The National Cyber Security Centre SK-CERT warns of several vulnerabilities in Apple products that could be exploited by attackers for remote code execution, denial of service or information theft. Apple has released a patch for several vulnerabilities, including several critical ones that allow attackers to execute several malicious activities – denial of service, privilege escalation,…
Security researchers have released decryption keys for ransomware; criminals have stolen Darkweb business from other criminals; and hacktivists are freely distributing data from two forensic companies. Europol and the security forces carried out several successful international interventions against fraudsters in call centres. The success of security forces Europol, in cooperation with the law enforcement and…
The National Cyber Security Centre SK-CERT warns of critical vulnerabilities in Git system that could be exploited by attackers for remote code execution. Git is a distributed revision control tool. Git is a popular open-source tool used worldwide. Critical vulnerabilities are tracked as CVE-2022-23521 and CVE-2022-41903. The vulnerabilities allow an unauthenticated attacker to execute code…
The National Cyber Security Centre SK-CERT warns of a new vulnerability in the firmware of programmable logic controllers (PLC) from Siemens. PLC devices from Siemens are also popular and widely used in Slovakia in various areas of manufacturing and industry. The vulnerability allows an attacker to bypass all protected boot features allowing him to modify…
A corporation was fined for illegal advertising; schoolchildren in the US were given three days of cyber holiday; and a British medical centre gave its patients an unwanted gift in the form of a text message. Security researchers published decryption keys for ransomware; and cybercriminals started using artificial intelligence to write malware. Fine for advertising…
Security forces in Ukraine managed to achieve another success in the fight against cybercrime. The LastPass data breach is escalating; and there is also more recent information about the sports betting company DraftKings’ data leak. Cybercriminals attacked a children’s hospital in Canada; and several charges were laid and several sentences handed down. Ransomware attack on…
The National Cyber Security Centre SK-CERT (hereinafter referred to as “NCSC SK-CERT”) warns of a new critical vulnerability in FortiOS and FortiProxy products. FortiOS and FortiProxy are Fortinet products. FortiOS is an operating system that is used in other Fortinet products, FortiProxy is a web proxy used mainly for URL filtering, threat protection and malware…
A company focusing on secure password storage has become a victim of a data leak; two cybercriminals have been arrested with millions in profits; and a French energy company has discovered that weak password encryption does not pay off. Passwords are “safe” LastPass became a target of another cyberattack, leading to a data breach. Cybercriminals…
Although a new version of the TLP standard has been available for a longer time (the National Cyber Security Centre SK-CERT already published the relevant article in August), not all organizations have adopted these changes into their processes. The National Cyber Security Centre SK-CERT (hereinafter referred to as “NCSC SK-CERT”) therefore appeals to all those…
The National Cyber Security Centre SK-CERT reminds that the OpenSSL developers have announced the release of a patch for a critical security vulnerability on Tuesday, 1 November 2022 at 2:00 p.m. (winter time). Please note that details will be published during our bank holiday. Operators of essential services are therefore strongly advised to place necessary…
