National CSIRT-CY | National Computer Security Incident Response Team of Cyprus

Η Εθνική Ομάδα Αντιμετώπισης Ηλεκτρονικών Επιθέσεων προβλέπει την αύξηση της ηλεκτρονικής ασφαλείας ενισχύοντας την προστασία του κυβερνοχώρου των Εθνικών Κρίσιμων Πληροφοριακών Υποδομών, των τραπεζών και των παροχών επικοινωνίας της Κυπριακής Δημοκρατίας.

13 Ιανουαρίου 2020

Ransom.Sodinokibi is Malwarebytes’ detection name for a family of Ransomware that targets Windows systems. Ransom.Sodinokibi encrypts important files and asks for a ransom to decrypt them.

13 Ιανουαρίου 2020

It’s now or never to prevent your enterprise servers running vulnerable versions of Citrix application delivery, load balancing, and Gateway solutions from getting hacked by remote attackers.

10 Ιανουαρίου 2020

The attackers behind the Sodinokibi Ransomware are applying pressure on Travelex to pay a multi-million dollar ransom by stating they will release or sell stolen data that allegedly contains customer’s personal information.

10 Ιανουαρίου 2020

Security researchers found several vulnerabilities within TikTok’s infrastructure that made it possible for potential attackers to hijack accounts to manipulate users’ videos and steal their personal information.

TikTok is a social media platform owned by Beijing-based ByteDance, with offices around the world, servers based in the countries where its iOS and Android apps operate, and it is used for sharing short-form looping mobile videos of 3 to 60 seconds.

The platform’s Android app currently has over 500,000,000 installs according to Google Play Store stats and has crossed the 1.5 billion installs mark on all mobile platforms during November 2019 according to Sensor Tower Store Intelligence estimates.

TikTok’s applications and its backend were vulnerable to attacks as Check Point researchers state in a report shared with Bleeping Computer earlier this week.

The security issues were disclosed to ByteDance during late November, with the company fixing the vulnerabilities within one month.

“Data is pervasive but data breaches are becoming an epidemic, and our latest research shows that the most popular apps are still at risk,” Check Point’s Head of Product Vulnerability Research Oded Vanunu said.

“Social media applications are highly targeted for vulnerabilities as they provide a good source for private data and offer a good attack surface gate.”

TikTok’s vulnerable SMS system

TikTok’s SMS system allowed the Check Point research team to manipulate account data by adding and deleting videos, to demonstrate privacy encroachment issues by changing video privacy settings from private to public, and to exfiltrate personal user data including full name, email address, and birthday.

As shown by Check Point Research, attackers could have exploited these vulnerabilities via TikTok’s SMS system to:

• Upload unauthorized videos and deleting users’ videos
• Move users’ videos from private to public
• Steal sensitive personal data

To be able to perform these malicious actions, hackers could send app download links to any user’s phone number via text messages by impersonating TikTok which allowed them to inject and execute malicious code.

Additionally, attackers could redirect TikTok users onto a web server they controlled using the same tactic controlled thus making it possible for the hackers to send unwanted requests on behalf of their victims.

Potential attackers could have used “the same technique to redirect a victim to a malicious website under the guise of tiktok.com,” Check Point Research also found.

“The redirection opens the possibility of accomplishing Cross-Site Request Forgery (CSRF), Cross-Site Scripting (XSS), and Sensitive Data Exposure attacks without user consent.”

TikTok Security Team’s Luke Deshotels said that “TikTok is committed to protecting user data. Like many organizations, we encourage responsible security researchers to privately disclose zero day vulnerabilities to us.

10 Ιανουαρίου 2020

If you are using Firefox as your web browsing software on your Windows, Linux, or Mac systems you should immediately update your free and open-source Firefox web browser to the latest version available on Mozilla’s website.

05 Ιανουαρίου 2020

ZURICH (Reuters) – Austria suspects a foreign country is behind a serious cyberattack on information systems at its Foreign Ministry that continued on Sunday, the ministry said.

“Given the type and seriousness of the attack we assume this probably concerns a state actor and not criminals,” a ministry spokesman said.

He declined to give technical details about the assault or speculate on who might be behind it. “Experts have informed us that these things can last several days,” he added.

The Austrian government reported the attack late on Saturday, noting other European countries have also been targeted for similar attacks in the past. The attack came on the same day the environmentalist Greens party backed forming a coalition government with Sebastian Kurz’s conservatives. The ministry said “countermeasures” were in place while an inter-agency task force reviewed the situation. Services such as travel information were still available on its website.

Source: https://www.reuters.com/article/us-austria-cyber/austria-suspects-foreign-state-behind-cyberattack-on-ministry-idUSKBN1Z408F

ENISA: Cyber threats require heightened defences

#CyberSecMonth 2017 - Cyber Security in the Home