Téli szünet
A CTR tizenötödik hónapja végzi áldozatos munkáját, érdemeink vitathatatlanok, hibáink talán elhanyagolhatóak.
News
2023-095: Critical Vulnerability in Apache Struts - with Mittre TTPs
On December 7, 2023, The Apache Struts group released an update addressing a critical security vulnerability in Apache Struts. This vulnerability could lead, under some circumstances, to remote code execution. It is recommended to upgrade to a not vulnerable version as soon as possible. Apache Struts Security Vulnerability Apache Struts
2023-092: Critical vulnerability in FortiSIEM
On November 14, Fortinet released an advisory regarding a critical vulnerability affecting FortiSIEM which may allow a remote unauthenticated attacker to execute unauthorised commands via crafted API requests. FortiSIEM Vulnerability FortiSIEM Vulnerability History * 20/11/2023 - v1.0 - Initial publication * 21/11/2023 - v1.1 - Correction
Hacked: Russian GRU officer wanted by the FBI, leader of the hacker group APT 28
Ukrainian hacktivist team Cyber Resistance hacked the email of Lieutenant Colonel Sergey Alexandrovich Morgachev, an officer of the Russian Main Intelligence Directorate of the General Staff of the Russian Army (GRU), leader of the Russian hacker group APT 28, consisting of officers of the 85th Main Special Service Center of
Russian Winter Vivern hackers exploit Zimbra flaw to steal NATO emails
A Russian hacking group tracked as TA473, aka 'Winter Vivern,' has been actively exploiting vulnerabilities in unpatched Zimbra endpoints since February 2023 to steal the emails of NATO officials, governments, military personnel, and diplomats. Two weeks ago, Sentinel Labs reported on a recent operation by 'Winter Vivern&
Bitter APT group targets China’s nuclear energy sector
Intezer researchers uncovered a cyberespionage campaign targeting the Chinese nuclear energy sector, they linked it to the Bitter APT group. The Bitter APT group is a South Asian cyberespionage group active since at least 2021. The group focuses on energy and government sectors, in the past, the group targeted organizations
Microsoft Warns of Stealthy Outlook Vulnerability Exploited by Russian Hackers
Microsoft shared guidance for investigating attacks using critical CVE-2023-23397 vulnerability in Outlook. Tracked as CVE-2023-23397 (CVSS score: 9.8), the critical flaw relates to a case of privilege escalation that could be exploited to steal NT Lan Manager (NTLM) hashes and stage a relay attack without requiring any user interaction.
Pro-Russia hackers are increasingly targeting hospitals, researchers warns
Cybersecurity researchers said this week that they have observed the pro-Russia hacking group known as Killnet increasingly launch distributed denial of service (DDoS) attacks targeting healthcare organizations since November. Killnet was established following Russia’s invasion of Ukraine in February 2022, and spent most of the last year launching DDoS
YoroTrooper cyberspies target CIS energy orgs, EU embassies
A new threat actor named 'YoroTrooper' has been running cyber-espionage campaigns since at least June 2022, targeting government and energy organizations in Commonwealth of Independent States (CIS) countries. According to Cisco Talos, the threat actor has compromised accounts of a critical European Union agency engaged in healthcare, the
Russia-linked APT29 Uses Poland's Ambassador’s Visit to the U.S. to Target EU Governments Assisting Ukraine
Russia-linked APT29 (aka SVR group, Cozy Bear, Nobelium, and The Dukes) was spotted abusing the legitimate information exchange systems used by European countries in attacks aimed at governments. In early March, BlackBerry researchers uncovered a new cyber espionage campaign aimed at EU countries. The hackers targeted diplomatic entities and systems