Microsoft faces an incident that may have resulted in the data leak of tens of thousands of entities, security forces arrested members of a car-jacking gang, and an Australian insurance company was the victim of a ransomware attack. Microsoft incident A configuration error led to a potential leak of Microsoft customer and partner information. SOCRadar…
A Japanese car company has been sharing access keys to some of its systems on its GitHub for five years, a US hospital network is battling a ransomware infection, and users of unofficial WhatsApp clients should consider returning to the original. After Slovak airports, US ones also faced a DDoS attack and AVAST has published…
The National Security Authority has been granted CVE Numbering Authority (CNA) status. This will give it greater flexibility in assigning vulnerability identifiers (CVE numbers). The National Cyber Security Centre SK-CERT will be one of 12 CERTs from around the world to have this status. It will be only the third of its kind in Europe….
The National Cyber Security Centre SK-CERT warns of a critical vulnerability in the Zimbra Collaboration Suite. Zimbra is a popular web-based email server that is often used in Slovak cyberspace. Recent vulnerabilities in this product cause an attacker to upload arbitrary files, which can lead to unauthorized code execution. Exploiting the vulnerabilities will allow full…
The National Cyber Security Centre SK-CERT warns of a critical vulnerability in FortinetOS and FortiProxy products. FortinetOS and FortiProxy are Fortinet products. FortinetOS is an operating system that is used in other Fortinet products, FortiProxy is a web proxy used mainly for URL filtering, threat protection and malware detection. The latest vulnerability is a flaw…
The security forces have had much success in arresting, investigating and trying cyber criminals, a chess genius has been branded a fraudster, and data leaks by telecommunications companies in Australia have been a prominent theme. Arrests in Germany German police carried out house searches of three people accused of carrying out phishing attacks leading to…
Update 10.10.2022 09:50: update recommendations (another change in URL rewrite rule) Update 5.10.2022 14:00: update recommendations (small change in URL rewrite rule) Update 30.09.2022 13:00: attacker must be authenticated The National Cyber Security Centre SK-CERT warns of actively exploited zero-day vulnerabilities in the Microsoft Exchange Server product. By exploiting unspecified vulnerabilities, a remote unauthenticated authenticated…
Security researchers have published information about malware that installs a large number of others, a new tool is spreading on hacker forums, and Brazilian payment portal hackers have returned after a year-long hiatus. Malware mixer Security researchers from Kaspersky have released information about the new NullMixer malware. It spreads via websites that share cracked software….
Security researchers published an analysis on the misuse of games to distribute malware, a network of hotels fell victim to a potential attack, and security forces saw significant successes in arresting several cybercriminals and dismantling a large cybercrime forum. Gaming risk analysis Kaspersky security researchers have published a detailed analysis of cyber threats related to…
Twitter’s former chief of cybersecurity has released a great deal of serious information about the state of the social network’s cybersecurity. Cybercriminals have found out what it’s like to be the target of a DDoS attack, being a crumb in its intensity compared to a new DDoS record successfully repelled by Google. Extreme accusations Twitter’s…
