February 22, 2025

Countermeasures Against DDoS Attacks NISC

Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) took a significant step to bolster global cybersecurity defenses against Distributed Denial-of-Service (DDoS) attacks, particularly those targeting edge devices. Collaborating with international partners, NISC co-published a comprehensive document titled “Mitigation Strategies for Edge Devices,” originally authored by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC).This joint advisory, […]
February 10, 2025

Kazakhstan to audit foreign ministry after suspected Russia-linked cyberattack

The government of Kazakhstan announced a comprehensive audit of its Ministry of Foreign Affairs in response to a significant cybersecurity breach believed to be orchestrated by Russia-linked threat actors. The cyberattack, which reportedly targeted internal communications and sensitive diplomatic data, raised immediate concerns regarding national security and the integrity of Kazakhstan’s foreign policy apparatus.According to official statements released by the […]
February 4, 2025

DeepSeek AI tools impersonated by infostealer malware on PyPI

Cybersecurity researchers identified that threat actors had uploaded multiple packages impersonating legitimate tools developed by DeepSeek, a prominent company known for its advanced artificial intelligence models. The malicious packages were crafted to closely resemble genuine DeepSeek AI utilities, leveraging nearly identical names and descriptions. Unsuspecting developers who installed these packages unknowingly activated a stealthy infostealer malware designed to harvest sensitive […]
February 2, 2025

Casio UK online store hacked to steal customer credit cards

Casio Computer Co., Ltd., a globally recognized manufacturer of electronic products, confirmed that its UK online store was the target of a sophisticated cyberattack aimed at stealing customer payment information. The breach, which specifically affected the e-commerce segment of Casio’s UK operations, raised serious concerns about the security of online retail platforms and the safety of consumer financial data.According to […]
January 26, 2025

Hackers impersonate Ukraine’s CERT to trick people into allowing computer access

Concerning development in the cyber threat landscape, malicious actors have launched a sophisticated social engineering campaign by impersonating Ukraine’s Computer Emergency Response Team (CERT-UA). The attackers are leveraging the trusted reputation of CERT-UA to deceive victims into granting unauthorized access to their computer systems.According to cybersecurity analysts, this campaign began circulating in late December 2024 and gained significant traction in […]
January 22, 2025

Oracle To Address 320 Vulnerabilities in January Patch Update

Oracle Corporation announced a significant security release as part of its scheduled Critical Patch Update (CPU), aimed at addressing 320 newly discovered vulnerabilities across its extensive suite of products. This comprehensive update, in line with Oracle’s quarterly patch cycle, underscores the company’s continued commitment to enhancing the security posture of its enterprise solutions.The January CPU covers a broad spectrum of […]
January 14, 2025

Fortinet Warns of New Zero-Day Used in Attacks on Firewalls with Exposed Interfaces

On January 14, 2025, Fortinet publicly disclosed a critical zero-day vulnerability, CVE-2024-55591, affecting its FortiOS and FortiProxy products. This vulnerability allows unauthenticated remote attackers to gain super-admin access to affected systems by exploiting a flaw in the WebSocket interface of the web management portal. The issue is particularly dangerous for firewalls with exposed management interfaces accessible over the Internet.The vulnerability […]
December 25, 2024

UAC-0099 Using WinRAR Exploit to Target Ukrainian Firms with LONEPAGE Malware

The threat actor identified as UAC-0099 has been associated with ongoing cyberattacks targeting Ukraine, some of which exploit a critical vulnerability in WinRAR to deploy a malware variant known as LONEPAGE. According to cybersecurity firm Deep Instinct, “The threat actor primarily focuses on Ukrainian employees working for foreign companies.” This observation was made in a report published on Thursday. UAC-0099 […]
December 15, 2024

Over 25,000 SonicWall VPN Firewalls exposed to critical flaws

A recent analysis by cybersecurity firm Bishop Fox uncovered that over 25,000 publicly accessible SonicWall SSLVPN devices are vulnerable to critical security flaws, with 20,000 running outdated SonicOS/OSX firmware that is no longer supported by the vendor. The study identified a total of 430,363 publicly exposed SonicWall firewalls, significantly expanding the potential attack surface for cyber threats. Many of these […]
123456789101112131415161718192021222324252627282930313233
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.