Founder and CEO of Cyber Services, conducting cybersecurity and cyber defense capability development on numerous international fronts.
Password management service LastPass confirmed a security incident that resulted in the theft of certain source code and technical information. The security breach is said to have occurred two weeks ago, targeting its development environment. No customer data or encrypted passwords were accessed, although the company provided no further details
Iranian state-sponsored actors are leaving no stone unturned to exploit unpatched systems running Log4j to target Israeli entities, indicating the vulnerability's long tail for remediation. Microsoft attributed the latest set of activities to the umbrella threat group tracked as MuddyWater (aka Cobalt Ulster, Mercury, Seedworm, or Static Kitten)
Egyre több magyar felhasználó kap olyan Facebook üzenetet, miszerint az általa üzemeltetett oldal sérti a platform házirendjét és ahhoz, hogy az oldalt ne zárolják, adategyeztetést kérnek. Csakhogy, nem a Facebook küldi az üzeneteket.
The Association of German Chambers of Industry and Commerce (DIHK) was forced to shut down all of its IT systems and switch off digital services, telephones, and email servers, in response to a cyberattack. DIHK is a coalition of 79 chambers representing companies within the German state, with over three
A new botnet called 'RapperBot' is being used in attacks since mid-June 2022, focusing on brute-forcing its way into Linux SSH servers to establish a foothold on the device. The researchers show that RapperBot is based on the Mirai trojan but deviates from the the original malware'
Mandiant has identified an ongoing information operations (IO) campaign leveraging a network of at least 72 suspected inauthentic news sites and a number of suspected inauthentic social media assets to disseminate content strategically aligned with the political interests of the People’s Republic of China (PRC). Pro-PRC “HaiEnergy” Information Operations
APT31 renews its attacks against Russian companies via cloud storage, Detailed analysis of the tools revealed the use of the Yandex.Disk service as a C2 server. Flying in the clouds: APT31 renews its attacks on Russian companies through cloud storageFlying in the clouds: APT31 renews its attacks on Russian
CloudSEK’s Attack Surface Monitoring Platform, uncovered 3207 apps, leaking Twitter API keys, that can be utilized to gain access to or to take over Twitter accounts. How Leaked Twitter API Keys Can be Used to Build a Bot Army - CloudSEKCloudSEK’s Attack Surface Monitoring Platform, uncovered 3207 apps,
Founder of pro-Russian hacktivist Killnet quitting group The founder and leader of the crowdsourced pro-Russian hacktivists Killnet announced his plans to leave the group after an upcoming hack and leak operation against Lockheed Martin. Founder of pro-Russian hacktivist Killnet quitting groupKillnet is best known for DDoS attacks against a Connecticut
Millions of Arris routers are vulnerable to path traversal attacks Millions of Arris routers are vulnerable to path traversal attacksA researcher has found a serious vulnerability in the muhttpd webserver that is used in millions of routers and modems.MalwarebytesPieter Arntz
How Dozens of Pro-Russian Groups Are Using Cryptocurrency Donations to Fund the War in Ukraine Report: Pro-Russia groups raise $2.2 million in cryptocurrency to fund warDuring the war, both Ukraine and Russia have tapped into cryptocurrency markets to raise money for their military efforts.The Record by Recorded FutureDaryna
Heti összefoglaló az ukrán-orosz kiberfrontról 2022. 07. 11 - 2022. 07. 17. Az orosz-ukrán háborúhoz kapcsolódó hacker csoportok állapota a Cyberknow júl. 14-i frissítése szerint: * összesen 89 aktív csoport - az eddigi legmagasabb szám * 44 ukránbarát * 40 oroszbarát * 5 "mikor-hogy" * Az előző állapothoz képest 26 csoport került hozzáadásra
A OneFist csoport az Operation Molchanie (Молчание, "Csend") nevű művelet keretében támadást indítottak a VoIP és a kommunikációs infrastruktúra ellen Oroszország-szerte, ami az eddigi legnagyobb kampányuk. The message: In Operation Molchanie (Молчание, "Silence"), we have started a massive attack against VoIP and communications infrastructure across Russia,
A kiberbiztonságban az egyik legnehezebben kivédhető támadás az adathalászat, azaz a "phishing". Az ilyen típusú támadások nem a szoftveres, vagy hardveres védelemmel ellátott hálózatokat, számítógépeket célozzák, hanem a kiberbiztonsági szakemberek által a digitális ellátási lánc leggyengébb láncszemének tartott elemet, az egyént, a felhasználót célozzák. Mi az adathalászat? A
OneFist's "usual" weekend hack. "They obviously don't work" during the week... The message: First strike of the Week of Fire! Under Operation Spike2, we demolished a critical switch for the data center of RST (railst.ru) along with it's email
Researchers have uncovered a gigantic network of more than 11,000 domains used to promote numerous fake investment schemes to users in Europe. The platforms show fabricated evidence of enrichment and falsified celebrity endorsements to create an image of legitimacy and lure in a larger number of victims. Huge network
