International

The 2024 Olympic Games in Paris are coming soon. A recent cybersecurity assessment by Outpost24, a provider of cyber threat exposure management solutions, has raised concerns about the online infrastructure of the games. Outpost24 has identified critical vulnerabilities in the security posture, despite it being considered “mostly secure”. These vulnerabilities …

New information about the Lockbit ransomware gang might be coming soon. The gang’s old dark web leak site was taken down by law enforcement in February, but it has now reappeared, hinting at the release of new information in a few days. Several parts of the site were updated on …

The GAO reviewed NASA’s cybersecurity practices and found that there is a need to update spacecraft acquisition policies and standards. They specifically focused on assessing the cybersecurity requirements in NASA contracts for spacecraft projects. The GAO report reviewed NASA’s spacecraft cybersecurity policies and standards. They looked at three different spacecraft …

Friday (03.05.2024) the ministry of foreign affairs of the Czech republic issued a press release highlighting the cyberattack carried by Russian actor apt28 on Czechia. The press release reads, “Czechia jointly with Germany, the European Union, NATO and international partners strongly condemns activities of the Russian state-controlled actor APT28, who …

CISA released three advisories about Industrial Control Systems (ICS) on April 30, 2024. These advisories give current security information, vulnerabilities, and exploits related to ICS. ICSA-24-121-01 Delta Electronics CNCSoft-G2 DOPSoft:  Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. ICSA-24-016-01 SEW-EURODRIVE MOVITOOLS MotionStudio (Update A): Successful …

Microsoft security experts recently conducted an exploration on how to effectively use Azure Logs to identify and counteract threat actions. Azure’s defense mechanism relies on effectively understanding and using logs to hunt for threats. Microsoft focuses on integrating best practices for log management, analysis, and incident response to stay proactive …

The UK’s NCSC wants smart device manufacturers to follow new law banning default passwords. The law, known as the Product Security and Telecommunications Infrastructure act (or PSTI act), will be effective on April 29, 2024. “From 29 April 2024, manufacturers of consumer ‘smart’ devices must comply with new UK law.” …

DHS with Cybersecurity and Infrastructure Security Agency (CISA) have released safety and security guidelines to address AI risks that affect the safety and security of critical infrastructure systems in the US. The guidelines analyze system-level risks in three main categories. Attacks Using AI: The use of AI to enhance, plan, …

Earlier this week, EPCYBER has identified a large scale network of Chinese botnet as-a-service which consists of various domains, over 20 active telegram groups and other domestic communication channels using Chinese infrastructure. It is evident that the methods and botnet developed and used by the group, successfully bypasses latest DDoS …

The worm was first discovered in a 2023 post by security firm Sophos. It became active in 2019 when a variant of malware called PlugX added a feature to infect USB drives automatically. This allowed the malware to spread to new machines without needing any user interaction. Sekoia, a European …