pavel-nosok
pavel-nosok
NOSOK.UA
286K posts
Web & Mobile Development
Don't wanna be here? Send us removal request.
pavel-nosok · 8 months ago
Text
Northrop aims to double GMLRS rocket-motor output
Multiyear effort will help Pentagon rebuild stockpiles.
0 notes
pavel-nosok · 8 months ago
Text
Russian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT Variant
The Russian threat actor known as RomCom has been linked to a new wave of cyber attacks aimed at Ukrainian government agencies and unknown Polish entities since at least late 2023. The intrusions are characterized by the use of a variant of the RomCom RAT dubbed SingleCamper (aka SnipBot or RomCom 5.0), said Cisco Talos, which is monitoring the activity cluster under the moniker UAT-5647. “This
0 notes
pavel-nosok · 8 months ago
Text
The D Brief: B-2s bomb Houthis; A general’s China alarm; Army’s Ukraine trips; Raytheon fined nearly $1B; And a bit more.
0 notes
pavel-nosok · 8 months ago
Text
Researchers Uncover Cicada3301 Ransomware Operations and Its Affiliate Program
Cybersecurity researchers have gleaned additional insights into a nascent ransomware-as-a-service (RaaS) called Cicada3301 after successfully gaining access to the group’s affiliate panel on the dark web. Singapore-headquartered Group-IB said it contacted the threat actor behind the Cicada3301 persona on the RAMP cybercrime forum via the Tox messaging service after the latter put out an
0 notes
pavel-nosok · 8 months ago
Text
SideWinder APT Strikes Middle East and Africa With Stealthy Multi-Stage Attack
An advanced persistent threat (APT) actor with suspected ties to India has sprung forth with a flurry of attacks against high-profile entities and strategic infrastructures in the Middle East and Africa. The activity has been attributed to a group tracked as SideWinder, which is also known as APT-C-17, Baby Elephant, Hardcore Nationalist, Leafperforator, Rattlesnake, Razor Tiger, and T-APT-04. “
0 notes
pavel-nosok · 8 months ago
Text
5 Ways to Reduce SaaS Security Risks
As technology adoption has shifted to be employee-led, just in time, and from any location or device, IT and security teams have found themselves contending with an ever-sprawling SaaS attack surface, much of which is often unknown or unmanaged. This greatly increases the risk of identity-based threats, and according to a recent report from CrowdStrike, 80% of breaches today use compromised
0 notes
pavel-nosok · 8 months ago
Text
U.S. Charges Two Sudanese Brothers for Record 35,000 DDoS Attacks
Federal prosecutors in the U.S. have charged two Sudanese brothers with running a distributed denial-of-service (DDoS) botnet for hire that conducted a record 35,000 DDoS attacks in a single year, including those that targeted Microsoft’s services in June 2023. The attacks, which were facilitated by Anonymous Sudan’s “powerful DDoS tool,” singled out critical infrastructure, corporate networks,
0 notes
pavel-nosok · 8 months ago
Text
VMware HCX Platform Vulnerable to SQL Injection Attacks
VMware released an advisory (VMSA-2024-0021) addressing a critical vulnerability in its HCX platform. The vulnerability, CVE-2024-38814, is an authenticated SQL injection flaw that poses a significant security risk. With a CVSSv3 base score of 8.8, this issue is classified as having “Important” severity. The vulnerability allows malicious authenticated users with non-administrator privileges to…
0 notes
pavel-nosok · 8 months ago
Text
Authorities Indicted Two Anonymous Sudan Hackers Over Cyberattacks
A federal grand jury has indicted two Sudanese nationals, Ahmed Salah Yousif Omer, 22, and Alaa Salah Yusuuf Omer, 27. The pair are accused of operating Anonymous Sudan, a notorious cybercriminal group responsible for tens of thousands of Distributed Denial of Service (DDoS) attacks targeting critical infrastructure and government agencies globally. Unveiling the Cybercriminal Network […] The…
0 notes
pavel-nosok · 8 months ago
Text
Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk
A critical security flaw has been disclosed in the Kubernetes Image Builder that, if successfully exploited, could be abused to gain root access under certain circumstances. The vulnerability, tracked as CVE-2024-9486 (CVSS score: 9.8), has been addressed in version 0.1.38. The project maintainers acknowledged Nicolai Rybnikar for discovering and reporting the vulnerability. “A security issue
0 notes
pavel-nosok · 8 months ago
Text
Organization Hacked Following Accidental Hiring of North Korean Remote IT Worker
A company has fallen victim to a cyberattack after unknowingly hiring a North Korean cybercriminal as a remote IT worker. The unidentified firm, based in the UK, US, or Australia, discovered the breach after the hacker downloaded sensitive data and issued a ransom demand. The incident highlights the growing threat of North Korean operatives infiltrating […] The post Organization Hacked Following…
0 notes
pavel-nosok · 8 months ago
Text
Regional war in Asia would be a 'global problem' for the US, Pacific Army chief warns
The Army’s transformation in the Pacific is the “game changer” against China, says Gen. Charles Flynn.
0 notes
pavel-nosok · 8 months ago
Text
Bell presses on with FLRAA as Army cools on large programs
Service officials are banking on the future rotorcraft for a new air assault concept.
0 notes
pavel-nosok · 8 months ago
Text
Europe-based units are learning from Ukraine, officers say
A small group of soldiers regularly travels to Kyiv to collect observations, said one general.
0 notes
pavel-nosok · 8 months ago
Text
RTX will pay almost $1B for defrauding DOD, alleged bribes to Qatari officials
That’s on top of the $200 million levied in August for illegal exports to China and elsewhere.
0 notes
pavel-nosok · 8 months ago
Text
CISA Releases ICS Advisories to Mitigate Cyber Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) released two critical Industrial Control Systems (ICS) advisories on October 15, 2024. These advisories provide essential information about current security issues, vulnerabilities, and potential exploits affecting ICS. The advisories focus on vulnerabilities in Siemens Siveillance Video Cameras and Schneider Electric Data Center Expert…
0 notes
pavel-nosok · 8 months ago
Text
Chrome Security Update, 17 Vulnerabilities Patched
Google has announced a significant security update for its Chrome browser, addressing 17 vulnerabilities in the latest build. The update, which affects the Stable and Extended Stable channels, will roll out over the coming days and weeks for Windows, Mac, and Linux users. Update Details The Stable channel has been updated to versions 130.0.6723.58/.59 for […] The post Chrome Security Update, 17…
0 notes