News

In this article we describe a basic deobfuscation technique by leveraging a code snippet substitution.

Another year of CERT Polska’s activities is behind us. An absolutely record-breaking year, if we take into account practically all the statistics cited in our previous reports. Behind these numbers is the daily work of experts who care for the safety of Poles online every day. This year’s report is about this work, the key challenges we face and the threats we analyse.

The problem of scammers exploiting social media platforms continues to persist. Meta has yet to fulfill all the recommendations made last year by experts from the CERT Polska team at NASK, which were intended to enhance the safety of Polish social media users.

The Dangerous websites Warning List will soon be five years old. Over this time it stopped millions of attempts to connect to malicious domains and has become our most effective tool in the fight against phishing websites.

The material on social media fraud is visible now in Meta's services, but CERT Polska's position remains unchanged. We need solutions that will increase the security of Polish users.

Fraudsters on social media lure users with fake ads promising easy money from celebrities or insider access to government investment programs. These advertisements lead to harmful websites designed to trick or exploit users.

CERT Polska has recently observed new samples of the “Joker” mobile malware. The applications are present in the Google Play Store and target Polish users, among others.

Protect organizations in your constituency from e-mail spoofing with our tool – mailgoose. In Poland it has already been used by over 25,000 users!

CERT Polska is observing a malicious e-mail campaign targeting Polish government institutions conducted by the APT28 group.

CERT Poland has received a report about three vulnerabilities (CVE-2023-4537, CVE-2023-4538, CVE-2023-4539) found in Comarch ERP XL software.