Cyberveille

Two privilege escalation flaws affect 40% of Ubuntu workloads in OverlayFS https://www.scmagazine.com/news/two-privilege-escalation-flaws-affect-40-of-ubuntu-workloads-in-overlayfs

28/07/2023 23:28:50

Ubuntu patched the high-severity vulnerabilities on July 24 and recommends that users update their Ubuntu kernels.

Almost 40% of Ubuntu users vulnerable to new privilege elevation flaws https://www.bleepingcomputer.com/news/security/almost-40-percent-of-ubuntu-users-vulnerable-to-new-privilege-elevation-flaws/

26/07/2023 23:40:45

Two Linux vulnerabilities introduced recently into the Ubuntu kernel create the potential for unprivileged local users to gain elevated privileges on a massive number of devices.

Zenbleed https://lock.cmpxchg8b.com/zenbleed.html

26/07/2023 23:10:50

It turns out that with precise scheduling, you can cause some processors to recover from a mispredicted vzeroupper incorrectly!

This technique is CVE-2023-20593 and it works on all Zen 2 class processors, which includes at least the following products

Cryptojacking: Understanding and defending against cloud compute resource abuse https://www.microsoft.com/en-us/security/blog/2023/07/25/cryptojacking-understanding-and-defending-against-cloud-compute-resource-abuse/

26/07/2023 13:19:50

Cloud cryptojacking, a type of cyberattack that uses computing power to mine cryptocurrency, could result in financial loss to targeted organizations due to the compute fees that can be incurred from the abuse.

Apple issues third mobile OS update after zero-click spyware campaign https://cyberscoop.com/apple-os-update-spyware/

26/07/2023 13:18:01

The patch is the latest to address issues associated with what cybersecurity firm Kaspersky called Operation Triangulation.

DDoS threat report for 2023 Q2 https://blog.cloudflare.com/ddos-threat-report-2023-q2/

21/07/2023 15:15:49

Q2 2023 saw an unprecedented escalation in DDoS attack sophistication. Pro-Russian hacktivists REvil, Killnet and Anonymous Sudan joined forces to attack Western sites. Mitel vulnerability exploits surged by a whopping 532%, and attacks on crypto rocketed up by 600%. Read the full story...

Apple slams UK surveillance-bill proposals https://www.bbc.com/news/technology-66256081

21/07/2023 14:45:56

The technology giant says it could remove services such as FaceTime from the UK over potential changes

Threat Actors Add .zip Domains to Their Phishing Arsenals https://www.fortinet.com/blog/industry-trends/threat-actors-add-zip-domains-to-phishing-arsenals

20/07/2023 23:11:25

In the evolving cybersecurity landscape, understanding the phishing threat has become more critical than ever. Read into a new threat resulting from the addition of a new Top-Level Domain (TLD), '.ZIP'.

JumpCloud says 'nation state' gang hit some customers https://www.theregister.com/2023/07/18/jumpcloud_commands_hacking/?s=09

20/07/2023 19:56:43

JumpCloud says a "sophisticated nation-state" attacker broke into its IT systems and targeted some of its customers.

The identity and access management provider, particularly popular with sysadmins wrangling Macs on corporate networks, said it first discovered signs of an intrusion on June 27. The biz at the time determined persons unknown got "unauthorized access to a specific area of our infrastructure" using a "sophisticated spear-phishing campaign" that began five days prior.

CVE-2023-38408: Remote Code Execution in OpenSSH’s forwarded ssh-agent https://blog.qualys.com/vulnerabilities-threat-research/2023/07/19/cve-2023-38408-remote-code-execution-in-opensshs-forwarded-ssh-agent

20/07/2023 11:18:06

The Qualys Threat Research Unit (TRU) has discovered a remote code execution vulnerability in OpenSSH's forwarded ssh-agent. This vulnerability allows a remote…

Typo leaks millions of US military emails to Mali web operator. https://archive.ph/ZbMW0

18/07/2023 21:37:51

Millions of US military emails have been misdirected to Mali through a “typo leak” that has exposed highly sensitive information, including diplomatic documents, tax returns, passwords and the travel details of top officers.

[Security Update] Incident Details https://jumpcloud.com/blog/security-update-incident-details

17/07/2023 06:44:29

As a result, today we are publishing details of activity by a sophisticated nation-state sponsored threat actor that gained unauthorized access to our systems to target a small and specific set of our customers. Prior to sharing this information, we notified and worked with the impacted customers. We have also been working with our incident response (IR) partners and law enforcement on both our investigation and steps designed to make our systems and our customers’ operations even more secure. The attack vector used by the threat actor has been mitigated.

WormGPT - The Generative AI Tool Cybercriminals Are Using to Launch BEC Attacks https://slashnext.com/blog/wormgpt-the-generative-ai-tool-cybercriminals-are-using-to-launch-business-email-compromise-attacks/

16/07/2023 11:57:45

In this blog post, we'll look at the use of generative AI, including OpenAI's ChatGPT, and the cybercrime tool WormGPT, in BEC attacks.

Microsoft takes pains to obscure role in 0-days that caused email breach https://arstechnica.com/security/2023/07/microsoft-takes-pains-to-obscure-role-in-0-days-that-caused-email-breach/

16/07/2023 01:43:21

Critics also decry Microsoft's "pay-to-play" monitoring that detected intrusions.

Inside the subsea cable firm secretly helping American take on China https://www.reuters.com/investigates/special-report/us-china-tech-subcom/

15/07/2023 14:22:51

SubCom is laying deepwater internet cables to boost U.S. economic and military might, including a secret mission to a remote island naval base, Reuters found.

WormGPT: New AI Tool Allows Cybercriminals to Launch Sophisticated Cyber Attacks https://thehackernews.com/2023/07/wormgpt-new-ai-tool-allows.html

15/07/2023 14:11:42

A new generative AI cybercrime tool called WormGPT is making waves in underground forums. It empowers cybercriminals to automate phishing attacks.

WordPress plugin installed on 1 million+ sites logged plaintext passwords https://arstechnica.com/security/2023/07/wordpress-plugin-installed-on-1-million-sites-logged-plaintext-passwords

15/07/2023 14:00:20

AIOS bills itself as an "all-in-one" security solution. A just-fixed bug undermined that.

AVrecon malware infects 70,000 Linux routers to build botnet https://www.bleepingcomputer.com/news/security/avrecon-malware-infects-70-000-linux-routers-to-build-botnet/

15/07/2023 13:59:09

Since at least May 2021, stealthy Linux malware called AVrecon was used to infect over 70,000 Linux-based small office/home office (SOHO) routers and add them to a botnet designed to steal bandwidth and provide a hidden residential proxy service.

BlackLotus UEFI Bootkit Source Code Leaked on GitHub https://www.securityweek.com/blacklotus-uefi-bootkit-source-code-leaked-on-github/?utm_source=substack&utm_medium=email

15/07/2023 13:56:38

The source code for the BlackLotus UEFI bootkit has been shared publicly on GitHub, albeit with several modifications compared to the original malware.

Designed specifically for Windows, the bootkit emerged on hacker forums in October last year, being advertised with APT-level capabilities such as secure boot and user access control (UAC) bypass and the ability to disable security applications and defense mechanisms on victim systems.

Cybercriminalité : sept suspects identifiés pour du « phishing / hameçonnage » https://www.vd.ch/toutes-les-actualites/actualite/news/i-cybercriminalite-sept-suspects-identifies-pour-du-phishing-hameconnage

15/07/2023 13:38:32

Entre avril 2022 et juin 2023, une quarantaine de plaintes relatives à des cas de « phishing / hameçonnage », pour un montant de plus de 170'000…

Liens par page

Filtres