CyberVish Die nuutste insigte en neigings oor tegnologie en meer Kuber sekuriteit
Artikels Kuber sekuriteit Tegnologie

Kuberkrakers het Microsoft OAuth-toepassings misbruik om korporatiewe e-posrekeninge te skend

Microsoft het Dinsdag aangekondig dat hy stappe gedoen het om valse Microsoft Partner Network (MPN)-rekeninge wat gebruik is om skadelike OAuth-toepassings te bou, te deaktiveer as deel van 'n uitvissingsveldtog wat bedoel is om wolkomgewings van ondernemings te infiltreer en e-pos te steel. Die IT-maatskappy het beweer dat die bedrieglike akteurs “toepassings gebou het wat daarna […]

Lees meer
Artikels Kuber sekuriteit

Microsoft raai gebruikers aan om hul Exchange-bedieners op datum te hou en ook voorsorgmaatreëls te tref

Microsoft raai gebruikers aan om hul Exchange-bedieners op datum te hou, asook om voorsorgmaatreëls te tref, soos die aanskakel van Windows Uitgebreide Beskerming en die opstel van sertifikaat-gebaseerde ondertekening van PowerShell serialisering loonvragte. Die sagtewarereus se Exchange-span het in 'n plasing gesê dat aanvallers wat probeer om onverwerkte Exchange-bedieners te teiken, nie sal stop nie. Die waarde van onverwerkte […]

Lees meer
Artikels Kuber sekuriteit Tegnologie

Britse kuberagentskap waarsku teen Russiese en Iranse hackers wat sleutelbedrywe teiken

Die Britse nasionale kuberveiligheidsentrum (NCSC) het Donderdag 'n waarskuwing uitgereik oor spiesvissery-aanvalle wat deur staatsgesteunde akteurs in Iran en Rusland uitgevoer is. SEABORGIUM (ook bekend as Callisto, COLDRIVER en TA446) en APT42 is deur die agentskap geblameer vir die inbrake (ook bekend as ITG18, TA453 en Yellow Garuda). Ten spyte van die parallelle in die maniere waarop die […]

Lees meer
Artikels Kuber sekuriteit Tegnologie

Meer as 4 500 Worldpress-werwe is gekap om besoekers na sketsagtige advertensiebladsye te herlei

'n Massiewe veldtog het meer as 4 500 WordPress-webwerwe besmet as deel van 'n lopende operasie wat geglo word sedert 2017 aktief te wees. Volgens eienaar van Godadddy, Sucuri behels die infeksies die inspuiting van 'n JavaScript wat op 'n domein genaamd "track[.] aangebied word. violetlovelines[.]com wat ontwerp is om besoekers na sommige ongewenste werwe te herlei. Die nuutste […]

Lees meer
Artikels Kuber sekuriteit Tegnologie

Chinese kuberkrakers gebruik Golang-wanware in Dragon Spark-aanvalle

Organizations in East Asia are targeted by likely Chinese-speaking actor dubbed DragonSpark while employing uncommon tactics to go past security layers. Chinese hackers utilize malware and attacks are characterized by use of open source SparkRAT and malware which attempts to evade detection through a Golang source code interpretation. A striking aspect of the intrusions is […]

Lees meer
Artikels Kuber sekuriteit Tegnologie

Emotet Malware Makes a Comeback with New Evasion Technique

The Emotet malware operation has continued to refine its tactics in a effort to fly under the radar while acting as a conduit for other dangerous malware such as Bumblebee and IcedID. Emotet which is officially reemerged in late 2021 after which a coordinated takedown of its infrastructure by authorities earlier that year which has […]

Lees meer
Artikels Kuber sekuriteit Tegnologie

Apple issues Update for older Devices

Apple has fixes for a recently disclosed critical security flaw that is affecting older devices which is reciting evidence of active exploitation. The issue which is tracked as CVE-2022-42856 and is a type confusion vulnerability in the WebKit browser engine that could result in arbitrary code execution when processing maliciously crafted web content. While it […]

Lees meer
Artikels Kuber sekuriteit Tegnologie

Samsung Galaxy Store App Vulnerable to Sneaky App Install

Two security flaws has disclosed in Samsung’s Galaxy Store app for Android that are exploited by a local attacker to install arbitrary apps to fraudulent landing pages on the web. The issues that tracked as CVE-2023-21433 and CVE-2023-21434, were discovered by NCC Group which is notified to the South Korean chaebol in November and December […]

Lees meer
Kuber sekuriteit Tegnologie

Chinese Hackers Exploited Recent Fortinet Flaw

Suspected China-nexus threat actor exploited a recently patched vulnerability in Fortinet FortiOS SSL-VPN as a zero-day in attacks which are targeting a European government entity and a managed service provider (MSP)that is located in Africa. Telemetry evidence gathered by Google-owned Mandiant indicates that the exploitation is occurred as early as October 2022which is at least […]

Lees meer
Artikels Kuber sekuriteit Tegnologie

Warning for Android Users,New Hook Malware with RAT Capabilities Emerges

The threat actor behind the BlackRock and ERMAC Android banking trojans has uncovered yet another malware for rent called Hook which introduces new capabilities to access files that are stored in the devices and create a remote interactive session. Hook as a novel ERMAC fork which is advertised for sale for $7,000 per month while […]

Lees meer