Recherche : [EN] - Cyberveille

New Apple Zero-Days Exploited to Target Egyptian ex-MP with Predator Spyware https://thehackernews.com/2023/09/latest-apple-zero-days-used-to-hack.html

23/09/2023 10:30:59

The three zero-day flaws addressed by Apple on September 21, 2023, were leveraged as part of an iPhone exploit chain in an attempt to deliver a spyware strain called Predator targeting former Egyptian member of parliament Ahmed Eltantawy between May and September 2023.

"The targeting took place after Eltantawy publicly stated his plans to run for President in the 2024 Egyptian elections," the Citizen Lab said, attributing the attack with high confidence to the Egyptian government owing to it being a known customer of the commercial spying tool.

Apple emergency updates fix 3 new zero-days exploited in attacks https://www.bleepingcomputer.com/news/apple/apple-emergency-updates-fix-3-new-zero-days-exploited-in-attacks/

22/09/2023 00:05:09

Apple released emergency security updates to patch three new zero-day vulnerabilities exploited in attacks targeting iPhone and Mac users, for a total of 16 zero-days patched this year.

International Criminal Court hit with a cyber attack https://securityaffairs.com/151115/hacking/international-criminal-court-cyber-attack.html

21/09/2023 09:18:14

A cyberattack hit the International Criminal Court (ICC) disclosed a cyberattack this week, its systems were compromised last week.

US-Canada water commission confirms 'cybersecurity incident" https://www.theregister.com/2023/09/15/ijc_noescape_ransomware/

20/09/2023 16:42:07

NoEscape promises 'colossal wave of problems' if IJC doesn't pay up

The International Joint Commission, a body that manages water rights along the US-Canada border, has confirmed its IT security was targeted, after a ransomware gang claimed it stole 80GB of data from the organization.

[CVE-2023-42752] integer overflow in Linux kernel leading to exploitable memory access https://seclists.org/oss-sec/2023/q3/192

19/09/2023 21:02:46

I recently found an integer overflow in the Linux kernel, which leads
to the kernel allocating skb_shared_info in the userspace, which is
exploitable in systems without SMAP protection since skb_shared_info
contains references to function pointers.

Fake CVE-2023-40477 Proof of Concept Leads to VenomRAT https://unit42.paloaltonetworks.com/fake-cve-2023-40477-poc-hides-venomrat/

19/09/2023 20:59:11

A phony proof-of-concept (PoC) code for CVE-2023-40477 delivered a payload of VenomRAT. We detail our findings, including an analysis of the malicious code.

38TB of data accidentally exposed by Microsoft AI researchers | Wiz Blog https://www.wiz.io/blog/38-terabytes-of-private-data-accidentally-exposed-by-microsoft-ai-researchers

19/09/2023 16:30:43

Wiz Research found a data exposure incident on Microsoft’s AI GitHub repository, including over 30,000 internal Microsoft Teams messages – all caused by one misconfigured SAS token

Leaked Microsoft documents hint at new Doom and Dishonored games https://www.engadget.com/leaked-microsoft-documents-hint-at-new-doom-and-dishonored-games-122130396.html

19/09/2023 16:07:13

Bethesda's roadmap for the fiscal years starting in 2020 and ending in 2024 has made its way online as part of the documents leaked from the FTC v. Microsoft case.

Microsoft AI Employee Accidentally Leaks 38TB of Data https://www.pcmag.com/news/microsoft-ai-employee-accidentally-leaks-38tb-of-data

18/09/2023 20:01:03

A software repository on GitHub dedicated to supplying open-source code and AI models for image recognition was left open to manipulation by bad actors thanks to an insecure URL.

New Python NodeStealer Goes Beyond Facebook Credentials, Now Stealing All Browser Cookies and Login Credentials https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

18/09/2023 11:48:47

Netskope Threat Labs is tracking a campaign that uses malicious Python scripts to steal Facebook users’ credentials and browser data. This campaign targets Facebook business accounts with bogus Facebook messages with a malicious file attached. The attacks are reaching victims mainly in Southern Europe and North America across different segments, led by the manufacturing services and technology sectors.

BlackCat ransomware hits Azure Storage with Sphynx encryptor https://www.bleepingcomputer.com/news/security/blackcat-ransomware-hits-azure-storage-with-sphynx-encryptor/

17/09/2023 15:32:31

The BlackCat (ALPHV) ransomware gang now uses stolen Microsoft accounts and the recently spotted Sphynx encryptor to encrypt targets' Azure cloud storage.

Ransomware flingers hit Manchester cops in the supply chain • The Register https://www.theregister.com/2023/09/15/greater_manchester_police_breach_demonstrates/

17/09/2023 15:27:24

The UK's Greater Manchester Police (GMP) has admitted that crooks have got their mitts on some of its data after a third-party supplier responsible for ID badges was attacked.

According to the Manchester Evening News the stolen data included the names and pictures of police officers held by the supplier for use on thousands of ID badges.

TikTok fined €345M by Irish DPC for violating children’s privacy https://securityaffairs.com/150918/breaking-news/tiktok-fined-e345m-irish-dpc.html

17/09/2023 11:29:10

The Irish Data Protection Commission (DPC) fined TikTok €345 million ($368 million) for violating the privacy of children.

When MFA isn't actually MFA https://retool.com/blog/mfa-isnt-mfa/

16/09/2023 12:22:57

Due to a recent Google change, MFA isn't truly MFA.

How Google Authenticator made one company’s network breach much, much worse https://arstechnica.com/security/2023/09/how-google-authenticator-gave-attackers-one-companys-keys-to-the-kingdom

16/09/2023 12:21:15

Google's app for generating MFA codes syncs to user accounts by default. Who knew?

Can't Be Contained: Finding a Command Injection Vulnerability in Kubernetes https://www.akamai.com/blog/security-research/kubernetes-critical-vulnerability-command-injection

15/09/2023 16:34:42

Akamai researchers discover a critical vulnerability in Kubernetes that can lead to remote code execution.

Update Adobe Acrobat and Reader to Patch Actively Exploited Vulnerability https://thehackernews.com/2023/09/update-adobe-acrobat-and-reader-to.html

14/09/2023 22:37:37

Adobe's September 2023 update addresses a new zero-day vulnerability (CVE-2023-26369) in Acrobat and Reader that attackers are exploiting in the wild.

macOS MetaStealer | New Family of Obfuscated Go Infostealers Spread in Targeted Attacks https://www.sentinelone.com/blog/macos-metastealer-new-family-of-obfuscated-go-infostealers-spread-in-targeted-attacks/

14/09/2023 14:48:30

The rise of macOS infostealers continues with the latest entrant aiming to compromise business environments with targeted social engineering lures.

CVE-2023-38146: Arbitrary Code Execution via Windows Themes https://exploits.forsale/themebleed/

14/09/2023 12:31:15

This is a fun bug I found while poking around at weird Windows file formats. It's a kind of classic Windows style vulnerability featuring broken signing, sketchy DLL loads, file races, cab files, and Mark-of-the-Web silliness. It was also my first experience submitting to the MSRC Windows bug bounty since leaving Microsoft in April of 2022.

Trojanized Free Download Manager found to contain a Linux backdoor https://securelist.com/backdoored-free-download-manager-linux-malware/110465/

14/09/2023 12:20:50

Kaspersky researchers analyzed a Linux backdoor disguised as Free Download Manager software that remained under the radar for at least three years.

Liens par page

Filtres