JavaScript Downloader Malware: SocGholish Strikes Again In the world of cybersecurity, the notorious JavaScript downloader malware known as SocGholish, also dubbed FakeUpdates, is once again making headlines. This time, it’s not just about delivering its usual payload of mischief; it’s also acting as a conduit for a remote access trojan called AsyncRAT. But wait, there’s…
Globalni izpad, ki ga je povzročila napačna posodobitev varnostne programske opreme podjetja CrowdStrike, je jasen opomin, da digitalne korenine globoko pronicajo v vse organizacije in ekosisteme, tako da je vpliv teh dogodkov vse bolj moteč za podjetja, dobaviteljske verige in družbo kot celoto. Ključne ugotovitve iz incidenta CrowdStrike: Napaka pri samodejni posodobitvi varnostne programske opreme…
Odkritje kritične napake v HTTP Request Smuggling: Grožnja za internetno varnost leta 2024 V začetku leta 2024 je računalniško varnostno skupnost doživela pravo presenečenje z odkritjem napake, imenovane HTTP Request Smuggling. Ta novica že odmeva po vsej industriji, saj gre za ranljivost, ki lahko v resnici ogrozi celoten internet, če ne bo pravočasno in ustrezno…
Cybersecurity Researchers Uncover New Linux Ransomware Variant Targeting VMWare ESXi Environments In a recent discovery, cybersecurity researchers have stumbled upon a fresh Linux variant of a ransomware strain named Play (also recognized as Balloonfly and PlayCrypt). This particular ransomware variant has been tailored to specifically target VMWare ESXi environments, raising concerns within the IT security…
Napadalci uporabili legitimne npm pakete za širjenje malware-a V nedavni novici, objavljeni na spletni strani Cyber Press, je bilo razkrito, da so napadalci izkoristili legitimne pakete na registru npm za širjenje zlonamerne programske opreme. To sofisticirano napadanje je bilo doseženo z ukrivanjem škodljive kode v slikovnih datotekah. Napadalci so spremenili izvorno kodo v paketu “aws-s3-object-multipart-copy”…
CrowdStrike Faces Fallout from Flawed Update Cybersecurity firm CrowdStrike found itself in hot water recently due to a flawed update it pushed out to Windows devices, causing global IT disruptions. This misstep has given threat actors an opportunity to exploit the situation further. Exploiting the Chaos: Remcos RAT Distribution CrowdStrike has issued a warning that…
UK IT Security Arrest: Teen Suspected Member of Cybercrime Syndicate Law enforcement officials in the U.K. have made a significant move in the fight against cybercrime. A 17-year-old boy hailing from Walsall has been detained due to suspicions of having ties to the infamous Scattered Spider cybercrime syndicate. The Sting Operation This arrest is a…
Novica o napadu na Slack Disneyja Napad na Slack Disneyja, ki ga je izvedla skupina hackerjev NullBulge, je pretresel tehnološko in poslovno skupnost. Skupina je napadla več kot 10.000 kanalov na Slacku, kar je povzročilo izgubo 1,1 terabajta podatkov. V tem članku bomo podrobneje razložili, kako je bil napad izveden, kakšne posledice ima za uporabnike…
a major inconvenience for businesses relying on Windows workstations. The faulty update, unintentionally distributed by cybersecurity company CrowdStrike, has caused disruptions on a global scale. The Impact of the Faulty Update on Windows Workstations Affected businesses have reported widespread disruptions to their Windows workstations due to the faulty update. This has led to operational challenges,…
Russian Nationals Plead Guilty in U.S. Court for LockBit Ransomware Scheme In a recent turn of events, two Russian nationals have admitted their involvement in the infamous LockBit ransomware scheme. These individuals, Ruslan Magomedovich Astamirov, 21, hailing from the Chechen Republic, and Mikhail Vasiliev, 34, a dual citizen of Canada and Russia from Bradford, Ontario,…