The National Cyber Security Centre SK-CERT warns against a critical zero-day vulnerability in Microsoft Windows 10, Windows 11 and Windows Server 2022. The vulnerability allows that any user account can become an administrator one without authorization. On 22 November 2021, a security researcher publicly disclosed the information and an exploit (a code representing a guide...

The National Cyber Security Centre SK-CERT warns against the resumption of activities of a recently dismantled EMOTET botnet. Since we experienced incidents related to EMOTET botnet also in Slovakia in the past, it is very likely to expect this botnet to reappear in the Slovak cyberspace as well. What is EMOTET? EMOTET malware is considered...

One ransomware gang ends, while another one apologises to the royal family. Two independent groups managed to break the protection of PlayStation 5 console on the same day and Microsoft patched a zero-day vulnerability. Successful hacking contest The hacking contest Zero Day Initiative’s Pwn2Own conducted in Texas City of Austin led to detection of 61...

The National Cyber Security Centre SK-CERT warns against fraudulent e-mails designed to give the impression that they are sent by the Ministry of Finance of the Slovak Republic. The e-mail promises a refund. This is a large-scale phishing campaign. It abuses claims that are not based on truth. A real aim of the campaign is...

Acer Company that manufactures laptops has not been lucky in the cybersecurity field recently. However, this can also be said about the REvil ransomware gang whose website has been inaccessible. 42nd week also brought interesting surveys, one of which says that sometimes we are too cautious. Acer again under attack Acer, PC and Device Maker,...

Europe is preparing a new regulation. This time for domain registration. REvil is behind most of ransomware attacks, but Pacific City Bank was attacked by AvosLocker ransomware. However, there are also good news – Security Service of Ukraine arrested another cybercriminal. Odd practices in Apple Apple has again silently fixed a zero-day vulnerability with the...

October is the month of cyber security; a new ransomware has been found; and today, malware is sold very cheaply.  In addition, a former member of the REvil group is arguing with his former colleagues for money and young cybersecurity talents were competing in Prague. Cybersecurity month has started As every year, also this October...

Apple has not been able to update the Finder; cybercriminals are being associated with Mafia and the data leaks continue. There also appeared a manual of Conti ransomware attack and finally one attacker got into jail for his role in a seven-year scheme. Botched update In the latest macOS Big Sur update, Apple tried to...

The National Cyber Security Centre SK-CERT warns of critical vulnerabilities in SAP products. SAP is one of the largest software manufacturers in the world. Its products focus mainly on customer relationship management, supply chain management, human resources, expenditure management and other areas. Software solutions from SAP are used worldwide not only in the private but...

On Friday, July 2, in the evening, the world was shaken by a massive ransomware attack targeting a remote server management application called the Kaseya Virtual Server Administrator, used for remote management of end user stations [1]. It is not uncommon that the major attack took place just before the Fourth of July holiday with a shorter...

The cybercriminal group REvil seems unstoppable and is beginning to realize its value. After the attack on hundreds of companies, they demand a record amount as a ransom. After the ransomware attacks on Irish hospitals and healthcare organisations, state budget reserves are likely to be depleted due to bailout provision.  Recently, however, security forces have...

On 1 July, the US National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the British National Cyber Security Centre (NCSC) issued a joint security recommendation containing information on malicious activities of the Russian military intelligence service GRU, which started in 2019 and continues to this...

The National Cyber Security Centre SK-CERT warns against the ongoing campaign that abuses the identity of Slovenská pošta. The campaign is currently running via SMS messages (also called smishing). However, the attacker may also abuse other forms of communication (e.g. e-mails). This is a large-scale phishing campaign. It uses statements that are not based on...

Another massive leak from LinkedIn social network can be added to a huge data leak of April this year. Data from more than 700 million users of this social network has leaked and has been put up for sale on the black market at this time. LinkedIn has approximately 756 million users, this would mean...

A new, already the fourth version of the Global Cybersecurity Index (GCI) published by the International Telecommunication Union, has been released. The Slovak Republic has again moved significantly up. In 2018 it was ranked 45th, while in a new version of the index dated from 2020 it has reached 34th place with a total score...

The National Cyber Security Centre SK-CERT warns against a fraudulent campaign. The actors pretend to be police officers and contact their victims by phone. They try to extract various data from them – including personal and access data. In this campaign, the attacker introduces himself as the police and after an initial talk, the victim...

The National Cyber Security Centre SK-CERT once again warns of another 0-day vulnerability in Google Chrome browser, which allows an attacker to remotely execute malicious code. Google Chrome is one of the most widely used web browsers available on most devices that users use for website browsing. On 17 June, Google released an update of...

The National Cyber Security Centre SK-CERT warns of 0-day vulnerabilities in the iOS operating system for older Apple devices in version 12.5.3, which allow an attacker to remotely execute arbitrary code. According to available information, vulnerability is being actively exploited by attackers. Apple also uses older versions of the iOS operating system on its older...

Attackers in cyberspace are constantly looking for ways to extract information or money from their victims. Perhaps, the most popular way is phishing, i.e. fraudulent messages, in which the attacker tricks the victim into handing over financial or personal data. Phishing can take many forms – via e-mails, chat services and even phone calls. However,...

State, private and foreign Indian companies, will have to focus and start working on security procedures. At Boeing, developers will have to buy calendars to see what decade they have been making the software for. A notorious DarkSide group has recently attacked the British Isles and demands a big ransom. The court has put the...

It is certainly not necessary to explain again what ransomware is. In short, it is a malicious activity that leads to encryption of data (disks, and with poorly designed infrastructure even of backups if they exist). Subsequently, the attacker blackmails the victim and asks to pay a certain amount (so-called ransom) most often in bitcoins...

Attacks that abuse the identity of the Financial Administration are constantly continuing. The National Cyber Security Centre SK-CERT has again detected an increased incidence of phishing e-mails that have the same method of execution. The attacker uses a new domain hXXps://earl-cherpeau[.]fr The National Cyber Security Centre SK-CERT, in cooperation with the Financial Administration, warns against...

A pleasant driving of Tesla can be interrupted by a person who is not even present in the car. Popular electric cars have another vulnerability under the bonnet. Amazon, IT giant, is in a similar situation. Filipino solicitor-general’s office will probably draw a lesson for the future and will reply to e-mails from the United...

The National Cyber Security Centre SK-CERT warns against a large-scale fraudulent campaign conducted through phone calls. The principle of this campaign is to extract different data from the victim, including personal and access data, through phone calls (so-called phishing/vishing). A phone call from an attacker (regardless of where the phone call really comes from) appears...

The United States went through a big data robbery. The data of almost every American appeared on the hacking forum. Millions of users of a certain Indian online store have a similar problem. Hackers have also targeted Washington police officers, and there is a risk that the local police will have major problems in the...

URGENT: Warning against fraud abusing the identity of tercio.sk The National Cyber Security Centre SK-CERT (hereinafter referred to as SK-CERT) warns against fraudulent e-mails designed to give the impression that their sender is the operator of the Internet store tercio.sk. The e-mail promises a refund. Based on SK-CERT activities and in cooperation with partners, it...

The United States’ National Security Agency  (NSA), Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) jointly issued a common Cybersecurity Advisory directly attributing the exploitation of multiple vulnerabilities for conducting attacks against US targets and allied networks to the Russian Foreign Intelligence Service (SVR). In the report, the agencies stated that...

Updated on 21 April 2021 – extended IOC List To the warning of 16.04.2021, the National Cyber Security Centre SK-CERT (hereinafter referred to as SK-CERT) publishes the following additional information and technical identifiers: SK-CERT observed in a short time sequence ransomware infections in a number of organisations in IT sectors of public administration, telecommunications, energy...

The National Cyber Security Centre SK-CERT has recorded an increased incidence of significant and successful ransomware attacks in Slovakia. Recently, similar activities have intensified in the Central Europe. The National Security Authority (hereinafter referred to as NSA) warns companies and institutions to secure and make a backup of their systems without delay. If they neglect...

The National Cyber Security Centre SK-CERT (hereinafter referred to as SK-CERT) warns against nine vulnerabilities in DNS implementations that allow attackers to render the service unavailable (DoS) and to execute any code. Vulnerabilities reported as NAME:WRECK, can be found: in popular open-source operating system FreeBSD, which is used, for example, for high-performance servers in millions...

It seems that the second week in April has been the worst week for social media platforms in terms of data leaks. It looks like now, just a few days after a billion LinkedIn and Facebook profiles leaked, it is the upstart platform Clubhouse’s turn. 1.3 million user records leaked from this platform. The leaked...

Trust but verify On the Internet, paranoia in healthy moderation is required. Either it is a webpage, a message on a social media platform or an e-mail, always keep in mind that you do not know who can sit on the other side, especially for an “offer you can’t refuse”. Password manager Although the word...

The Internet is a place of unlimited possibilities. People are spending more and more time behind a computer or mobile phone, what is not necessarily linked to the fact that most of the activities, both work and private, have moved to online space during the COVID-19 pandemic. Today, the Internet is one of the most...

The number of vulnerability victims in enterprise content firewall Accellion is constantly increasing. Most recently, a Canadian airplane maker has been targeted. Hackers also targeted Microsoft’s e-mail accounts, whilst in other case Microsoft quite richly rewarded a security researcher. A Finnish company also had to disconnect its services and dozens of nurseries in Britain renounced...

In retrospect of the year 2020 it is obviously necessary to mention all the circumstances brought about by the pandemic. With the number of changes in social or economic life, the circumstances have also caused the emergence of lots of still unknown challenges, doubts and problems. From the point of view of cybersecurity, the most...

The National Cyber Security Centre SK-CERT (hereinafter referred to as “SK-CERT”) warns of critical vulnerabilities in Microsoft Exchange Server product. The attacker can use these vulnerabilities to execute a malicious code, take control of a vulnerable system and access sensitive information. Abuse is possible without knowledge of the login name and password. These vulnerabilities are...

South Korea has caught its neighbour in the act again, a leading car maker in the country far beyond the ocean is experiencing worries “costing several millions” and the first malware optimised for Apple Silicon processors has emerged. The Ukrainian security authorities have had a successful intervention and the Dutch Police have issued a warning...

You will learn about an attempt to attack drinking water supply in the USA, as well as a popular android application or a streaming service Spotify. Security authorities have solved several successful cases, and North Korean hackers can say likewise, because they have enriched the state budget by hundreds of millions of dollars in cryptocurrencies....

If anyone thought that we would no longer hear about the Solar Winds vulnerability case and that we are out of the woods, they were very wrong. A number of attackers has begun to exploit it. In the fifth week, ransomware attacks dominated, often without knowing the attacker and his ransom demands. On the contrary,...

In the fourth week of this year, at least on the surface, the security authorities’ achievements seemed to outweigh the successes of the attackers. Apple has successfully fixed a serious vulnerability exploited by the attackers, Proofpoint researchers have published a research on banking Trojan DanaBot and organisations haven’t again avoided ransomware attacks of a larger...

Hackers staked on a new, relatively cheap and efficient Trojan horse. Attackers tried to get data from Netflix users on the British Isles. However, the other side of the fence was also successful. Interpol has identified app fraudsters, several countries have successfully intervened against the dark web platform, and important leaks in the UN have...

The National Cyber Security Centre SK-CERT warns of critical vulnerabilities in Zyxel firewalls, VPN gateways and AP controllers that can grant a remote attacker root access to vulnerable devices. The vulnerability affects more than 100 000 Zyxel devices. The vulnerability tracked as CVE-2020-29583, is based on fact that the devices have a hidden, hardcoded admin-level...

Currently, a lot is being written about Chinese IT companies. They are the subject of suspicion of our intelligence services too, in implementing 5G technologies. Even the latest findings won’t help the damaged reputation of Huawei company. The Chinese IT giant has cooperated with security suppliers to develop surveillance products, some of which may serve...

Several banks faced a sophisticated attack; the American school didn’t avoid ransomware; and the attackers targeted logistics as well. The disadvantages of converting the cybersecurity company to cybercrime company were clear to Canadian company Phantom Secure. Iranian hackers don’t spare Israeli companies; and all that glitters, it’s not Cyberpunk… More in our regular summary. Banks...

In the United States, very serious ransomware attacks on school infrastructure have spread. After October incident at schools in the state of Massachusetts and November incident in Connecticut, there was also reported an incident at schools in Alabama. A cyberattack on the platform provider for on-line learning K12, which decided to pay a ransom to...

While you read the latest news from the world of cybersecurity, the European Union is preparing for great things which have been introduced in a new strategy. The European Commission and the High Representative of the Union for Foreign Affairs and Security Policy Josep Borrell have introduced a “new cybersecurity package”. It contains a new...

The National Cyber Security Centre SK-CERT warns of a critical vulnerability in the SolarWinds Orion system, the software for monitoring and managing IT assets. Therefore, the National Cyber Security Centre SK-CERT recommends to take the following measures immediately: Separate all active SolarWinds Orion services, in any version, from the Internet and internal infrastructure If it...

On-line shopping is a great alternative to going to shops, especially during a pandemic. However, it is also a popular target for Internet scammers. During the holiday season, people are much more prone to be deceived, because they can be easily lured to discounted goods and are also pushed by time – Christmas is just...

Hackers didn’t surprise but confirmed the concerns of the intelligence services. Furthermore, even if you are a company specialized in cybersecurity, it doesn’t mean that you are protected. The proof is the society that has become a target of a sophisticated attack. An incident with delivery services in Russia was unique; the ransomware group published...