Skip to main content

IT news and trends

Latest updates and hand-picked resources.

Cyber Threat Intelligence (21)

11.12.2024

Voodoo Bear (APT44 - Part 2)

In summary, it can be said that Voodoo Bear is part of the Russian government's ‘Ministry of Defence’ and is therefore state-sponsored. In addition, many different sectors are targeted by the group.

Read More
06.12.2024

Voodoo Bear (APT44 - Part 1)

In modern cyber warfare, not only independent hacker groups utilize digital arsenals, but states also deploy these means to enforce their interests.

Read More
18.11.2024

Wiper-Ransomware (Part 2)

Wiper is ransomware that pursues destruction as its goal. For example, it deletes the MBR, MFT, overwrites the files or encrypts the files and destroys the decrypt key.

Read More
12.11.2024

Wiper-Ransomware (Part 1)

A wiper is a ransomware whose main function is wiping, i.e. deleting or overwriting data, damaging the MBR (Master Boot Record) or MFT (Mater File Table).

Read More
01.10.2024

Fancy Bear (APT28)

It is becoming increasingly common for various media outlets to draw attention to Threat Actor attacks. Due to the political situation in different countries, it often happens that politically motivated hacker attacks are hinted at in such reports.

Read More
05.08.2024

Cozy Bear (APT29) Constant presences

Alongside Cozy Bear, other groups like APT28 (Fancy Bear), Voodoo Bear, Primitive Bear, and Venomous Bear employ advanced tactics to infiltrate and extract data from their targets.

Read More
23.12.2023

CVE-2023-50164 - RCE Vulnerability Apache Struts2

CVE-2023-50164 is a critical vulnerability discovered in Apache Struts 2. This vulnerability is related to a path traversal flaw that allows a remote attacker to upload malicious files to vulnerable servers, potentially leading to Remote Code Execution (RCE) on the target server.

    Read More
    27.11.2023

    The LinkedIn Security Breach and the Intricacies of Data Scraping

    The 2023 LinkedIn security breach, initially perceived as a significant threat, turned out to be less severe due to the inclusion of many fictitious email addresses. This incident, which involved the extraction of large data sets from LinkedIn, highlights the growing concern around data scraping practices by hackers.

    Read More
    14.09.2023

    CVE-2023-38831 & CVE-2023-40477 - WinRAR Zero-days

    CVE-2023-38831 identifies a file extension spoofing vulnerability in WinRAR, a popular Windows tool for compressing and decompressing files. This flaw allowed clever individuals to create ZIP or RAR files that appeared ordinary but were structured in a way that concealed malicious code.

      Read More
      31.08.2023

      CVE-2023-36741 – Microsoft Edge bug

      This is a vulnerability in Microsoft Edge (Chromium-based) that could allow an attacker to elevate their privileges on the affected system. The vulnerability has been assigned a high severity rating with a CVSS score of 8.3, indicating that it poses a significant risk.

      Read More
      23.08.2023

      Cyber Briefing 08/2023

      We see an increasing demand for information on current CVEs, APTs, malware, etc.. The newsletter will be our way to satisfy this demand and focus on threats, which are relevant to our customers.

      Read More
      21.08.2023

      CVE-2023-35078 - Ivanti zero-day

      The cybersecurity landscape has recently been shaken by a significant vulnerability in Ivanti Endpoint Manager Mobile (EPMM), previously known as MobileIron Core. This authentication bypass vulnerability has had a notable impact, affecting 12 ministries in Norway and illustrating its potential for widespread damage.

        Read More