Recherche : [EN] - Cyberveille

Apple neglects to patch multiple critical vulnerabilities in macOS https://www.intego.com/mac-security-blog/apple-neglects-to-patch-multiple-critical-vulnerabilities-in-macos/

11/11/2023 10:46:44

Apple is neglecting to patch high-severity vulnerabilities in open-source components of macOS Sonoma, including curl and LibreSSL.

CVE-2023-38548 https://attackerkb.com/topics/UPt5tpYK2Y/cve-2023-38548/rapid7-analysis?

10/11/2023 21:28:37

On November 6, 2023, Veeam published an advisory for several vulnerabilities affecting Veeam ONE, an IT monitoring and analytics platform for enterprises. One …

Detecting “Effluence”, an Unauthenticated Confluence Web Shell https://www.aon.com/cyber-solutions/aon_cyber_labs/detecting-effluence-an-unauthenticated-confluence-web-shell/

10/11/2023 11:09:13

Discovering Effluence, a unique web shell accessible on every page of an infected Confluence

ICBC hit by ransomware impacting global trades https://www.theregister.com/2023/11/10/icbc_ransomware/

10/11/2023 11:06:21

China's largest bank, ICBC, was hit by ransomware that resulted in disruption of financial services (FS) systems on Thursday Beijing time, according to a notice on its website

Dozens of npm Packages Caught Attempting to Deploy Reverse Shell https://blog.phylum.io/dozens-of-npm-packages-caught-attempting-to-deploy-reverse-shell/

10/11/2023 10:17:03

On October 27, Phylum’s automated risk detection platform began alerting us to a series of suspicious publications on npm. Over the course of the following few days, we discovered a campaign involving at least 48 different publications. These packages, deceptively named to appear legitimate, contained obfuscated JavaScript designed to

Nude “before and after” photos stolen from plastic surgeon, posted online, and sent to victims' family and friends https://www.malwarebytes.com/blog/news/2023/11/nude-before-and-after-photos-stolen-from-plastic-surgeon-posted-online-and-sent-to-victims-family-and-friends

10/11/2023 09:49:44

The FBI is investigating a data breach where cybercriminals were able to steal patients’ records from a Las Vegas plastic surgeon's office and then publish them online.

Ransomware attack on ICBC disrupts trades in US Treasury market https://www.ft.com/content/8dd2446b-c8da-4854-9edc-bf841069ccb8?accessToken=zwAGCb1j-RSokdON0kRryNpIVNOe3L-EEGnMuA.MEUCIQDRLc_UDifKPtwbqTFMqwX3Hb6z9tVLueq3FhgXVYoC3gIgZrv-O6AB2phgMz7z7ZLY5C8d1jo-BxUGxfgjjBo9aY0&sharetype=gift&token=f2f2d668-ad13-4f9a-804c-6421469be91e

10/11/2023 09:47:58

Chinese bank says it has contained a hack that affected some fixed income and equities transactions

Cloudflare website downed by DDoS attack claimed by Anonymous Sudan https://www.bleepingcomputer.com/news/technology/cloudflare-website-downed-by-ddos-attack-claimed-by-anonymous-sudan/

10/11/2023 09:30:19

Cloudflare is investigating an ongoing outage causing 'We're sorry

Microsoft Temporarily Blocked Internal Access to ChatGPT, Citing Data Concerns https://www.wsj.com/tech/microsoft-temporarily-blocked-internal-access-to-chatgpt-citing-data-concerns-c1ca475d

10/11/2023 09:28:23

The company later restored access to the chatbot, which is owned by OpenAI.

SysAid On-Prem Software CVE-2023-47246 Vulnerability Disclosure https://profero.io/posts/sysaidonpremvulnerability/

10/11/2023 08:45:17

On Nov 2nd, our security team received reports regarding a potential vulnerability in our on-premise software which was being actively exploited. We immediately initiated our incident response protocol and began proactively communicating with our on-premise customers to ensure they could implement a mitigation solution we had identified. We engaged Profero, a cyber security incident response company, to assist us in our investigation. The investigation determined that there was a zero-day vulnerability in the SysAid on-premises software. We urge all customers with SysAid on-prem server installations to ensure that your SysAid systems are updated to version 23.3.36, which remediates the identified vulnerability, and conduct a comprehensive compromise assessment of your network to look for any indicators further discussed below. Should you identify any indicators, take immediate action and follow your incident response protocols.

Atlassian confirms ransomware is exploiting latest Confluence bug https://therecord.media/atlassian-confirms-ransomware-using-confluence-bug-cerber

09/11/2023 18:39:27

An Atlassian spokesperson said the company had evidence to support what cybersecurity researchers reported over the weekend: A vulnerability affecting the Confluence Data Center and Confluence Server products was being used in cybercrime.

Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology https://www.mandiant.com/resources/blog/sandworm-disrupts-power-ukraine-operational-technology

09/11/2023 18:36:15

This ICS/OT attack represents the latest evolution in Russia's cyber physical attack capability.

Malvertiser copies PC news site to deliver infostealer https://www.malwarebytes.com/blog/threat-intelligence/2023/11/malvertiser-copies-pc-news-site-to-deliver-infostealer

09/11/2023 18:35:14

Users looking to download a popular PC utility may be tricked in this campaign where a threat actor has registered a website that copies content from a PC and Windows news portal.

Android Kitchen Sink: Send BLE spam to iOS, Android and Windows at once using Android app - Mobile Hacker https://www.mobile-hacker.com/2023/11/08/android-kitchen-sink-send-ble-spam-to-ios-android-and-windows-at-once-using-android-app/

09/11/2023 14:52:30

The Kitchen Sink is a name of Bluetooth Low Energy (BLE) attack that sends random advertisement packets that targets iOS, Android, and Windows devices the same time in the vicinity. The attack is called “Kitchen Sink” because it tries to send every possible packet in the list, similar to the phrase “everything but the kitchen

SysAid Zero-Day Vulnerability Exploited by Ransomware Group https://www.securityweek.com/sysaid-zero-day-vulnerability-exploited-by-ransomware-group/

09/11/2023 10:56:04

CVE-2023-47246, a zero-day vulnerability in SysAid IT service management software has been exploited by Cl0p ransomware affiliates.

SysAid On-Prem Software CVE-2023-47246 Vulnerability https://www.sysaid.com/blog/service-desk/on-premise-software-security-vulnerability-notification

09/11/2023 06:44:07

On Nov 2nd, a potential vulnerability in our on-premise software came to our security team’s attention. We immediately initiated our incident response protocol and began proactively communicating with our on-premise customers to ensure they could implement a mitigation solution we had identified. We engaged Profero, a cyber security incident response company, to assist us in our investigation. The investigation determined that there was a zero-day vulnerability in the SysAid on-premises software.

Microsoft offers politicians protection against deepfakes https://www.theverge.com/2023/11/8/23951955/microsoft-elections-generative-ai-content-watermarks

08/11/2023 19:07:07

Microsoft will launch digital watermarking tools to combat deep fakes and offer services to political campaigns for cybersecurity and using AI.

Predator AI | ChatGPT-Powered Infostealer Takes Aim at Cloud Platforms https://www.sentinelone.com/labs/predator-ai-chatgpt-powered-infostealer-takes-aim-at-cloud-platforms/

08/11/2023 19:02:52

An emerging infostealer being sold on Telegram looks to harness generative AI to streamline cyber attacks on cloud services.

Python obfuscation traps https://checkmarx.com/blog/python-obfuscation-traps/

08/11/2023 18:39:45

In the realm of software development, open-source tools and packages play a pivotal role in simplifying tasks and accelerating development processes. Yet, as the community grows, so does the number of bad actors looking to exploit it. A recent example involves developers being targeted by seemingly legitimate Python obfuscation packages that harbor malicious code.

Common Vulnerability Scoring System https://www.first.org/cvss/v4-0/

08/11/2023 12:17:41

CVSS version 4.0 is the next generation of the Common Vulnerability Scoring System standard.

Liens par page

Filtres