Ειδοποιήσεις

Το 2020 υπήρξαν 599 παραβιάσεις δεδομένων στις ΗΠΑ σε στόχους που ανήκουν στον τομέα της υγειονομικής περίθαλψης. Ο αντίκτυπος των παραβιάσεων επηρέασε περισσότερους από 26 εκατομμύρια ανθρώπους.

Οι παραβιάσεις που καταγράφηκαν στην βάση δεδομένων του Υπουργείου Υγείας των ΗΠΑ είναι ταξινομημένες στις παρακάτω κατηγορίες:

Read more »

The French national cyber-security agency has linked a series of attacks that resulted in the breach of multiple French IT providers over a span of four years to the Russian-backed Sandworm hacking group.

ANSSI (short for Agence Nationale de la Sécurité des Systèmes d’Information) has not been able to determine how the servers were compromised.

Therefore, it is not yet clear if the attackers exploited a vulnerability in the exposed Centreon software or the victims were compromised through a supply chain attack.

“The first victim seems to have been compromised from late 2017. The campaign lasted until 2020,” ANSSI said in a report published today.

“This campaign mostly affected information technology providers, especially web hosting providers.”

Read more »

Η κρυπτογραφία είναι ζωτικής σημασίας για την κυβερνοασφάλεια. Ιδιότητες της ασφάλειας όπως η εμπιστευτικότητα, η ακεραιότητα, η αυθεντικότητα, η μη-αποποίηση στηρίζονται σε ισχυρούς κρυπτογραφικούς μηχανισμούς, ειδικότερα σε ένα διασυνδεδεμένο κόσμο.

Read more »

UAE and Kuwait government agencies are targets of a new cyberespionage campaign potentially carried out by Iranian threat actors, according to new research.

Attributing the operation to be the work of Static Kitten (aka MERCURY or MuddyWater), Anomali said the “objective of this activity is to install a remote management tool called ScreenConnect (acquired by ConnectWise 2015) with unique launch parameters that have custom properties,” with malware samples and URLs masquerading as the Ministry of Foreign Affairs (MOFA) of Kuwait and the UAE National Council.

Since its origins in 2017, MuddyWater has been tied to a number of attacks primarily against Middle Eastern nations, actively exploiting Zerologon vulnerability in real-world attack campaigns to strike prominent Israeli organizations with malicious payloads.

The state-sponsored hacking group is believed to be working at the behest of Iran’s Islamic Republic Guard Corps, the country’s primary intelligence and military service.

Anomali said it spotted two separate lure ZIP files hosted on Onehub that claimed to contain a report on relations between Arab countries and Israel or a file relating to scholarships.

Read more »

Microsoft has fixed a bug that could allow a threat actor to create specially crafted downloads that crash Windows 10 simply by opening the folder where they are downloaded.

Last month, we reported on a bug in the Windows 10 console multiplexer driver, condrv.sys, that caused a blue screen of death crash (BSOD) when attempting to connect to the following path.

\\.\globalroot\device\condrv\kernelconnect

When connecting to the device, developers are meant to pass the ‘attach’ extended attribute. However, a lack of error checking allowed you to access the path without the attribute and crash Windows. Read more »