Recherche : [E*N] - Cyberveille

Binarly REsearch Uncovers Major Vulnerabilities in Supermicro BMCs https://binarly.io/posts/Binarly_REsearch_Uncovers_Major_Vulnerabilities_in_Supermicro_BMCs/index.html

05/10/2023 12:46:23

Behind the screens: An overview of hidden attack surfaces in powerful BMC chip infrastructure.

The evolutionary tale of a persistent Python threat https://checkmarx.com/blog/the-evolutionary-tale-of-a-persistent-python-threat/

05/10/2023 12:41:52

Since early April 2023, an attacker has been relentlessly deploying hundreds of malicious packages through various usernames, accumulating nearly 75,000 downloads. Our team at Checkmarx’s Supply Chain Security has been on this malicious actor’s trail since early April, documenting each step of its evolution. We have been actively observing an attacker who seems to be evermore refining their craft.

Ransomware Negotiation: Dos and Don’ts! https://www.neteye-blog.com/2023/09/ransomware-negotiation-dos-and-donts/

05/10/2023 12:07:19

Double extortion ransomware attacks have reached very high numerical values. One of the key elements, when suffering such an attack, concerns the negotiation that can be initiated (not always!) with the ransomware gang. The analysis, carried out by the SEC4U team, of hundreds of negotiations makes it possible to apply a scientific approach to this

CVE: Zero-Day Privilege Escalation in Confluence Server & Data Center https://www.rapid7.com/blog/post/2023/10/04/etr-cve-2023-22515-zero-day-privilege-escalation-in-confluence-server-and-data-center/

04/10/2023 22:04:13

On 10/4/2023, Atlassian published a security advisory on CVE-2023-22515, a privilege escalation vulnerability affecting Confluence Server & Data Center.

Sony confirms data breach impacting thousands in the U.S. https://www.bleepingcomputer.com/news/security/sony-confirms-data-breach-impacting-thousands-in-the-us/#google_vignette

04/10/2023 16:50:10

Sony Interactive Entertainment (Sony) has notified current and former employees and their family members about a cybersecurity breach that exposed personal information.

CVE-2023-4911: Looney Tunables - Local Privilege Escalation in the glibc’s ld.so https://blog.qualys.com/vulnerabilities-threat-research/2023/10/03/cve-2023-4911-looney-tunables-local-privilege-escalation-in-the-glibcs-ld-so#potential-impact-of-looney-tunables

04/10/2023 09:33:44

The Qualys Threat Research Unit (TRU) has discovered a buffer overflow vulnerability in GNU C Library's dynamic loader's processing of the GLIBC_TUNABLES…

Vulnerable Arm GPU drivers under active exploitation. Patches may not be available | Ars Technica https://arstechnica.com/security/2023/10/vulnerable-arm-gpu-drivers-under-active-exploitation-patches-may-not-be-available/?

03/10/2023 21:39:01

Vulnerability allows attackers to tamper with data stored in device memory.

Qualcomm says hackers exploit 3 zero-days in its GPU, DSP drivers https://www.bleepingcomputer.com/news/security/qualcomm-says-hackers-exploit-3-zero-days-in-its-gpu-dsp-drivers/

03/10/2023 17:31:45

Qualcomm is warning of three zero-day vulnerabilities in its GPU and Compute DSP drivers that hackers are actively exploiting in attacks.

Microsoft Defender Flags Tor Browser as a Trojan and Removes it from the System https://deform.co/microsoft-defender-flags-tor-browser-as-a-trojan-and-removes-it-from-the-system/

02/10/2023 21:00:20

Windows users have recently begun mass-reporting that Microsoft's Defender antivirus program, which is integrated into Windows 10 and 11 by default, is

Critical vulnerabilities in Exim threaten over 250k email servers worldwide | Ars Technica https://arstechnica.com/security/2023/09/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide/

02/10/2023 18:47:43

Remote code execution requiring no authentication fixed. 2 other RCEs remain unpatched.

Routers have been rooted by Chinese spies US and Japan warn https://www.theregister.com/2023/09/27/us_japan_routers/

30/09/2023 00:51:22

BlackTech crew looking to steal sensitive data traffic

NSA chief announces new AI Security Center, 'focal point' for AI use by government, defense industry https://breakingdefense.com/2023/09/nsa-stands-up-ai-security-center-as-focal-point-for-guiding-ai-use-by-government-defense-industry/

30/09/2023 00:15:23

"We must build a robust understanding of AI vulnerabilities, foreign intelligence threats to these AI systems and ways to counter the threat in order to have AI security," Gen. Paul Nakasone said. "We must also ensure that malicious foreign actors can't steal America’s innovative AI capabilities to do so.”

Vulnerability in popular ‘libwebp’ code more widespread than expected https://therecord.media/libwebp-vulnerability-more-widespread-than-expected

28/09/2023 21:11:47

Initial alerts about a bug in the obscure but widely used libwebp library have expanded into concerns that it affects not only web browsers like Chrome, but also many other common pieces of software.

CVE-2023-42793 https://attackerkb.com/topics/1XEEEkGHzt/cve-2023-42793/rapid7-analysis

27/09/2023 19:28:40

CVE-2023-42793 is a critical authentication bypass published on September 19, 2023 that affects on-premises instances of JetBrains TeamCity, a CI/CD server. Th…

New GPU Side-Channel Attack Allows Malicious Websites to Steal Data https://www.securityweek.com/new-gpu-side-channel-attack-allows-malicious-websites-to-steal-data/

27/09/2023 19:25:15

GPUs from AMD, Apple, Arm, Intel, Nvidia and Qualcomm are vulnerable to a new type of side-channel attack named GPU.zip.

GPU.zip https://www.hertzbleed.com/gpu.zip/

27/09/2023 19:23:47

On the Side-Channel Implications of Hardware-Based Graphical Data Compression

Sony Investigating After Hackers Offer to Sell Stolen Data https://www.securityweek.com/sony-investigating-after-hackers-offer-to-sell-stolen-data/

27/09/2023 19:21:17

Sony has launched an investigation after a ransomware group claimed to have compromised all systems and offered to sell stolen data.

Decade of newborn child registry data stolen in MOVEit mass-hack https://techcrunch.com/2023/09/25/decade-of-newborn-child-registry-data-stolen-in-moveit-mass-hack/

26/09/2023 15:09:08

The breach affecting more than 3.4 million people — including newborns and children — is one of the biggest MOVEit-related hacks of the year.

Deux jeunes hackers jugés pour une campagne de mails « cryptoporno » en 2019 https://www.estrepublicain.fr/faits-divers-justice/2023/09/25/deux-jeunes-hackers-juges-pour-une-campagne-de-mails-cryptoporno-en-2019

25/09/2023 16:03:59

Les hackers sont soupçonnés d'avoir activé les caméras de milliers d'ordinateurs à distance grâce à un virus en 2019 et d'avoir menacé les internautes de diffuser des vidéos intimes d'eux s'ils ne payaient pas de rançon.

From ScreenConnect to Hive Ransomware in 61 hours https://thedfirreport.com/2023/09/25/from-screenconnect-to-hive-ransomware-in-61-hours/

25/09/2023 08:51:07

In 2022, The DFIR Report observed an increase in the adversarial usage of Remote Management and Monitoring (RMM) tools. When compared to post-exploitation channels that heavily rely on terminals, such … Read More

Liens par page

Filtres