kompromitiranih usmerjevalnikov z odprtim TCP portom 7777, ki ga identificira banner “xlogin:”. Ti kompromitirani usmerjevalniki izvajajo nizko-volumske vztrajne napade s silo na Microsoft Azure in se učinkovito izogibajo zaznavi. Sprva je bilo sumljeno, da botnet cilja na VIP…