Recherche : [E*N] - Cyberveille

Public SSH keys can leak your private infrastructure https://rushter.com/blog/public-ssh-keys/

30/01/2024 18:17:40

This article describes a minor security flaw in the SSH authentication protocol that can lead to unexpected private infrastructure disclosure. It also provides a PoC written in Python.

Exclusive: US disabled Chinese hacking network targeting critical infrastructure https://www.reuters.com/world/us/us-disabled-chinese-hacking-network-targeting-critical-infrastructure-sources-2024-01-29/

30/01/2024 14:16:43

The U.S. government in recent months launched an operation to fight a pervasive Chinese hacking operation that successfully compromised thousands of internet-connected devices, according to two Western security officials and one person familiar with the matter.
The Justice Department and Federal Bureau of Investigation sought and received legal authorization to remotely disable aspects of the Chinese hacking campaign, the sources told Reuters.

New Go-based Malware Loader Discovered I Arctic Wolf https://arcticwolf.com/resources/blog/cherryloader-a-new-go-based-loader-discovered-in-recent-intrusions/

29/01/2024 18:47:54

Arctic Wolf Labs has discovered, based on recent intrusion observations, a new Go-based malware loader named CherryLoader

Jenkins Security Advisory 2024-01-24 https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314

29/01/2024 15:10:01

Arbitrary file read vulnerability through the CLI can lead to RCE

How a mistakenly published password exposed Mercedes-Benz source code https://techcrunch.com/2024/01/26/mercedez-benz-token-exposed-source-code-github/?guccounter=1

29/01/2024 07:12:21

Mercedes accidentally exposed a trove of sensitive data after a leaked security key gave “unrestricted access” to company’s source code.

Buzzing on Christmas Eve: Trigona Ransomware in 3 Hours https://thedfirreport.com/2024/01/29/buzzing-on-christmas-eve-trigona-ransomware-in-3-hours/

29/01/2024 06:38:34

Malicious NPM Packages Exfiltrate Hundreds of Developer SSH Keys via GitHub https://thehackernews.com/2024/01/malicious-npm-packages-exfiltrate-1600.html

28/01/2024 16:53:25

Did you download Warbeast2000 or Kodiak2k from npm? If so, your SSH keys might be compromised! These packages steal keys & upload them to GitHub.

Trello API abused to link email addresses to 15 million accounts https://www.bleepingcomputer.com/news/security/trello-api-abused-to-link-email-addresses-to-15-million-accounts/

28/01/2024 16:51:20

An exposed Trello API allows linking private email addresses with Trello accounts, enabling the creation of millions of data profiles containing both public and private information.

NSA is buying Americans’ internet browsing records without a warrant https://techcrunch.com/2024/01/26/national-security-agency-americans-internet-browsing-records-warrantless/

27/01/2024 11:21:28

Spy agency argues the practice is entirely legal — until a US court says otherwise

Researchers Say the Deepfake Biden Robocall Was Likely Made With Tools From AI Startup ElevenLabs https://www.wired.com/story/biden-robocall-deepfake-elevenlabs/

27/01/2024 11:12:05

Two fake-audio experts say that the deepfake robocall of President Biden received by some voters last week was likely created with technology from Silicon Valley’s favorite voice-cloning startup.

Ransomware Cases Increased Greatly in 2023 https://www.sans.org/blog/ransomware-cases-increased-greatly-in-2023/

26/01/2024 17:44:22

As we move further into 2024, we must be cautious (maybe even fearful!) of ransomware cases increasing even more than in previous years. Though governments around the world are taking more interest in the worldwide threat, we can see from the increase of cases that our actions have not been enough to thwart the ransomware threat. As new groups continue to form, former groups continue to evolve into new brands, and the big players continue to ramp up their efforts, we must remain vigilant and focus on our preparation and early detection capabilities.

Russian developer of Trickbot malware sentenced to five years in prison https://therecord.media/trickbot-developer-sentenced-to-prison

26/01/2024 14:20:44

A Russian developer of Trickbot malware has been sentenced to five years and four months in prison, the U.S. Department of Justice said on Thursday.

Midnight Blizzard: Guidance for responders on nation-state attack https://www.microsoft.com/en-us/security/blog/2024/01/25/midnight-blizzard-guidance-for-responders-on-nation-state-attack/

26/01/2024 14:03:29

The Microsoft security team detected a nation-state attack on our corporate systems on January 12, 2024, and immediately activated our response process to investigate, disrupt malicious activity, mitigate the attack, and deny the threat actor further access. The Microsoft Threat Intelligence investigation identified the threat actor as Midnight Blizzard, the Russian state-sponsored actor also known as NOBELIUM.

23andMe data breach: Hackers stole raw genotype data, health reports https://www.bleepingcomputer.com/news/security/23andme-data-breach-hackers-stole-raw-genotype-data-health-reports/

26/01/2024 12:08:23

Genetic testing provider 23andMe confirmed that hackers stole health reports and raw genotype data of customers affected by a credential stuffing attack that went unnoticed for five months, from April 29 to September 27.
#23andMe #Breach #Computer #Credential #DNA #Data #Genetics #Health #InfoSec #Leak #Security #Stuffing

Inside a Global Phone Spy Tool Monitoring Billions https://www.404media.co/inside-global-phone-spy-tool-patternz-nuviad-real-time-bidding/

26/01/2024 09:58:43

A wide-spanning investigation by 404 Media reveals more details about a secretive spy tool that can tracks billions of phone profiles through the advertising industry called Patternz. Google has taken action in response to 404 Media's inquiries.

X is being flooded with graphic Taylor Swift AI images https://www.theverge.com/2024/1/25/24050334/x-twitter-taylor-swift-ai-fake-images-trending

26/01/2024 09:58:13

Fake sexually explicit images of Taylor Swift have been circulating on X over the last day in the latest example of the proliferation of AI-generated pornography.

HPE reveals Russian attackers accessed internal emails https://www.theregister.com/2024/01/25/hpe_russia_email_attack/

25/01/2024 10:06:48

Moscow-backed Cozy Bear may have had access to the green rectangular email cloud for six months

Over 5,300 GitLab servers exposed to zero-click account takeover attacks https://www.bleepingcomputer.com/news/security/over-5-300-gitlab-servers-exposed-to-zero-click-account-takeover-attacks/

24/01/2024 21:55:12

Over 5,300 internet-exposed GitLab instances are vulnerable to CVE-2023-7028, a zero-click account takeover flaw GitLab warned about earlier this month.

AI will make scam emails look genuine, UK cybersecurity agency warns https://www.theguardian.com/technology/2024/jan/24/ai-scam-emails-uk-cybersecurity-agency-phishing

24/01/2024 21:36:36

NCSC says generative AI tools will soon allow amateur cybercriminals to launch sophisticated phishing attacks

SEC says X account hack was due to SIM swapping https://therecord.media/sec-x-account-takeover-sim-swapping

24/01/2024 08:28:40

An “unauthorized party” hijacked the cell phone number of the person running the SEC’s X account before taking over the social media feed and posting messages.

In a statement on Monday, an SEC spokesperson explained that two days after the January 9 account takeover, the government agency spoke to its telecom carrier and discovered that someone “obtained control of the SEC cell phone number associated with the account in an apparent ‘SIM swap’ attack.”

Liens par page

Filtres