National CSIRT-CY | National Computer Security Incident Response Team of Cyprus

Several security vulnerabilities found in Qualcomm’s Snapdragon chip Digital Signal Processor (DSP) chip could allow attackers to take control of almost 40% of all smartphones, spy on their users, and create un-removable malware capable of evading detection.

A high-risk vulnerability (CVE-2020-13699) in TeamViewer for Windows could be exploited by remote attackers to crack users’ password and, consequently, lead to further system exploitation.

The plugin also comes with support for chat transcripts and makes it easy to set up auto-replies and FAQs outside working hours to provide visitors with helpful information while the site owner can’t reply.

Twitter today said that the attackers behind this month’s hack were able to take control of high-profile accounts after stealing Twitter employees’ credentials as part of a phone spear phishing attack on July 15, 2020.

Εντοπίστηκε συνεχιζόμενη εκστρατεία ηλεκτρονικού ψαρέματος που εξαπατά τους χρήστες Office 365 για να υποκλέψει τα διαπιστευτήριά τους παρουσιάζοντας πλαστή πύλη σύνδεσης.

A new cryptojacking botnet is spreading across compromised networks via multiple methods that include the EternalBlue exploit for Windows Server Message Block (SMB) communication protocol.

A recently discovered malware framework known as MATA and linked to the North Korean-backed hacking group known as Lazarus was used in attacks targeting corporate entities from multiple countries since April 2018 for ransomware deployment and data theft.

Στο Facebook έχει εντοπιστεί σελίδα με ονομασία «Notification Checking Policy Pages Corporation-Team 2020», όπου με τακτικές ηλεκτρονικού ψαρέματος δημοσιεύει προφίλ δημοσίων προσώπων της Κύπρου με ψευδή σύνδεσμο για πιστοποίηση του λογαριασμού με σκοπό την εξαπάτηση των χρηστών.

Researchers tracking Emotet botnet noticed that the malware started to push QakBot banking trojan at an unusually high rate, replacing the longtime TrickBot payload.