サイバーヴィッシュ テクノロジーなどに関する最新の洞察とトレンド テクノロジー
サイバーセキュリティ

CDSL services down due to cyber attacks

CDSL services down due to cyber attacks Settlement services at Central Depository Services (India), the country’s largest depository by way of active demat accounts, were affected on Friday due to cyber attacks. Brokers said services such as pay-in, pay-out, pledge, or unpledged securities for margin were down due to system failure at the CDSL. However, trading was not affected, they added. CDSL, in a press release, said it has detected malware in a few of its internal machines. “As a matter of abundant caution, the company immediately isolated the machines and disconnected itself from other constituents of the capital market,” CDSL said. A malware attack is a cyberattack where malicious […]

続きを読む
サイバーセキュリティ

Facebook Recently Became the Number 1 “Surprise Package” Box

Facebook Tool Lets Users Remove Their Email or Phone Number Shared by Others Facebook, the widely used social app , appears to have silently rolled out a tool that allows users to remove their contact information, such as phone numbers and email addresses, uploaded by others. Facebook has Recently gifted a “Surprise package” by rolling out a new tool. The existence of the tool, which is buried inside a Help Center page about “Friending,” was first reported by Business Insider last week. It’s offered as a way for “Non-users” to “exercise their rights under applicable laws”. An Internet Archive search via the Wayback Machine shows that the option has been […]

続きを読む
サイバーセキュリティ

Hackers sending govt officials phishing mails for T-20 World Cup bets, claims cybersecurity firm

Phishing Emails related to T-20 are sent to government officials Cyberattacks are occurring almost everyday. News of cyberattacks are now like morning tea. This time the hackers have been targeting senior government officials with phishing emails related to the ongoing T-20 World Cup in Australia, claiming to know who will win the tournament and tempting them to place bets. Sectrio, the cybersecurity division of Bengaluru-based telecom analytics firm Subex, said in a blog Thursday that it had found at least 20 emails over the past two weeks “.. targeted at senior executives from the government, manufacturing, oil and gas, healthcare, and utility sectors”. Subex rebranded its cybersecurity division Sectrio in […]

続きを読む
サイバーセキュリティ

Researchers Uncover 29 Malicious PyPI Packages Targeted Developers with W4SP Stealer

29 Packages in Python Package Index have been uncovered. Cybersecurity researchers have uncovered 29 packages in Python Package Index (PyPI) which is the official third-party software repository for the Python programming language. The researchers have found out that the Packages aim to infect developers’ machines with a malware called W4SP Stealer. “The main attack seems to have started around October 12, 2022, slowly picking up steam to a concentrated effort around October 22,” software supply chain security company Phylum said in a report published this week. The list of offending packages is as follows: typesutil, typestring, sutiltype, duonet, fatnoob, strinfer, pydprotect, incrivelsim, twyne, pyptext, installpy, faq, colorwin, requests-httpx, colorsama, shaasigma, […]

続きを読む
サイバーセキュリティ

Links between Black Basta Ransomware and FIN7 Hackers have been found by researchers

A new analysis of tools has identified ties between Black Basta Ransomware and the FIN7 (aka Carbanak) group. “This link could suggest either that Black Basta and FIN7 maintain a special relationship or that one or more individuals belong to both groups,” cybersecurity firm SentinelOne said in a technical write-up shared with The Hacker News. Black Basta, which emerged earlier this year, has been attributed to a ransomware spree that has claimed over 90 organizations as of September 2022. This suggests that the adversary is both well-organized and well-resourced. One notable aspect that makes the group unique, is the fact that there have been no signs of its operators attempting […]

続きを読む
サイバーセキュリティ

Unofficial Patch Released for New Actively Exploited Windows MotW Vulnerability

An unofficial patch has been made available for an actively exploited security flaw in Microsoft Windows The newly released patch makes it possible for files signed with malformed signatures to sneak past Mark-of-the-Web (MotW) protections. A week ago,d HP Wolf Security disclosed a Magniber ransomware campaign that targets users with fake security updates which employ a JavaScript file to proliferate the file-encrypting malware. After the disclosure of Magniber was done,the fix was released by 0patch. While files downloaded from the internet in Windows are tagged with a MotW flag to prevent unauthorized actions, it has since been found that corrupt Authenticode signatures can be used to allow the execution of […]

続きを読む
サイバーセキュリティ

Fodcha DDoS Botnet Resurfaces with New Capabilities

The threat actor behind the Fodcha distributed denial-of-service botnet has reemerged with new capabilities. This includes changes to its communication protocol and the ability to extort cryptocurrency payments in exchange for stopping the DDoS attack against a target, Qihoo 360’s Network Security Research Lab said in a report published last week. Earlier this April, Fodcha first came to light, with the malware propagating through known vulnerabilities in Android and IoT devices as well as weak Telnet or SSH passwords.The cybersecurity company said that Fodcha has evolved into a large-scale botnet with over 60,000 active nodes and 40 command-and-control (C2) domains that can “easily generate more than 1 Tbps traffic.” Peak […]

続きを読む
サイバーセキュリティ

High-Severity Flaws in Juniper Junos OS Affect Enterprise Networking Devices

Juniper Junos OS suffered several security flaws, some of which could be exploited to achieve code execution. Chief among them is a remote pre-authenticated PHP archive file deserialization vulnerability (CVE-2022-22241, CVSS score: 8.1) in the J-Web component of Junos OS, according to Octagon Networks researcher Paulos Yibelo. “This vulnerability can be exploited by an unauthenticated remote attacker to get remote phar files deserialized, leading to arbitrary file write, which leads to a remote code execution (RCE),” Yibelo said in a report. Also identified are five other issues, which are listed as follow – CVE-2022-22242 (CVSS score: 6.1) – A pre-authenticated reflected XSS on the error page (“error.php”), allowing a remote […]

続きを読む
未分類

Largest EU copper producer Aurubis suffers cyberattack

Aurubis which is German copper producer suffers cyberattack German copper producer Aurubis ,which is Europe’s largest copper producer and the world’s second largest, has announced that it suffered a cyberattack that forced it to shut down IT systems to prevent the attack’s spread. Aurubis with 6,900 employees worldwide, and produces one million tonnes of copper cathodes yearly. In an announcement published on their website, Aurubis says they shut down various systems at their locations but that it has not impacted production. “The production and environmental protection facilities at the smelter sites are running, and incoming and outgoing goods are also being maintained manually,” comments Aurubis’ announcement. At this time, the […]

続きを読む
記事 ヒントとコツ トレンド

SWIGGY OR ZOMATO? WHICH ONE TO CHOOSE? GOOD FOOD ? GREAT DISCOUNTS ? 50% OR MORE ?

Food delivery apps (Swiggy & Zomato) have made our lives so much easier that these same apps have become a part of our daily go-to-life. Earlier were the days, when you were hungry and craved for something tasty, you needed to go to the restaurant or cook something boring at home but time has changed and days have progressed with the aid of technology. Food delivery apps come in handy in such situations. All you need to do is switch on the app, browse through the menu, and order it and bingo! Your order is ready.   But, if you need to choose between Swiggy and Zomato, which one would […]

続きを読む