Recherche : [EN] - Cyberveille

DDoS threat report for 2023 Q2 https://blog.cloudflare.com/ddos-threat-report-2023-q2/

21/07/2023 15:15:49

Q2 2023 saw an unprecedented escalation in DDoS attack sophistication. Pro-Russian hacktivists REvil, Killnet and Anonymous Sudan joined forces to attack Western sites. Mitel vulnerability exploits surged by a whopping 532%, and attacks on crypto rocketed up by 600%. Read the full story...

Apple slams UK surveillance-bill proposals https://www.bbc.com/news/technology-66256081

21/07/2023 14:45:56

The technology giant says it could remove services such as FaceTime from the UK over potential changes

Threat Actors Add .zip Domains to Their Phishing Arsenals https://www.fortinet.com/blog/industry-trends/threat-actors-add-zip-domains-to-phishing-arsenals

20/07/2023 23:11:25

In the evolving cybersecurity landscape, understanding the phishing threat has become more critical than ever. Read into a new threat resulting from the addition of a new Top-Level Domain (TLD), '.ZIP'.

JumpCloud says 'nation state' gang hit some customers https://www.theregister.com/2023/07/18/jumpcloud_commands_hacking/?s=09

20/07/2023 19:56:43

JumpCloud says a "sophisticated nation-state" attacker broke into its IT systems and targeted some of its customers.

The identity and access management provider, particularly popular with sysadmins wrangling Macs on corporate networks, said it first discovered signs of an intrusion on June 27. The biz at the time determined persons unknown got "unauthorized access to a specific area of our infrastructure" using a "sophisticated spear-phishing campaign" that began five days prior.

CVE-2023-38408: Remote Code Execution in OpenSSH’s forwarded ssh-agent https://blog.qualys.com/vulnerabilities-threat-research/2023/07/19/cve-2023-38408-remote-code-execution-in-opensshs-forwarded-ssh-agent

20/07/2023 11:18:06

The Qualys Threat Research Unit (TRU) has discovered a remote code execution vulnerability in OpenSSH's forwarded ssh-agent. This vulnerability allows a remote…

Typo leaks millions of US military emails to Mali web operator. https://archive.ph/ZbMW0

18/07/2023 21:37:51

Millions of US military emails have been misdirected to Mali through a “typo leak” that has exposed highly sensitive information, including diplomatic documents, tax returns, passwords and the travel details of top officers.

[Security Update] Incident Details https://jumpcloud.com/blog/security-update-incident-details

17/07/2023 06:44:29

As a result, today we are publishing details of activity by a sophisticated nation-state sponsored threat actor that gained unauthorized access to our systems to target a small and specific set of our customers. Prior to sharing this information, we notified and worked with the impacted customers. We have also been working with our incident response (IR) partners and law enforcement on both our investigation and steps designed to make our systems and our customers’ operations even more secure. The attack vector used by the threat actor has been mitigated.

WormGPT - The Generative AI Tool Cybercriminals Are Using to Launch BEC Attacks https://slashnext.com/blog/wormgpt-the-generative-ai-tool-cybercriminals-are-using-to-launch-business-email-compromise-attacks/

16/07/2023 11:57:45

In this blog post, we'll look at the use of generative AI, including OpenAI's ChatGPT, and the cybercrime tool WormGPT, in BEC attacks.

Microsoft takes pains to obscure role in 0-days that caused email breach https://arstechnica.com/security/2023/07/microsoft-takes-pains-to-obscure-role-in-0-days-that-caused-email-breach/

16/07/2023 01:43:21

Critics also decry Microsoft's "pay-to-play" monitoring that detected intrusions.

Inside the subsea cable firm secretly helping American take on China https://www.reuters.com/investigates/special-report/us-china-tech-subcom/

15/07/2023 14:22:51

SubCom is laying deepwater internet cables to boost U.S. economic and military might, including a secret mission to a remote island naval base, Reuters found.

WormGPT: New AI Tool Allows Cybercriminals to Launch Sophisticated Cyber Attacks https://thehackernews.com/2023/07/wormgpt-new-ai-tool-allows.html

15/07/2023 14:11:42

A new generative AI cybercrime tool called WormGPT is making waves in underground forums. It empowers cybercriminals to automate phishing attacks.

WordPress plugin installed on 1 million+ sites logged plaintext passwords https://arstechnica.com/security/2023/07/wordpress-plugin-installed-on-1-million-sites-logged-plaintext-passwords

15/07/2023 14:00:20

AIOS bills itself as an "all-in-one" security solution. A just-fixed bug undermined that.

AVrecon malware infects 70,000 Linux routers to build botnet https://www.bleepingcomputer.com/news/security/avrecon-malware-infects-70-000-linux-routers-to-build-botnet/

15/07/2023 13:59:09

Since at least May 2021, stealthy Linux malware called AVrecon was used to infect over 70,000 Linux-based small office/home office (SOHO) routers and add them to a botnet designed to steal bandwidth and provide a hidden residential proxy service.

BlackLotus UEFI Bootkit Source Code Leaked on GitHub https://www.securityweek.com/blacklotus-uefi-bootkit-source-code-leaked-on-github/?utm_source=substack&utm_medium=email

15/07/2023 13:56:38

The source code for the BlackLotus UEFI bootkit has been shared publicly on GitHub, albeit with several modifications compared to the original malware.

Designed specifically for Windows, the bootkit emerged on hacker forums in October last year, being advertised with APT-level capabilities such as secure boot and user access control (UAC) bypass and the ability to disable security applications and defense mechanisms on victim systems.

Microsoft changes signing key system breached by Chinese hackers to steal US gov’t data https://therecord.media/microsoft-changes-signing-key-system

14/07/2023 23:22:26

Microsoft has announced changes to a system that was exploited by Chinese hackers over the last month that allowed them to access email accounts and spy on the inner workings of two dozen organizations, including government agencies, a lawmaker’s staff and even Commerce Secretary Gina Raimondo.

ShadowVault is the latest Mac data-stealer malware, reportedly https://www.intego.com/mac-security-blog/shadowvault-is-the-latest-mac-data-stealer-malware-reportedly/

14/07/2023 23:03:01

ShadowVault data stealer Mac malware made headlines in the Apple press this week. Here is what we know about it so far.

Uncovering weaknesses in Apple macOS and VMWare vCenter: 12 vulnerabilities in RPC implementation https://blog.talosintelligence.com/weaknesses-mac-os-vmware-msrpc/

14/07/2023 09:47:57

Cisco Talos discovered 12 memory corruption vulnerabilities in MSRPC implementations on Apple macOS and VMWare vCenter.
- Seven vulnerabilities affect Apple macOS only.
- Two vulnerabilities affect VMWare vCenter.
- Three vulnerabilities affect both.

Chinese hackers breached US government email accounts, Microsoft and White House say | CNN Politics https://edition.cnn.com/2023/07/12/politics/china-based-hackers-us-government-email-intl-hnk/index.html

13/07/2023 08:54:31

China-based hackers have breached email accounts at two-dozen organizations, including some United States government agencies, in an apparent spying campaign aimed at acquiring sensitive information, according to statements from Microsoft and the White House late Tuesday.

Chinese hackers breached U.S. and European government email through Microsoft bug https://therecord.media/chinese-hackers-breached-us-and-european-governments

13/07/2023 00:28:56

A Chinese hacking group exploited a bug in Microsoft’s cloud email service to spy on two-dozen organizations, including some government agencies, the tech giant said late Tuesday.

Loader activity for Formbook "QM18" https://isc.sans.edu/diary/rss/30020

13/07/2023 00:17:50

Loader activity for Formbook "QM18", Author: Brad Duncan

Liens par page

Filtres