National CSIRT-CY | National Computer Security Incident Response Team of Cyprus

First discovered in 1998, SQL injections (SQLi) are still a devastatingly effective attack technique and remain a top database security priority.

VMware has published security updates to address a high severity vulnerability in vRealize Operations that could allow attackers to steal admin credentials after exploiting vulnerable servers.

In the latest software supply chain attack, the official PHP Git repository was hacked and the code base tampered with.

Popular npm library netmask has a critical networking vulnerability.

To «σκοτεινό διαδίκτυο» γνωστό και ως Dark Web είναι ένα μέρος του Διαδικτύου που δεν ανιχνεύεται από μηχανές αναζήτησης και οι κυβερνοεγκληματίες συχνά πωλούν και αγοράζουν παράνομα προϊόντα ή υπηρεσίες. Οι επικοινωνίες γίνονται μέσω εφαρμογών κρυπτογραφημένων μηνυμάτων, ενώ οι πληρωμές ζητούνται με τη μορφή κρυπτονομισμάτων, το οποία είναι πολύ δύσκολα να εντοπιστούν.

Energy giant Shell has disclosed a data breach after attackers compromised the company’s secure file-sharing system powered by Accellion’s File Transfer Appliance (FTA).

DDoS-for-hire services are now actively abusing misconfigured or out-of-date Datagram Transport Layer Security (D/TLS) servers to amplify Distributed Denial of Service (DDoS) attacks.

Yesterday, a researcher disclosed a method of hiding up to three MB of data inside a Twitter image.

VMware has addressed a high severity unauthenticated RCE vulnerability in VMware View Planner, allowing attackers to abuse servers running unpatched software for remote code execution.

Following Microsoft’s release of out-of-band patches to address multiple zero-day flaws in on-premises versions of Microsoft Exchange Server, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive warning of “active exploitation” of the vulnerabilities.

Microsoft has released an updated script that scans Exchange log files for indicators of compromise (IOCs) associated with the vulnerabilities disclosed on March 2, 2021.

Threat actors are targeting Amazon, Zillow, Lyft, and Slack NodeJS apps using a new ‘Dependency Confusion’ vulnerability to steal Linux/Unix password files and open reverse shells back to the attackers.

Cisco has addressed a maximum severity authentication bypass vulnerability found in the API endpoint of the Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine.

Chinese state hackers cloned and started using an NSA zero-day exploit almost three years before the Shadow Brokers hacker group publicly leaked it in April 2017.

The French national cyber-security agency has linked a series of attacks that resulted in the breach of multiple French IT providers over a span of four years to the Russian-backed Sandworm hacking group.

UAE and Kuwait government agencies are targets of a new cyberespionage campaign potentially carried out by Iranian threat actors, according to new research.

Microsoft has fixed a bug that could allow a threat actor to create specially crafted downloads that crash Windows 10 simply by opening the folder where they are downloaded.

A hacker gained access to the water treatment system for the city of Oldsmar, Florida, and attempted to increase the concentration of sodium hydroxide (NaOH), also known as lye and caustic soda, to extremely dangerous levels.

A SonicWall SMA 100 zero-day vulnerability is being actively exploited in the wild, according to a tweet by cybersecurity firm NCC Group.

Law enforcement and judicial authorities worldwide have this week disrupted one of most significant botnets of the past decade: EMOTET. Investigators have now taken control of its infrastructure in an international coordinated action.