National CSIRT-CY | National Computer Security Incident Response Team of Cyprus

The Maze ransomware operators have adopted a tactic previously used by the Ragnar Locker gang; to encrypt a computer from within a virtual machine.

The list of native executables in Windows that can download or run malicious code keeps growing as another one has been reported recently.

The US Cybersecurity and Infrastructure Security Agency (CISA) issued a new advisory on Monday about a wave of cyberattacks carried by Chinese nation-state actors targeting US government agencies and private entities.

Palo Alto Networks has fixed a new critical vulnerability affecting multiple versions of PAN-OS, the operating system affecting its next-generation firewalls.

Attackers who are actively exploiting a critical remote code execution flaw affecting over 600,000 of WordPress sites running vulnerable File Manager plugin versions have also been seen protecting the sites they compromise from other threat actors’ attacks.

Using standard tactics, the operators of ProLock ransomware were able to deploy a large number of attacks over the past six months, averaging close to one target every day.

A vulnerability exists in certain implementations of Bluetooth 4.0 through 5.0 which allows an attacker to overwrite or lower the strength of the pairing key, giving them access to authenticated services.

The French national cyber-security agency today published an alert warning of a surge in Emotet attacks targeting the private sector and public administration entities throughout the country.

Hackers are actively exploiting a critical remote code execution vulnerability allowing unauthenticated attackers to upload scripts and execute arbitrary code on WordPress sites running vulnerable File Manager plugin versions.

Threat researchers discovered a new malware family that is fully focused on getting as much cryptocurrency as possible from its victims. For this purpose, it steals wallets, hijacks transactions, and starts mining on infected machines.