Recherche : [2024] - Cyberveille

After breach of billions of records, National Public Data files for bankruptcy | Cybernews https://cybernews.com/news/national-public-data-breach-social-security-bankruptcy/

12/10/2024 15:15:44

National Public Data, a company responsible for a massive leak of Social Security numbers in the summer, has filed for bankruptcy. That's unsurprising.

U.S., Microsoft seize over 100 websites allegedly used by Russian spies https://www.nbcnews.com/tech/security/us-microsoft-seize-100-websites-allegedly-used-russian-spies-rcna173784

10/10/2024 22:27:09

The FBI and Microsoft have seized more than 100 web domains they say Russian intelligence used for cyber-espionage, according to court documents unsealed Thursday.

Internet Archive hacked, data breach impacts 31 million users https://www.bleepingcomputer.com/news/security/internet-archive-hacked-data-breach-impacts-31-million-users/

10/10/2024 07:55:47

Internet Archive's "The Wayback Machine" has suffered a data breach after a threat actor compromised the website and stole a user authentication database containing 31 million unique records.

News of the breach began circulating Wednesday afternoon after visitors to archive.org began seeing a JavaScript alert created by the hacker, stating that the Internet Archive was breached.

The PrintNightmare is not Over Yet https://itm4n.github.io/printnightmare-not-over/

09/10/2024 20:12:44

Following the publication of my blog post A Practical Guide to PrintNightmare in 2024, a few people brought to my attention that there was a way to bypass the Point and Print (PnP) restrictions recommended at the end. So, rather than just updating this article with a quick note, I decided to dig a little deeper, and see if I could find a better way to protect against the exploitation of PnP configurations.

CVE-2024-31227: Finding a DoS Vulnerability in Redis https://docs.axelmierczuk.io/posts/cve-2024-31227

09/10/2024 20:11:10

A case study on advanced fuzzing techniques for network services.

File hosting services misused for identity phishing https://www.microsoft.com/en-us/security/blog/2024/10/08/file-hosting-services-misused-for-identity-phishing/

09/10/2024 20:10:02

Since mid-April 2024, Microsoft has observed an increase in defense evasion tactics used in campaigns abusing file hosting services like SharePoint, OneDrive, and Dropbox. These campaigns use sophisticated techniques to perform social engineering, evade detection, and compromise identities, and include business email compromise (BEC) attacks.

AI girlfriend site breached, user fantasies stolen https://www.malwarebytes.com/blog/news/2024/10/ai-girlfriend-site-breached-user-fantasies-stolen

09/10/2024 19:59:55

Chatbot companion platform muah.ai was hacked and had its chatbot prompts stolen.

Hackers targeted Android users by exploiting zero-day bug in Qualcomm chips https://techcrunch.com/2024/10/09/hackers-were-targeting-android-users-with-qualcomm-zero-day/

09/10/2024 18:18:48

EXC: Security researchers at Google and Amnesty International discovered hackers exploiting the bug in an active hacking campaign.

From Perfctl to InfoStealer https://isc.sans.edu/diary/From%20Perfctl%20to%20InfoStealer/31334

09/10/2024 16:09:09

From Perfctl to InfoStealer, Author: Xavier Mertens

Zero Day Initiative — The October 2024 Security Update Review https://www.zerodayinitiative.com/blog/2024/10/8/the-october-2024-security-update-review

09/10/2024 14:23:32

It’s the spooky season, and there’s nothing spookier than security patches – at least in my world. Microsoft and Adobe have released their latest patches, and no bones about it, there are some skeletons in those closets. Take a break from your regular activities and join us as we review the details

Ivanti warns of three more CSA zero-days exploited in attacks https://www.bleepingcomputer.com/news/security/ivanti-warns-of-three-more-csa-zero-days-exploited-in-attacks/

08/10/2024 18:24:32

American IT software company Ivanti has released security updates to fix three new Cloud Services Appliance (CSA) zero-days tagged as actively exploited in attacks.

Ukraine Claims Cyberattack Blocked Russian State TV Online on Putin’s Birthday https://www.bloomberg.com/news/articles/2024-10-07/ukraine-claims-cyberattack-blocked-russian-state-tv-online-on-putin-s-birthday?embedded-checkout=true

08/10/2024 06:49:27

Ukrainian hackers carried out a cyberattack that took down online broadcasts of Russian state television and radio channels on Monday, according to an official in Kyiv with knowledge of the operation.
#A #Dmitry #Emerging #Europe #Infrastructure #Markets #Media #Peskov #Putin #Radio #Russia #Ukraine #Vladimir #business #cybersecni #cybersecurity #politics #technology

The 30-year-old internet backdoor law that came back to bite https://techcrunch.com/2024/10/07/the-30-year-old-internet-backdoor-law-that-came-back-to-bite/

08/10/2024 06:49:03

China reportedly hacked the wiretap systems required by U.S. internet providers under a 1994 U.S. wiretapping law.

Mamba 2FA: A new contender in the AiTM phishing ecosystem - Sekoia.io Blog https://blog.sekoia.io/mamba-2fa-a-new-contender-in-the-aitm-phishing-ecosystem/

07/10/2024 16:38:39

Discover Mamba 2FA, a previously unknown adversary-in-the-middle (AiTM) phishing kit and sold as phishing-as-a-service (PhaaS).

New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries https://thehackernews.com/2024/10/new-gorilla-botnet-launches-over-300000.html

07/10/2024 12:52:27

New Gorilla botnet launches over 300,000 DDoS attacks globally, exploiting IoT devices and Apache Hadoop flaws.

Cyber Cops Stopped 500 Ransomware Hacks Since 2021, DHS Says - Bloomberg https://www.bloomberg.com/news/newsletters/2024-10-04/cyber-cops-stopped-500-ransomware-hacks-since-2021-dhs-says

07/10/2024 06:49:20

Homeland Security Investigations is stopping hacks before they occur.

GTA 6 Hacker Arion Kurtaj Became a Legend Attacking Companies. Then His Rivals Attacked Him https://www.wsj.com/tech/cybersecurity/arion-kurtaj-hacker-468e6cad?st=Wp2b7a&reflink=desktopwebshare_permalink

07/10/2024 06:48:58

The City of London Police had put the teenage boy in the suburban Travelodge to protect him. They even set up a code with him and his mom to signal it was safe to open the door: “Lucky lucky.”

Then they grew suspicious.

The teen had a history with the police. It was September 2022, and 17-year-old Arion Kurtaj had been arrested twice earlier that year for his alleged role in a hacking group that stole data and demanded ransoms from some of the world’s biggest tech companies. Kurtaj, who is autistic, was released both times. The second time, that March, he had been let go under the condition that he stay offline.

Alert: Over 700,000 DrayTek Routers Exposed to Hacking via 14 New Vulnerabilities https://thehackernews.com/2024/10/alert-over-700000-draytek-routers.html

06/10/2024 23:34:29

14 new DrayTek router vulnerabilities, including critical flaws, could allow attackers to take control. Patch now

perfctl: A Stealthy Malware Targeting Millions of Linux Servers https://www.aquasec.com/blog/perfctl-a-stealthy-malware-targeting-millions-of-linux-servers/

06/10/2024 23:32:52

Perfctl is particularly elusive and persistent malware employing several sophisticated techniques

Arrests in international operation targeting cybercriminals in West Africa https://www.interpol.int/en/News-and-Events/News/2024/Arrests-in-international-operation-targeting-cybercriminals-in-West-Africa

06/10/2024 23:28:39

Eight individuals have been arrested as part of an ongoing international crackdown on cybercrime, dealing a major blow to criminal operations in Côte d’Ivoire and Nigeria.

The arrests were made as part of INTERPOL’s Operation Contender 2.0, an initiative aimed at combating cyber-enabled crimes, primarily in West Africa, through enhanced international intelligence sharing.

Phishing scam targets Swiss citizens

In Côte d’Ivoire authorities dismantled a large-scale phishing scam, thanks to a collaborative effort with Swiss police and INTERPOL.

Liens par page

Filtres