English News

New nation-state cyberattacks

New nation-state cyberattacks

Today, we’re sharing information about a state-sponsored threat actor identified by the Microsoft Threat Intelligence Center (MSTIC) that we are calling Hafnium. Hafnium operates from […]
ENISA and CERT-EU sign Agreement to start their Structured Cooperation

ENISA and CERT-EU sign Agreement to start their Structured Cooperation

The European Union Agency for Cybersecurity (ENISA) and the Computer Emergency Response Team for the EU Institutions, Bodies and Agencies (CERT-EU) are pleased to announce […]
Firewall Vendor Patches Critical Auth Bypass Flaw

Firewall Vendor Patches Critical Auth Bypass Flaw

Cybersecurity firm Genua fixes a critical flaw in its GenuGate High Resistance Firewall, allowing attackers to log in as root users. According to Genua. GenuGate […]
Hackers release a new jailbreak tool for almost every iPhone

Hackers release a new jailbreak tool for almost every iPhone

An iPhone hacking team has released a new jailbreak tool for almost every iPhone, including the most recent models, by using the same vulnerability that […]
Far-Right Platform Gab Has Been Hacked – Including Private Data

Far-Right Platform Gab Has Been Hacked – Including Private Data

The transparency group DDoSecrets says it will make the 70GB of passwords, private posts, and more available to researchers, journalists, and social scientists. https://www.wired.com/story/gab-hack-data-breach-ddosecrets/ https://ddosecrets.com/wiki/GabLeaks […]
China-linked Group RedEcho Targets the Indian Power Sector Amid Heightened Border Tensions

China-linked Group RedEcho Targets the Indian Power Sector Amid Heightened Border Tensions

This report details a campaign conducted by a China-linked threat activity group, RedEcho, targeting the Indian power sector. The activity was identified through a combination […]
NSA Releases Guidance on Zero Trust Security Model

NSA Releases Guidance on Zero Trust Security Model

The National Security Agency (NSA) has released Cybersecurity Information Sheet: Embracing a Zero Trust Security Model, which provides information about, and recommendations for, implementing Zero […]
North Korean Hackers Targeting Defense Firms with ThreatNeedle Malware

North Korean Hackers Targeting Defense Firms with ThreatNeedle Malware

A prolific North Korean state-sponsored hacking group has been tied to a new ongoing espionage campaign aimed at exfiltrating sensitive information from organizations in the […]
Hypervisor Jackpotting: CARBON SPIDER and SPRITE SPIDER Target ESXi Servers With Ransomware to Maximize Impact

Hypervisor Jackpotting: CARBON SPIDER and SPRITE SPIDER Target ESXi Servers With Ransomware to Maximize Impact

Targeted large-scale ransomware campaigns, referred to as big game hunting (BGH), remained the primary eCrime threat to organizations across all sectors in 2020. The relentless […]
NPower cyber attack – customers warned personal details may have been breached

NPower cyber attack – customers warned personal details may have been breached

The firm, owned by E.ON – one of the UK’s big six energy suppliers – has not revealed how many people may have been affected […]
Cybersecurity for 5G: ENISA Releases Report on Security Controls in 3GPP

Cybersecurity for 5G: ENISA Releases Report on Security Controls in 3GPP

The European Union Agency for Cybersecurity (ENISA) provides authorities with technical guidance on the 5G Toolbox measure for security requirements in existing 5G standards. The […]
CrowdStrike Slams Microsoft Over SolarWinds Hack

CrowdStrike Slams Microsoft Over SolarWinds Hack

CrowdStrike’s chief executive George Kurtz said the hackers were able to exploit Microsoft’s overly complicated and „antiquated“ architecture. “The threat actor took advantage of systemic […]
The Untold History of America’s Zero-Day Market

The Untold History of America’s Zero-Day Market

The lucrative business of dealing in code vulnerabilities is central to espionage and war planning, which is why brokers never spoke about it—until now. https://www.wired.com/story/untold-history-americas-zero-day-market/ […]
China Hijacked an NSA Hacking Tool in 2014—and Used It for Years

China Hijacked an NSA Hacking Tool in 2014—and Used It for Years

The hackers used the agency’s EpMe exploit to attack Windows devices years before the Shadow Brokers leaked the agency’s zero-day arsenal online. More than four […]
Modlishka – The Tool That Can Bypass Two-Factor Authentication Via Phishing

Modlishka – The Tool That Can Bypass Two-Factor Authentication Via Phishing

While most users consider two-factor authentication a security measure to protect accounts, a researcher has proved otherwise. The researcher has simply deployed the tool online […]
Guidelines for Securing the Internet of Things

Guidelines for Securing the Internet of Things

This ENISA study defines guidelines for securing the supply chain for IoT. ENISA with the input of IoT experts created security guidelines for the whole […]