February 22, 2025

Countermeasures Against DDoS Attacks NISC

Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) took a significant step to bolster global cybersecurity defenses against Distributed Denial-of-Service (DDoS) attacks, particularly those targeting edge devices. Collaborating with international partners, NISC co-published a comprehensive document titled “Mitigation Strategies for Edge Devices,” originally authored by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC).This joint advisory, […]
February 10, 2025

Kazakhstan to audit foreign ministry after suspected Russia-linked cyberattack

The government of Kazakhstan announced a comprehensive audit of its Ministry of Foreign Affairs in response to a significant cybersecurity breach believed to be orchestrated by Russia-linked threat actors. The cyberattack, which reportedly targeted internal communications and sensitive diplomatic data, raised immediate concerns regarding national security and the integrity of Kazakhstan’s foreign policy apparatus.According to official statements released by the […]
February 4, 2025

DeepSeek AI tools impersonated by infostealer malware on PyPI

Cybersecurity researchers identified that threat actors had uploaded multiple packages impersonating legitimate tools developed by DeepSeek, a prominent company known for its advanced artificial intelligence models. The malicious packages were crafted to closely resemble genuine DeepSeek AI utilities, leveraging nearly identical names and descriptions. Unsuspecting developers who installed these packages unknowingly activated a stealthy infostealer malware designed to harvest sensitive […]
February 2, 2025

Casio UK online store hacked to steal customer credit cards

Casio Computer Co., Ltd., a globally recognized manufacturer of electronic products, confirmed that its UK online store was the target of a sophisticated cyberattack aimed at stealing customer payment information. The breach, which specifically affected the e-commerce segment of Casio’s UK operations, raised serious concerns about the security of online retail platforms and the safety of consumer financial data.According to […]
January 30, 2025

Russian ransomware hackers increasingly posing as tech support on Microsoft Teams

Cybersecurity authorities and major technology firms reported a significant surge in cyberattacks orchestrated by Russian-speaking ransomware groups exploiting Microsoft Teams to impersonate technical support staff. These threat actors have adopted increasingly sophisticated social engineering tactics, targeting employees of organizations through fake support messages delivered via Microsoft Teams, a platform widely used for internal business communication.According to intelligence shared by Microsoft […]
January 26, 2025

Hackers impersonate Ukraine’s CERT to trick people into allowing computer access

Concerning development in the cyber threat landscape, malicious actors have launched a sophisticated social engineering campaign by impersonating Ukraine’s Computer Emergency Response Team (CERT-UA). The attackers are leveraging the trusted reputation of CERT-UA to deceive victims into granting unauthorized access to their computer systems.According to cybersecurity analysts, this campaign began circulating in late December 2024 and gained significant traction in […]
January 14, 2025

Fortinet Warns of New Zero-Day Used in Attacks on Firewalls with Exposed Interfaces

On January 14, 2025, Fortinet publicly disclosed a critical zero-day vulnerability, CVE-2024-55591, affecting its FortiOS and FortiProxy products. This vulnerability allows unauthenticated remote attackers to gain super-admin access to affected systems by exploiting a flaw in the WebSocket interface of the web management portal. The issue is particularly dangerous for firewalls with exposed management interfaces accessible over the Internet.The vulnerability […]
November 20, 2024

Hackers Hijack Unsecured Jupyter Notebooks to Stream Illegal Sports Broadcasts

Cybercriminals are taking advantage of poorly configured JupyterLab and Jupyter Notebooks to engage in stream ripping and facilitate sports piracy using live-streaming capture tools. The attackers gain initial access by hijacking unsecured Jupyter Notebooks and then execute a series of actions aimed at illegally streaming sports events. This hidden piracy operation was uncovered by the cloud security firm after one […]
October 10, 2024

Over 200 malicious apps on Google Play downloaded millions of times

Google Play, the official application marketplace for Android, facilitated the distribution of over 200 malicious applications within a one-year period, collectively accumulating nearly eight million downloads. This data was gathered between June 2023 and April 2024 by threat intelligence researchers at Zscaler, who identified and analyzed various malware families present on both Google Play and other distribution platforms. Earlier in […]
1234567891011121314151617181920212223242526272829303132
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.