Understanding the Patchwork Threat Actor News has emerged linking the threat actor Patchwork to a recent cyber attack aimed at organizations associated with Bhutan. This attack was executed to distribute the Brute Ratel C4 framework and an enhanced version of a backdoor known as PGoShell. What makes this incident significant is that Patchwork was observed…
Uvod v NIS2 direktivo NIS2 direktiva, ki je bila sprejeta s strani Evropske unije, predstavlja pomemben korak k izboljšanju kibernetske varnosti v Evropi. Namenjena je zaščiti omrežij in informacijskih sistemov pred naraščajočimi grožnjami, ki izhajajo iz digitalizacije in povezanosti. Z naraščajočim številom kibernetskih napadov, ki ciljajo na kritično infrastrukturo in podjetja, je NIS2 postala nujna…
CrowdStrike Blames Validation Issue for Windows Device Crashes Cybersecurity firm CrowdStrike faced a crisis when millions of Windows devices crashed due to an issue in its validation system, leading to a significant outage. The incident occurred on Friday, July 19, 2024, at 04:09 UTC, during a routine operation. CrowdStrike deployed an update for the Windows…
Two Security Flaws Added to CISA’s Known Exploited Vulnerabilities Catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently made an important update by adding two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. These additions were made based on evidence that these vulnerabilities are actively being exploited in the wild. Let’s delve into the…
Exploited Security Flaw in Microsoft Defender SmartScreen Recently, a security flaw in Microsoft Defender SmartScreen was utilized by cybercriminals in a new campaign aimed at spreading information stealers like ACR Stealer, Lumma, and Meduza. The campaign was detected by Fortinet FortiGuard Labs, with a specific focus on countries such as Spain, Thailand, and the U.S….
Kibernetski kriminalci izkoristijo nedotakljivost emotikonskih simbolov V zadnjem času so kibernetski kriminalci našli nov način za izogibanje detekciji svojih zlonamernih aktivnosti – izkoriščanje emotikonskih simbolov. Emotikoni, priljubljeni dodatki vsakodnevnih komunikacij na spletu, se uporabljajo za prenašanje čustvenih nians, vendar so postali tudi sredstvo za skrivanje kibernetskih napadov. To predstavlja resno grožnjo za računalniško varnost, saj…
Beijing-affiliated Hacking Group Targets Organizations in Taiwan and U.S. NGO In a recent development, organizations in Taiwan and a U.S. non-governmental organization (NGO) based in China have fallen victim to a state-sponsored hacking group known as Daggerfly, linked to Beijing. This group has been identified as using an advanced set of malware tools in their…
Cybersecurity Researchers Uncover FrostyGoop Malware Targeting Energy Company in Ukraine Cybersecurity researchers recently uncovered the ninth Industrial Control Systems (ICS)-focused malware called FrostyGoop. This malicious software was used in a disruptive cyber attack targeting an energy company in Lviv, Ukraine, in January. The industrial cybersecurity firm Dragos identified FrostyGoop as the first malware strain to…
Na letališču v Splitu je v zadnjih dneh prišlo do izjemno resnega incidenta, ki je povzročil popoln kolaps letališkega sistema. Ta dogodek je prizadel številne potnike in osebje, kar je povzročilo kaos in zmedo na enem izmed najbolj obljudenih letališč v Hrvaški. V nadaljevanju bomo podrobneje obravnavali vzroke, posledice in odziv pristojnih organov na to…
The Spear-Phishing Campaign The Computer Emergency Response Team of Ukraine (CERT-UA) recently issued a warning about a spear-phishing campaign aimed at a scientific research institution within the country. This malicious campaign involved the deployment of two types of malware – HATVIBE and CHERRYSPY. These malware entities were used to infiltrate the targeted institution’s systems and…