Microsoft 365 in napredni varnostni ukrepi za boj proti phishingu Microsoft 365 uporablja Exchange Online Protection (EOP) in Microsoft Defender, da se učinkovito bori proti napadom s phishingom. Ti varnostni ukrepi vključujejo različne tehnike za zaščito uporabnikov pred zlonamernimi e-poštnimi sporočili. Ena izmed najnovejših funkcij je prvi varnostni nasvet o stiku v Outlooku, ki uporabnika…
Nevarne ranjivosti v Microsoftovih SQL Serverih ogrožajo varnost organizacij V zadnjih dneh je bila odkrita resna varnostna ranljivost v Microsoftovih SQL Serverih, ki so jo napadalci izkoristili za pridobivanje dostopa do podatkov in izvajanje neavtoriziranih akcij. Ranjivost je posledica nepravilnega upravljanja certifikatov in SSL (Secure Sockets Layer) povezav, kar je omogočilo dostop do občutljivih informacij…
The U.S. Department of Justice Charges Individual for Running a “Laptop Farm” for North Koreans The U.S. Department of Justice has made a move that seems straight out of a cyber-thriller novel: On Thursday, they charged a 38-year-old individual named Matthew Isaac Knoot from Nashville, Tennessee. The allegation? Knoot is suspected of running a “laptop…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) Warns of Threat Actors Exploiting Legacy Cisco Smart Install Feature The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently issued a warning regarding threat actors exploiting the legacy Cisco Smart Install (SMI) feature to gain access to sensitive data. According to the agency, adversaries have been able…
Hunters International, kriminalna računalniška skupina, ki je pričela svojo dejavnost oktobra 2023, je v kratkem času postala ena največjih groženj v svetu računalniške varnosti. Samo v prvih sedmih mesecih leta 2024 je skupina izvedla osupljivih 134 kibernetskih napadov. Ogrožajoče je, da mnogi strokovnjaki menijo, da je skupina naslednik zloglasne grožnje Hive, zaradi podobnosti v njihovi…
Kimsuky Cyber Threat Group Targets University Staff The cybersecurity landscape is constantly evolving, with threat actors like Kimsuky always looking for new targets to exploit. Kimsuky, a threat actor linked to North Korea, has set its sights on university staff, researchers, and professors in its latest series of cyber attacks. These attacks are primarily aimed…
The New “0.0.0.0 Day” Vulnerability In the world of cybersecurity, researchers are always on the hunt for vulnerabilities that could potentially compromise systems. Recently, a new threat has emerged called the “0.0.0.0 Day” vulnerability. This vulnerability has caught the attention of experts as it impacts all major web browsers, making it a widespread and critical…
Automated Security Validation (ASV): A Ray of Hope in the Ocean of Cyber Risks In the ever-evolving landscape of IT security, Automated Security Validation (ASV) has emerged as a beacon of hope amidst the stormy sea of cyber risks. ASV offers a unique approach by providing organizations with the attacker’s perspective of potential vulnerabilities. This…
Clever Phishing Campaign Uses Google Drawings and WhatsApp Links for Cyberattacks In the constantly evolving landscape of cyber threats, researchers have uncovered a sophisticated phishing campaign that employs unconventional tactics to deceive users. This novel approach leverages popular platforms like Google Drawings and WhatsApp to orchestrate attacks that evade detection and lure unsuspecting individuals into…
Microsoft to Address Windows Update Vulnerabilities Microsoft recently announced that it is in the process of developing security updates to counter two vulnerabilities that could potentially be exploited for downgrading attacks on the Windows update framework. These vulnerabilities could allow threat actors to substitute newer versions of Windows files with older ones, posing a significant…