On Friday, July 2, in the evening, the world was shaken by a massive ransomware attack targeting a remote server management application called the Kaseya Virtual Server Administrator, used for remote management of end user stations [1]. It is not uncommon that the major attack took place just before the Fourth of July holiday with a shorter...

The cybercriminal group REvil seems unstoppable and is beginning to realize its value. After the attack on hundreds of companies, they demand a record amount as a ransom. After the ransomware attacks on Irish hospitals and healthcare organisations, state budget reserves are likely to be depleted due to bailout provision.  Recently, however, security forces have...

On 1 July, the US National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the British National Cyber Security Centre (NCSC) issued a joint security recommendation containing information on malicious activities of the Russian military intelligence service GRU, which started in 2019 and continues to this...

The National Cyber Security Centre SK-CERT warns against the ongoing campaign that abuses the identity of Slovenská pošta. The campaign is currently running via SMS messages (also called smishing). However, the attacker may also abuse other forms of communication (e.g. e-mails). This is a large-scale phishing campaign. It uses statements that are not based on...

The number of vulnerability victims in enterprise content firewall Accellion is constantly increasing. Most recently, a Canadian airplane maker has been targeted. Hackers also targeted Microsoft’s e-mail accounts, whilst in other case Microsoft quite richly rewarded a security researcher. A Finnish company also had to disconnect its services and dozens of nurseries in Britain renounced...

In retrospect of the year 2020 it is obviously necessary to mention all the circumstances brought about by the pandemic. With the number of changes in social or economic life, the circumstances have also caused the emergence of lots of still unknown challenges, doubts and problems. From the point of view of cybersecurity, the most...

The National Cyber Security Centre SK-CERT (hereinafter referred to as “SK-CERT”) warns of critical vulnerabilities in Microsoft Exchange Server product. The attacker can use these vulnerabilities to execute a malicious code, take control of a vulnerable system and access sensitive information. Abuse is possible without knowledge of the login name and password. These vulnerabilities are...

South Korea has caught its neighbour in the act again, a leading car maker in the country far beyond the ocean is experiencing worries “costing several millions” and the first malware optimised for Apple Silicon processors has emerged. The Ukrainian security authorities have had a successful intervention and the Dutch Police have issued a warning...

You will learn about an attempt to attack drinking water supply in the USA, as well as a popular android application or a streaming service Spotify. Security authorities have solved several successful cases, and North Korean hackers can say likewise, because they have enriched the state budget by hundreds of millions of dollars in cryptocurrencies....

If anyone thought that we would no longer hear about the Solar Winds vulnerability case and that we are out of the woods, they were very wrong. A number of attackers has begun to exploit it. In the fifth week, ransomware attacks dominated, often without knowing the attacker and his ransom demands. On the contrary,...

In the fourth week of this year, at least on the surface, the security authorities’ achievements seemed to outweigh the successes of the attackers. Apple has successfully fixed a serious vulnerability exploited by the attackers, Proofpoint researchers have published a research on banking Trojan DanaBot and organisations haven’t again avoided ransomware attacks of a larger...

Hackers staked on a new, relatively cheap and efficient Trojan horse. Attackers tried to get data from Netflix users on the British Isles. However, the other side of the fence was also successful. Interpol has identified app fraudsters, several countries have successfully intervened against the dark web platform, and important leaks in the UN have...

The National Cyber Security Centre SK-CERT warns of critical vulnerabilities in Zyxel firewalls, VPN gateways and AP controllers that can grant a remote attacker root access to vulnerable devices. The vulnerability affects more than 100 000 Zyxel devices. The vulnerability tracked as CVE-2020-29583, is based on fact that the devices have a hidden, hardcoded admin-level...

Currently, a lot is being written about Chinese IT companies. They are the subject of suspicion of our intelligence services too, in implementing 5G technologies. Even the latest findings won’t help the damaged reputation of Huawei company. The Chinese IT giant has cooperated with security suppliers to develop surveillance products, some of which may serve...

Several banks faced a sophisticated attack; the American school didn’t avoid ransomware; and the attackers targeted logistics as well. The disadvantages of converting the cybersecurity company to cybercrime company were clear to Canadian company Phantom Secure. Iranian hackers don’t spare Israeli companies; and all that glitters, it’s not Cyberpunk… More in our regular summary. Banks...

In the United States, very serious ransomware attacks on school infrastructure have spread. After October incident at schools in the state of Massachusetts and November incident in Connecticut, there was also reported an incident at schools in Alabama. A cyberattack on the platform provider for on-line learning K12, which decided to pay a ransom to...

While you read the latest news from the world of cybersecurity, the European Union is preparing for great things which have been introduced in a new strategy. The European Commission and the High Representative of the Union for Foreign Affairs and Security Policy Josep Borrell have introduced a “new cybersecurity package”. It contains a new...

The National Cyber Security Centre SK-CERT warns of a critical vulnerability in the SolarWinds Orion system, the software for monitoring and managing IT assets. Therefore, the National Cyber Security Centre SK-CERT recommends to take the following measures immediately: Separate all active SolarWinds Orion services, in any version, from the Internet and internal infrastructure If it...

On-line shopping is a great alternative to going to shops, especially during a pandemic. However, it is also a popular target for Internet scammers. During the holiday season, people are much more prone to be deceived, because they can be easily lured to discounted goods and are also pushed by time – Christmas is just...

Hackers didn’t surprise but confirmed the concerns of the intelligence services. Furthermore, even if you are a company specialized in cybersecurity, it doesn’t mean that you are protected. The proof is the society that has become a target of a sophisticated attack. An incident with delivery services in Russia was unique; the ransomware group published...

The National Cyber Security Centre SK-CERT introduces a new activity, the aim of which is to provide a weekly overview of important information in the field of cybersecurity. Its title is “TL; DR” (Too Long; Didn’t Read) and contains brief information from open sources along with a link to the original article. During the 43rd...

The 45th week was also in the spirit of data leaks and ransomware campaigns. Attackers targeted business, medical and technology organizations. A large-scale attack was attributed to the Chinese state-sponsored APT 10 – Cicada. Security researchers from Birmingham managed to revive an old vulnerability of Intel processors, and Facebook fixed a vulnerability in Messenger. China...

In the 46th week, information about the ransomware attack on Senzi TV appeared in the Slovak media world. Together with an attack on the South Korean fashion company E-Land and the crushing financial losses of the French company Sopra Steria, it emphasizes a current trend of using ransomware by cyber attackers. Vulnerabilities in the Sophos...

The last week has brought an exponential growth of ransomware as a threat to all sectors, in particular to a healthcare sector. A data leak resembling the Marriott hotels’ data leak has also become an important topic. More than 10 million user records of the hotel registration service in Spain have been leaked. TrickBot group...

Several Slovak security forces, including the National Security Authority, the Slovak Information Service, the Military Intelligence, as well as the government unit CSIRT.sk, are utilising various mechanisms and procedures of common cyber defence these days together with colleagues from the North Atlantic Treaty Organization. The Cyber Coalition runs from 16 to 20 November and is...

The National Cyber Security Centre SK-CERT introduces a new activity, the aim of which is to provide a weekly overview of important information in the field of cybersecurity. Its title is “TL; DR” (Too Long; Didn’t Read) and contains brief information from open sources along with a link to the original article. In today’s TL;...

The Polish Ministry of Justice, together with the Polish Ministry of Education and other partners, including the National Cyber Security Centre SK-CERT, this year organize an interesting competition in the field of cybersecurity named as 153 + 1. This year, the competition will be organized for the second time. Its main goal is to explain...

Scientists, doctors, immunologists and research laboratories have never been under more pressure than today. The whole world is waiting for the development of the first vital vaccine against Covid-19. However, their work attracts not only the attention of the media, but also hackers. And this year, participants of the Guardians 2020 competition are facing exactly...

As it is used to say, today you can find an application really for everything. Whether you are typing a document on a computer or watching videos on a mobile screen. Each software had to be designed, programmed and also tested. There are many different software products on the market for the same activities, and...

The National Cyber Security Centre SK-CERT warns of an increased activity of phishing attacks aimed at obtaining login data for the Office 365 application package and cloud service, the Microsoft Teams application and the Zoom application. According to a Check Point report, in Q3 2020 Microsoft became the most frequently abused company in phishing attacks[1]....

More than 2.7 billion active users communicate monthly via Facebook, the largest social network worldwide[1]. This makes it one of the most powerful tool for communication between people in the online world. It is used not only for conversations, but also for presentation of products, services and also political opinions and attitudes. This gives many...

In the age of digitization and informatization, there are unusual possibilities of automation and increasing efficiency of processes, which facilitate manufacturing of products or the service providing. However, these advantages also carry the risk of their misuse or compromise. Every organization must have the cybersecurity among its priorities, through which the organization is protected, allowing...

Every organization is just as secure as its weakest part. The experience of many companies shows that employees, either ordinary or management representatives, are often the most vulnerable. Cyberattacks are becoming more and more sophisticated and frequent. Attackers target companies regardless of their size or the sector in which they operate. And therefore, in today’s...

Working for any company and being in any position, believe it or not, you are on the front line in protecting your organization. Therefore, it is important to follow the basic security rules. It is the easiest way to keep your data as well as your organization’s data safe and secure. In the past, particularly...

October is traditionally the cybersecurity month. The European Union through its institutions runs an annual campaign dedicated to promoting cybersecurity among EU citizens and organisations and to raising cybersecurity awareness. This month, hundreds of activities take place across Europe, including trainings, conferences, webinars and presentations; this year mainly in on-line form. Their goal is to...

Cyberspace is at risk again. In the background of the corona crisis, there is an important research of an effective vaccine that would solve many problems, but scientists are not the only ones interested in its development. Various hacking groups want to access sensitive data. And it is your job to protect sensitive data from...

The National Cyber Security Centre SK-CERT (hereinafter referred to as SK-CERT) is participating in the second edition of Blue Olex 2020 exercise.  Member States of the Union take turn to organize this event once a year under the auspices of the European Union Agency for Cybersecurity (ENISA). This year it is the Netherlands which hosts...

The National Cyber Security Centre SK-CERT has recently detected an increase in the spread of malware from the EMOTET campaign in the European as well as the Slovak cyberspace. Malwares from the EMOTET campaign attempt to infiltrate into your computer, steal sensitive and private information, encrypt your data and demand a ransom, as well as...

Warning against misuse of offers for technical support of technology companies Maybe, it happened to you too. You were contacted by a number from another country informing you that your computer is infected and offering you security solutions. But do not be fooled. These scams are constantly gaining momentum, with a large number of people...

The WhatsApp communication application is popular worldwide and used by approximately 1.5 billion users[1]. Its advantage is an easy use and relatively good communication between individual users. However, the vulnerabilities do not avoid even this application, detected in its source code. WhatsApp has issued a warning about 6 critical vulnerabilities that allow: remote code execution...

Responsibility for assessment of cybersecurity auditors in Slovakia was recently taken over by a brand-new Conformity Assessment Body, the Cyber Security Competence and Certification Centre. The point is that along with it: a completely new certification scheme has been introduced. The certification scheme is based on accreditation according to the ISO/IEC 17024 Conformity assessment –...

The National Cyber Security Centre SK-CERT has published a set of basic information for all operators of industrial devices on security of OT systems. Industrial control systems, referred to as OT (operational technology), are an important part of various industrial, energy and operational systems. They are often part of critical infrastructure and for example energy,...

The current situation pushes all of us to use the Internet more than ever. We ourselves, our parents and also our children are in cyberspace every day, for several hours a day. According to data, our children, though not being in isolation, use the Internet more than ever before and this trend shows no signs...

The National Cyber Security Centre SK-CERT has detected a new attack vector, the essence of which is the compromise of the organization by means of tools for remote mobile device management (MDM). Attackers attack MDM through which a malicious code is installed to mobile devices. This results in the collection of sensitive information, such as...

A current situation, connected with the spread of COVID-19, has caused that many people had to change their daily habits and are spending most of their time at home. Many people are engaged in various hobbies that might be limited at the moment, so they try to look for other ways of using their spare...

ENISA and the European Commission published a joint report describing the progress in the implementation of 5G toolbox in Member States. The 5G toolbox was published on 29 January 2020. It contains a common approach to an objective assessment of identified risks and proportionate mitigating measures. Following the release of the toolbox, the Member States...

On 15 July 2020, the National Cyber Security Centre SK-CERT (hereinafter referred to as “SK-CERT”) issued a security warning V20200715-01 about critical vulnerabilities in Microsoft products. The most serious vulnerability, known as “SIGRed”, can completely compromise a computer. Even worse is the fact that a vulnerable Windows DNS Server application is both a core component and an...

Each operator of essential services is obliged to verify that he has effective security measures and meets the essential requirements. A cybersecurity audit is used for this purpose. The operator must be audited within two years since registration. A cybersecurity audit can be performed only by a cybersecurity auditor. The auditor must be certified beforehand...

Today, the National Cyber Security Centre SK-CERT (hereinafter referred to as “SK-CERT”) issued a security warning addressing the vulnerability of SAP products, tracked as CVE-2020-6287[1]. SAP company is one of the largest software manufacturers in the world. Its products focus mainly on management of relations with customers, supply chain management, human resources, expenditure management and...