National CSIRT-CY | National Computer Security Incident Response Team of Cyprus

Scammers are targeting website owners with blackmail messages asking them to pay ransoms between €1,500 and €3,000 in bitcoins to avoid having their sites’ databases leaked and their reputation destroyed.

New tools attributed to the Russia-linked Gamaredon hacker group include a module for Microsoft Outlook that creates custom emails with malicious documents and sends them to a victim’s contacts.

A vulnerability in the Universal Plug and Play protocol implemented in billions of devices can be exploited to exfiltrate data, turn them into bots for distributed denial-of-service attacks (DDoS), and scan internal networks.

The newly revealed USBCulprit malware is used by a group known as Cycldek, Conimes, or Goblin Panda and is designed for compromising air-gapped devices via USB.

Joomla, one of the most popular Open-source content management systems (CMS), last week announced a new data breach impacting 2,700 users who have an account with its resources directory (JRD) website, i.e., resources.joomla.org.

Apple recently paid Indian vulnerability researcher Bhavuk Jain a huge $100,000 bug bounty for reporting a highly critical vulnerability affecting its ‘Sign in with Apple‘ system.

Classified initially as a malware loader, Valak has morphed into an information stealer that targets Microsoft Exchange servers to rob email login credentials and certificates from enterprises.

Chinese security firm Qihoo 360 Netlab said it partnered with tech giant Baidu to disrupt a malware botnet infecting over hundreds of thousands of systems.

Οι εκστρατείες Phishing εξακολουθούν να χρησιμοποιούν την πανδημία COVID-19 ώστε να ενθαρρύνουν πιθανά θύματα να ακολουθήσουν κακόβουλους συνδέσμους. Σκοπός  τους, η υποκλοπή των διαπιστευτηρίων του χρήστη (username/password) επιτρέποντάς τους να αποκτήσουν πρόσβαση σε λογαριασμούς και δίκτυα που ανήκουν σε άτομα ή/και επιχειρήσεις.

ESET security researchers have discovered a new version of the ComRAT backdoor controlled using the Gmail web interface and used by the state-backed Russian hacker group Turla for harvesting and stealing in attacks against governmental institutions.