National CSIRT-CY | National Computer Security Incident Response Team of Cyprus

Η Εθνική Ομάδα Αντιμετώπισης Ηλεκτρονικών Επιθέσεων προβλέπει την αύξηση της ηλεκτρονικής ασφαλείας ενισχύοντας την προστασία του κυβερνοχώρου των Εθνικών Κρίσιμων Πληροφοριακών Υποδομών, των τραπεζών και των παροχών επικοινωνίας της Κυπριακής Δημοκρατίας.

06 Μαΐου 2020

Since the past few weeks, software giant Citrix has privately been rolling out a critical software update to its enterprise customers that patches multiple security vulnerabilities affecting Citrix ShareFile content collaboration platform.

05 Μαΐου 2020

Days after cybersecurity researchers sounded the alarm over two critical vulnerabilities in the SaltStack configuration framework, a hacking campaign has already begun exploiting the flaws to breach servers of LineageOS, Ghost, and DigiCert.

04 Μαΐου 2020

A hacker is selling a database containing the information of 91 million Tokopedia accounts on a dark web market for as little as $5,000. Other threat actors have already started to crack passwords and share them online.

04 Μαΐου 2020

Two severe security flaws have been discovered in the open-source SaltStack Salt configuration framework that could allow an adversary to execute arbitrary code on remote servers deployed in data centers and cloud environments. The vulnerabilities were identified by F-Secure researchers earlier this March and disclosed on Thursday, a day after SaltStack released a patch (version 3000.2) addressing the issues, rated with CVSS score 10.

29 Απριλίου 2020

A threat actor focusing on Android systems has expanded their malware-as-a-service (MaaS) business with file-encrypting capabilities for ransomware operations.

28 Απριλίου 2020

As people socially isolate and work from home, shopping online and home deliveries have increased.

27 Απριλίου 2020

After looking at how Microsoft Teams handles image resources, security researchers found a way to take over accounts by sending recipients a regular GIF.

27 Απριλίου 2020

Sophos has fixed a zero-day SQL injection vulnerability in their XG Firewall after receiving reports that hackers actively exploited it in attacks.

24 Απριλίου 2020

Cyber-security firm GreyNoise Intelligence today announced the launch of GreyNoise Alerts, a new free service that will automatically notify you via email when any devices on your organization’s IP address range get hacked and start exhibiting potentially malicious behavior.

24 Απριλίου 2020

Malwarebytes is expanding into privacy with the release of a new Windows VPN service called Malwarebytes Privacy. Malwarebytes plans on offering Mac, iOS, Android, and ChromeOS versions in the future.

23 Απριλίου 2020

A new phishing campaign is underway that targets a company’s employees with fake customer complaints that install a new backdoor used to compromise a network.

22 Απριλίου 2020

A fake WiFi hacking program is being used to distribute a new Coronavirus-themed malware that tries to lock you out of Windows while making some very annoying sounds.

16 Απριλίου 2020

Microsoft has released an out-of-band security update that fixes remote code execution vulnerabilities in an Autodesk FBX library integrated into Microsoft Office and Paint 3D applications.

15 Απριλίου 2020

The U.S. Federal Bureau of Investigation (FBI) warned government agencies and health care organizations of ongoing BEC schemes exploiting the COVID-19 pandemic, as well as an overall increase in cryptocurrency and health care fraud scam activity targeting consumers.

14 Απριλίου 2020

Attackers using the Ragnar Locker ransomware have encrypted the systems of Portuguese multinational energy giant Energias de Portugal (EDP) and are now asking for a 1580 BTC ransom ($10.9M or €9.9M).

10 Απριλίου 2020

In our previous posts, you might have already read about various campaigns warning how threat actors are capitalizing on the ongoing coronavirus pandemic in an attempt to infect your computers and mobile devices with malware or scam you out of your money.

10 Απριλίου 2020

Το Universal Plug and Play (UPnP) είναι ένα σύνολο πρωτοκόλλων δικτύωσης που επιτρέπει σε δικτυωμένες συσκευές, όπως προσωπικούς υπολογιστές, εκτυπωτές, Internet gateways, σημεία πρόσβασης Wi-Fi και κινητές συσκευές, να αναγνωρίζουν αδιάλειπτα την παρουσία άλλων συσκευών στο δίκτυο και να δημιουργήσουν λειτουργικές υπηρεσίες δικτύου για κοινή χρήση δεδομένων, πικοινωνίες και ψυχαγωγία. Το UPnP προορίζεται κυρίως για οικιακά δίκτυα χωρίς συσκευές enterprise-class.

10 Απριλίου 2020

Cybersecurity researchers have discovered a new emerging IoT botnet threat that leverages compromised smart devices to stage ‘distributed denial-of-service’ attacks, potentially triggered on-demand through platforms offering DDoS-for-hire services.

09 Απριλίου 2020

Over the past few weeks, the use of Zoom video conferencing software has exploded ever since it emerged the platform of choice to host everything from cabinet meetings to gym classes amidst the ongoing coronavirus outbreak and work from home became the new normal.

ENISA: Cyber threats require heightened defences

#CyberSecMonth 2017 - Cyber Security in the Home