Cybersecurity Help

12/08/2025

Fortinet addressed a zero-day vulnerability in FortiSIEM. Vulnerability does not require authentication and is being used in limited attacks.

Vulnerable software versions
FortiSIEM: 5.4.0 - 7.3.1

06/08/2024

https://www.cybersecurity-help.cz/blog/4190.html

A North Korea-linked threat actor known as Moonstone Sleet has been detected pushing malicious npm packages to the JavaScript package registry

Moonstone Sleet's attack chains typically involve distributing bogus ZIP archive files through LinkedIn or freelancing websites.

06/08/2024

https://www.cybersecurity-help.cz/blog/4189.html

Singapore authorities have recovered over $40 million defrauded in a business email compromise (BEC) scam

The SPF sought assistance from authorities in Timor Leste via Interpol’s I-GRIP stop-payment mechanism.

06/08/2024

https://www.cybersecurity-help.cz/blog/4188.html

South Korea's intelligence community has released joint cybersecurity advisory to warn about the increasing cyber threats posed by North Korean hacking groups

The attackers employed a combination of supply chain attacks and watering hole attacks.

05/08/2024

https://www.cybersecurity-help.cz/blog/4187.html

A recent investigation has uncovered that software essential to the operation of Britain's nuclear submarines was developed by engineers based in Russia and Belarus

The software, intended to be created by British IT staff with appropriate security clearances, was instead partially outsourced to developers in Russia and Belarus.

05/08/2024

https://www.cybersecurity-help.cz/blog/4186.html

A new cyber espionage campaign by the the China-linked state-sponsored threat actor tracked as APT41 has been observed targeting a Taiwanese government-affiliated research institute with ShadowPad and Cobalt Strike

APT41 developed a loader to inject a PoC for the CVE-2018-0824 directly into memory to achieve local privilege escalation.

05/08/2024

https://www.cybersecurity-help.cz/blog/4185.html

The US and German authorities have seized the domain of online crypto wallet Cryptonator, an unlicensed money service business (MSB) that processed over $235 million in funds obtained through cybercrime

Cryptonator was an unlicensed money service business (MSB) that processed over $235 million in illicit funds.

05/08/2024

https://www.cybersecurity-help.cz/blog/4184.html

The China-linked threat actor StormBamboo, compromised an internet service provider (ISP) to push malicious software updates to target enterprises

The attacker was was altering DNS query responses for specific domains associated with automatic software update mechanisms.

01/08/2024

https://www.cybersecurity-help.cz/blog/4182.html

In brief: ‘Sitting Ducks’ domain hijacking attack puts at risk over a million domains, the UK shuts down Russian Coms fraud platform, and more

In brief: ‘Sitting Ducks’ domain hijacking attack puts at risk over a million domains, the UK shuts down Russian Coms fraud platform, and more.

31/07/2024

https://www.cybersecurity-help.cz/blog/4181.html

A Chinese nation-state threat actor has been observed leveraging the LODEINFO and NOOPDOOR malware families to steal sensitive information from Japanese organizations

Cuckoo Spear remained undetected within victim networks for an extended period, often between two and three years.