National CSIRT-CY | National Computer Security Incident Response Team of Cyprus

Η Εθνική Ομάδα Αντιμετώπισης Ηλεκτρονικών Επιθέσεων προβλέπει την αύξηση της ηλεκτρονικής ασφαλείας ενισχύοντας την προστασία του κυβερνοχώρου των Εθνικών Κρίσιμων Πληροφοριακών Υποδομών, των τραπεζών και των παροχών επικοινωνίας της Κυπριακής Δημοκρατίας.

07 Αυγούστου 2020

Several security vulnerabilities found in Qualcomm’s Snapdragon chip Digital Signal Processor (DSP) chip could allow attackers to take control of almost 40% of all smartphones, spy on their users, and create un-removable malware capable of evading detection.

06 Αυγούστου 2020

A high-risk vulnerability (CVE-2020-13699) in TeamViewer for Windows could be exploited by remote attackers to crack users’ password and, consequently, lead to further system exploitation.

05 Αυγούστου 2020

The plugin also comes with support for chat transcripts and makes it easy to set up auto-replies and FAQs outside working hours to provide visitors with helpful information while the site owner can’t reply.

03 Αυγούστου 2020

Twitter today said that the attackers behind this month’s hack were able to take control of high-profile accounts after stealing Twitter employees’ credentials as part of a phone spear phishing attack on July 15, 2020.

30 Ιουλίου 2020

TrickBot’s Anchor malware platform has been ported to infect Linux devices and compromise further high-impact and high-value targets using covert channels.

29 Ιουλίου 2020

Εντοπίστηκε συνεχιζόμενη εκστρατεία ηλεκτρονικού ψαρέματος που εξαπατά τους χρήστες Office 365 για να υποκλέψει τα διαπιστευτήριά τους παρουσιάζοντας πλαστή πύλη σύνδεσης.

23 Ιουλίου 2020

A new cryptojacking botnet is spreading across compromised networks via multiple methods that include the EternalBlue exploit for Windows Server Message Block (SMB) communication protocol.

23 Ιουλίου 2020

A recently discovered malware framework known as MATA and linked to the North Korean-backed hacking group known as Lazarus was used in attacks targeting corporate entities from multiple countries since April 2018 for ransomware deployment and data theft.

23 Ιουλίου 2020

Στο Facebook έχει εντοπιστεί σελίδα με ονομασία «Notification Checking Policy Pages Corporation-Team 2020», όπου με τακτικές ηλεκτρονικού ψαρέματος δημοσιεύει προφίλ δημοσίων προσώπων της Κύπρου με ψευδή σύνδεσμο για πιστοποίηση του λογαριασμού με σκοπό την εξαπάτηση των χρηστών.

22 Ιουλίου 2020

Researchers tracking Emotet botnet noticed that the malware started to push QakBot banking trojan at an unusually high rate, replacing the longtime TrickBot payload.

17 Ιουλίου 2020

The Cybersecurity and Infrastructure Security Agency (CISA) today asked all U.S. federal executive branch departments and agencies to mitigate the critical SIGRed Windows DNS Server wormable remote code execution (RCE) vulnerability within 24 hours.

16 Ιουλίου 2020

Cisco today has released security updates to address critical remote code execution (RCE), authentication bypass, and static default credential vulnerabilities affecting multiple router and firewall devices that could lead to full device takeover.

15 Ιουλίου 2020

Adobe has released security updates to address four critical vulnerabilities that could allow attackers to execute arbitrary code and write arbitrary files on Windows devices running vulnerable versions of Creative Cloud, Adobe Download Manager, and Adobe Media Encoder.

15 Ιουλίου 2020

The July 2020 Patch Tuesday updates for Windows 10 version 2004 and later are now rolling out and you can download and install the latest security fixes by checking for updates in the Settings.

14 Ιουλίου 2020

SAP patched a critical vulnerability affecting over 40,000 customers and found in the SAP NetWeaver AS JAVA (LM Configuration Wizard) versions 7.30 to 7.50, a core component of several solutions and products deployed in most SAP environments.

10 Ιουλίου 2020

Σε Ευρωπαικά δημοσιεύματα φαίρεται να έχουν εντοπιστεί ψεύτικα διαδικτυακά καταστήματα που εισβάλλουν στο Διαδίκτυο με πλαστοπροσωπίες δημοφιλών εμπορικών εταιρειών.  Παρακάτω εμφανίζεται ένας πίνακας που περιλαμβάνει τους κακόβουλους τομείς προκειμένου να αποτραπεί η απάτη των χρηστών του Διαδικτύου.

09 Ιουλίου 2020

Hackers in the Evilnum group have developed a toolset that combines custom malware, legitimate utilities, and tools bought from a malware-as-a-service (MaaS) provider that caters for big fintech threat actors.

08 Ιουλίου 2020

Admins should patch their Citrix ADC and Gateway installs immediately. Multiple vulnerabilities in the Citrix Application Delivery Controller (ADC) and Gateway would allow code injection, information disclosure and denial of service, the networking vendor announced Tuesday. Four of the bugs are exploitable by an unauthenticated, remote attacker.

07 Ιουλίου 2020

Global IT services and solutions provider DXC Technology announced over the weekend a ransomware attack on systems from its Xchanging subsidiary.

06 Ιουλίου 2020

A vulnerability in the .NET Core library allows malicious programs to be launched while evading detection by security software.

ENISA: Cyber threats require heightened defences

#CyberSecMonth 2017 - Cyber Security in the Home