Νέα Ασφάλειας

Αρχή Ψηφιακής Ασφάλειας – Εθνική Ομάδα Αντιμετώπισης Ηλεκτρονικών Επιθέσεων:

Από την Τετάρτη 30/09/2020 οι πελάτες Τραπεζικών Ιδρυμάτων της Κύπρου δέχονται επιθέσεις Ηλεκτρονικού Ψαρέματος (Phishing).

Οι πελάτες (χρήστες) των τραπεζικών ιδρυμάτων προτρέπονται μέσω κακόβουλων ηλεκτρονικών μηνυμάτων, κυρίως ηλεκτρονικού ταχυδρομείου στα οποία υπάρχουν λογότυπα και διακριτικά τραπεζικών ιδρυμάτων, να ακολουθήσουν κακόβουλο σύνδεσμο που δήθεν ανήκει στα τραπεζικά ιδρύματα με σκοπό να υποκλέψουν διαπιστευτήρια σύνδεσης.

Από την Τετάρτη 30/09/2020 η Αρχή Ψηφιακής Ασφάλειας – Εθνική Ομάδα Αντιμετώπισης Ηλεκτρονικών Επιθέσεων έχει ενημερώσει όλες τις Κρίσιμες Πληροφοριακές Υποδομές της Κυπριακής Δημοκρατίας καθώς και τις Αρμόδιες Αρχές και βρίσκεται σε επικοινωνία με τις Αστυνομικές Αρχές.

Παρακαλείται το κοινό όπως ευαισθητοποιηθεί στον έλεγχο των μηνυμάτων ηλεκτρονικού ταχυδρομείου που λαμβάνει και όπως ενημερώνεται από τις σχετικές ανακοινώσεις της Αστυνομίας και της Αρχής.

 

 

In 2019, high level executives of national cybersecurity authorities, the European Commission and ENISA,  the EU Agency for Cybersecurity participated in the table-top Blueprint Operational Level Exercise (Blue OLEx) 2019, which underlined the need to implement an intermediate level between the technical and the political ones in the EU cyber crisis management framework.

Read more »

On 9 August, QuoIntelligence disseminated a Warning to its government customers about a new APT28 (aka Sofacy, Sednit, Fancy Bear, STRONTIUM, etc.) campaign targeting government bodies of NATO members (or countries cooperating with NATO). In particular, we found a malicious file uploaded to VirusTotal, which ultimately drops a Zebrocy malware and communicates with a C2 in France. After our discovery, we reported the malicious C2 to the French law enforcement as part of our responsible disclosure process.

Zebrocy is a malware used by APT28 (also known as Sofacy), which was reported by multiple security firms[1][2][3][4][5][6] in the last two years.

Finally, our investigation concluded that the attack started on 5 August and targeted at least a government entity located in the Middle East. However, it is highly likely that NATO members also observed the same attack.

Read more »

The U.S. government on Thursday imposed sweeping sanctions against an Iranian threat actor backed by the country’s Ministry of Intelligence and Security (MOIS) for carrying out malware campaigns targeting Iranian dissidents, journalists, and international companies in the telecom and travel sectors.

According to the U.S. Treasury and the Federal Bureau of Investigation (FBI), the sanctions target Rana Intelligence Computing Company (or Rana), which the agencies said operated as a front for the threat group APT39 (aka Chafer or Remix Kitten), Iranian cyber espionage hacking collective active since 2014 known for its attacks on companies in the U.S. and the Middle East with an aim to pilfer personal information and advance Iran’s national security objectives. Read more »

The U.S. Department of Justice announced today charges against five Chinese nationals fort cyberattacks on more than 100 companies, some of them being attributed to state-backed hacking group APT41.

APT41 is one of the oldest threat groups, known primarily for cyber-espionage operations against a variety of entities, including software developers, gaming companies, hardware manufacturers, think tanks, telcos, social, universities, or foreign governments.

Kaspersky has been tracking this group since 2012 as Winnti – the name Symantec gave the malware used in attacks. APT41 has been active for more than a decade and is also known as Barium, Wicked Panda/Spider.

Read more »