National CSIRT-CY | National Computer Security Incident Response Team of Cyprus

The Cybersecurity and Infrastructure Security Agency (CISA) has added two more security vulnerabilities to its catalog of exploited bugs today.

Thousands of Citrix Application Delivery Controller (ADC) and Gateway endpoints remain vulnerable to two critical security flaws disclosed by the company over the last few months.

Malware operators have been increasingly abusing the Google Ads platform to spread malware to unsuspecting users searching for popular software products.

Apple has fixed a vulnerability attackers could leverage to deploy malware on vulnerable macOS devices via untrusted applications capable of bypassing Gatekeeper application execution restrictions.

Apple on rolled out security updates to iOS, iPadOS, macOS, tvOS, and Safari web browser to address a new zero-day vulnerability that could result in the execution of malicious code.

Cisco has disclosed today a high-severity vulnerability affecting the latest generation of its IP phones and exposing them to remote code execution and denial of service (DoS) attacks.

Cybersecurity researchers have discovered a security vulnerability that exposes cars from Honda, Nissan, Infiniti, and Acura to remote attacks through a connected vehicle service provided by SiriusXM.

Σύμφωνα με ερευνητές, χάκερ εκμεταλλεύονται μια δημοφιλή πρόκληση του TikTok για να εξαπατήσουν τους χρήστες ώστε να κατεβάσουν κακόβουλο λογισμικό που υποκλέπτει πληροφορίες.

The 'iSpoof' online spoofing service has been dismantled following an international law enforcement investigation that also led to the arrest of 146 people, including the suspected mastermind of the operation.

The notorious Emotet malware has returned with renewed vigor as part of a high-volume malspam campaign designed to drop payloads like IcedID and Bumblebee.

Multiple security vulnerabilities have been disclosed in F5 BIG-IP and BIG-IQ devices that, if successfully exploited, to completely compromise affected systems.

Citrix has released security updates to address a critical authentication bypass flaw in the application delivery controller (ADC) and Gateway products that could be exploited to take control of affected systems.

The threat actor behind the RomCom RAT (remote access trojan) has refreshed its attack vector and is now abusing well-known software brands for distribution.

Οι χάκερ χρησιμοποιούν μια άγνωστη μέχρι σήμερα μορφή spyware που ονομάζεται SandStrike, η οποία διανέμεται μέσω μιας κακόβουλης εφαρμογής VPN, για να στοχεύσουν χρήστες Android.

Με την υποστήριξη της Eurojust και της Europol, οι Γαλλικές αρχές, σε συνεργασία με τη Λετονία και την Ισπανία, ανέλαβαν δράση κατά μιας ομάδας οργανωμένου εγκλήματος που χρησιμοποιούσε κακόβουλο λογισμικό για την αντιγραφή κλειδιών και την κλοπή αυτοκινήτων στη Γαλλία.

Almost 900 servers have been hacked using a critical Zimbra Collaboration Suite (ZCS) vulnerability, which at the time was a zero-day without a patch for nearly 1.5 months.

Η Meta μήνυσε αρκετές κινεζικές εταιρείες όπως HeyMods, Highlight Mobi και HeyWhatsApp για την ανάπτυξη και την υποτιθέμενη χρήση "ανεπίσημων" εφαρμογών WhatsApp Android για την κλοπή πάνω από ένα εκατομμύριο λογαριασμών WhatsApp από τον Μάιο του 2022.

WhatsApp has released security updates to address two flaws in its messaging app for Android and iOS that could lead to remote code execution on vulnerable devices.

Η δημοφιλής υπηρεσία streaming Netflix με πάνω από 220 εκατομμύρια συνδρομητές επί πληρωμή αποτελεί μεγάλη πρόκληση για τα κακόβουλα άτομα (hackers).

A decryptor for the LockerGoga ransomware has been made available by Romanian cybersecurity firm Bitdefender in collaboration with Europol, the No More Ransom project, and Zurich law enforcement authorities.