Applied artificial intelligence is becoming one of the greatest technological advances of our time. With its great potential, however, there come significant concerns about potential misuse, as well as unintended consequences in its deployment. Therefore, it is necessary to focus on the risks that arise from the use of artificial intelligence. What is artificial intelligence?…
The National Cyber Security Centre SK-CERT warns of two vulnerabilities in the MegaRAC Baseboard Management Controller (BMC) that enable bypassing authentication and injecting arbitrary code. Regarding the nature of the vulnerable systems, physical damage to vulnerable servers is also possible. The MegaRAC Baseboard Management Controller is a component that is used for server management, independent…
The National Cyber Security Centre SK-CERT (hereinafter referred to as “NCKB SK-CERT”) warns of an increased risk of ransomware attacks by the Medusa group, which are particularly targeted on educational institutions. A successful attack will cause a total unavailability of systems and services and a leak of sensitive information. What is the Medusa group? According…
The National Security Authority warns of potential cyberattack threats in connection with the increase in the use of social engineering techniques by DPRK-sponsored hacking groups. The most prominent of these groups is Kimsuky (APT 43). Their activities focus on spearphishing campaigns in which cyber actors impersonate journalists or academic scholars to collect information and documents…
The National Cyber Security Centre SK-CERT warns of a zero-day vulnerability in VMware ESXi system, which can be exploited using valid ESXi credentials. The vulnerability allows code execution in virtual servers under a privileged user without knowledge of credentials to virtual servers. In order to exploit the vulnerability, access to the ESXi administrative interface is…
The 2nd edition of the national cybersecurity CyberGame competition registered a total of 2,334 participants on both the Slovak and English playing platforms. The expert guarantor of the contest is the National Security Authority. 1,788 players were registered on the Slovak playing platform, 832 of them were active players, which means a significant increase in…
The National Cyber Security Centre SK-CERT warns of a new critical vulnerability in the FortiOS operating system included in various Fortinet products. Fortinet products are widely used by organizations in the Slovak cyberspace, including operators of essential services. The warning is issued by the National Security Authority pursuant to Article 27(1) a) of the ….
The National Cyber Security Centre SK-CERT warns of a vulnerability in motherboards from the manufacturer GIGABYTE, which are popular and often used in the Slovak market as well. GIGABYTE motherboards have a built-in motherboard firmware update mechanism that contains security vulnerabilities. Each time the computer reboots, the firmware initiates an update programme, and thus downloading…
A VPN service claiming that it does not log communications had again logs leaked. An illegal IPTV service was taken down in the Netherlands; and a large amount of medical and financial information was leaked in the US. An 18 year old hacker was discovered and charged with serious crimes by security forces; the founder…
The National Cyber Security Center SK-CERT warns about an actively exploited vulnerability in the Beautiful Cookie Consent Banner plugin of the WordPress content management system. The mentioned plugin is used to create a graphical notification about the use of cookies. The plugin has over 40,000 active installations. The vulnerability allows for a XSS attack, where…
