AI DevwWrld Chatbot Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Middle East Low Code No Code Summit TimeAI Summit

Cyber ​​incidents

Wave of hack attacks: over 640 compromised Citrix serversThe insidious technique of web shells: this is how hackers compromise Citrix serversThe article discusses the persistence of hacker attacks on Citrix servers, with over 640 servers compromised through the use of web shells. These attacks, predominantly in the Netherlands and Germany, highlight the importance of continually updating cyber defense strategies. Finally, it proposes preventive...

Facebook faces phishing attack: the critical role of the Salesforce flawSecurity countermeasure measure: how Facebook fought back a huge phishing attempt via SalesforceSecurity researchers have identified a phishing attack on Facebook, exploiting a flaw in the Salesforce platform. The attackers changed the email details to look legitimate and bypass Facebook's security filters. Facebook responded promptly, reporting the vulnerability to Salesforce and emphasizing the...

Malfunctions at Israel's largest refinery: grappling with potential cyberattacksCybersecurity and the oil industry: scenarios and reflections on the Bazan Group caseIsrael's largest oil refinery, Bazan Group, has encountered problems with its computer system that have raised suspicions of a possible cyber-attack. The national security agency Shin Bet is investigating the case, despite Bazan Group's assurances that its operations have not been disrupted. The incident...

The Mirai botnet attack on Apache Tomcat serversUnmasking the cyberattack chain: infiltration, execution, and countermeasuresThe article discusses a cyberattack campaign targeted towards poorly protected Apache Tomcat servers, aiming to distribute Mirai botnet malware and cryptocurrency miners. The attack involves the use of a web shell script known as "neww", which gains unauthorized access to make changes on the server....

Zero-day bug: Ivanti's action in fixing MobileIronIvanti's readiness to respond to MobileIron vulnerability: the importance of security updatesMobileIron software, used by many large corporations and government organizations, recently fell victim to a hacker attack due to a "remote code execution" vulnerability. This vulnerability allowed hackers to execute malicious code remotely, compromising system security. Ivanti, the parent company of...

Norwegian government networks affected by DDoS attack: incident analysisNorwegian cyber security under attack: the importance of defense against DDoS threatsThe article discusses a recent DDoS attack on twelve Norwegian government sites that disrupted several key services. The Cyber Security Center of Norway has launched an investigation to identify the perpetrators. The incident underscores the importance of global cybersecurity measures.

Citrix in the crosshairs: IT security on alert for a zero-day attackCritical infrastructure compromise: understanding and addressing the impact of zero-day vulnerability on CitrixNetwork and cloud services provider Citrix has been hit by a very serious zero-day vulnerability. Tens of thousands of Citrix servers have been compromised, putting vast sensitive data and related infrastructure at risk. In response, emergency patches were released and the importance of risk management...

The security of the CoWin portal in the eye of the storm: investigations in progressImplications for the vaccination program following the alleged data breachThe security incident on the CoWin portal, a key tool for India's vaccination programme, is under investigation. Although user data has been exposed, Minister of Information and Technology, Rajeev Chandrasekhar, assures that there is no evidence of data compromise. This matter is being handled by CERT-In,...

PokerStars security breach: over 110,000 user data exposedDetails of the PokerStars hack and advice from IT security expertsPopular online poker site, PokerStars, fell victim to a massive hack that exposed the data of more than 110,000 users, including credentials such as usernames and passwords. IT security experts recommend changing passwords immediately and using two-factor authentication.

Operation intrusion: North Korea targets crypto firmsRevealed how North Korean attackers bypassed JumpCloud securityCyberseason's report revealed a cyber attack on JumpCloud, a digital identity management platform, carried out by hackers linked to North Korea. They exploited the JumpCloud vulnerability to attack cryptocurrency companies, using phishing techniques and a piece of malware called "RokRat". JumpCloud responded...