Cyberveille

CVE-2023-23415 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23415

14/03/2023 22:48:05

Ransomware Group Claims Hack of Amazon's Ring https://www.vice.com/en/article/qjvd9q/ransomware-group-claims-hack-of-amazons-ring

14/03/2023 19:47:22

The group is blackmailing Ring on its site: "There's always an option to let us leak your data," they posted.

Growing cyberattacks on Canada's food system threaten disaster https://financialpost.com/cybersecurity/growing--canada-food-system-threaten-disaster

14/03/2023 14:38:49

Canada's domestic food production system may actually be one of the most glaring cracks in Canada's national defences.
...
Attacking agricultural infrastructure has proven to be an effective part of the Russian playbook so far in its invasion of Ukraine. In June 2022, EU trade counsellor Maud Labat said Moscow has figured out how to wield food as a “geopolitical weapon.”

Prometei botnet improves modules and exhibits new capabilities in recent updates https://blog.talosintelligence.com/prometei-botnet-improves/

13/03/2023 20:51:59

The high-profile botnet, focused on mining cryptocurrency, is back with new Linux versions.

Rogue CyberSecurity Company Employee Tried To Sell Powerful, Stolen iPhone Malware For $50-Million https://josephsteinberg.com/rogue-cybersecurity-company-employee-tried-to-sell-powerful-stolen-iphone-malware-for-50-million/

13/03/2023 20:46:28

An employee of cyberweapon manufacturer, NSO Group, tried to sell advanced malware to unauthorized parties for $50-Million, according to an Israeli indictment unsealed last week against the individual in question. About two years ago, Herzliya-based NSO Group developed a powerful cyberweapon called Pegasus, which operated as malware that exploited three previously unknown vulnerabilities in iPhones […]

GoBruteforcer: Golang-Based Botnet Actively Harvests Web Servers https://unit42.paloaltonetworks.com/gobruteforcer-golang-botnet/

13/03/2023 20:01:14

New Golang-based malware we have dubbed GoBruteforcer targets web servers. Golang is becoming popular with malware programmers due to its versatility.

Czech cybersecurity office labels TikTok a security threat https://www.euractiv.com/section/politics/news/czech-cybersecurity-office-labels-tiktok-a-security-threat/

13/03/2023 12:02:09

The state cybersecurity watchdog issued an official warning and labelled the Chinese application TokTok as a threat, following in the footsteps of the US, the European Commission and Canada.

Ransomware gang posts video of data stolen from Minneapolis schools https://www.bleepingcomputer.com/news/security/ransomware-gang-posts-video-of-data-stolen-from-minneapolis-schools/

12/03/2023 19:01:01

The Medusa ransomware gang is demanding a $1,000,000 ransom from the Minneapolis Public Schools (MPS) district to delete data allegedly stolen in a ransomware attack.

Medusa ransomware gang picks up steam as it targets companies worldwide https://www.bleepingcomputer.com/news/security/medusa-ransomware-gang-picks-up-steam-as-it-targets-companies-worldwide/

12/03/2023 17:53:26

A ransomware operation known as Medusa has begun to pick up steam in 2023, targeting corporate victims worldwide with million-dollar ransom demands.

Who’s Behind the NetWire Remote Access Trojan? https://krebsonsecurity.com/2023/03/whos-behind-the-netwire-remote-access-trojan/

10/03/2023 22:54:28

A Croatian national has been arrested for allegedly operating NetWire, a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords. The arrest coincided with a seizure of…

Telehealth startup Cerebral shared millions of patients' data with advertisers https://techcrunch.com/2023/03/10/cerebral-shared-millions-patient-data-advertisers/

10/03/2023 16:48:12

The startup shared millions of patients' personal information and health data with Google, Facebook, and TikTok.

Netcat Attack Cases Targeting MS-SQL Servers (LOLBins) https://malware.news/t/netcat-attack-cases-targeting-ms-sql-servers-lolbins/67806

10/03/2023 08:48:44

ASEC (AhnLab Security Emergency response Center) has recently discovered the distribution of the Netcat malware targeting poorly managed MS-SQL servers. Netcat is a utility that allows users to send and receive data from…

Israeli Firm Suspected of Illegally Selling Classified Spy Tech https://www.haaretz.com/israel-news/security-aviation/2023-03-08/ty-article/.premium/israel-firm-nfv-systems-illegally-selling-classified-spy-tech/00000186-bceb-d2e9-a7df-bdef014c0000

09/03/2023 22:19:19

Haaretz reveals NFV Systems’ surveillance tools; firm under investigation by secretive Israeli body for skirting arms export controls, in case that may ‘damage national security’

CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks | CISA https://www.cisa.gov/news-events/alerts/2023/02/28/cisa-red-team-shares-key-findings-improve-monitoring-and-hardening-networks

09/03/2023 18:44:03

Today, CISA released a Cybersecurity Advisory, CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks. This advisory describes a red team assessment of a large critical infrastructure organization with a mature cyber posture. CISA is releasing this Cybersecurity Advisory (CSA) detailing the red team’s tactics, techniques, and procedures (TTPs) and key findings to provide network defenders proactive steps to reduce the threat of similar activity from malicious cyber actors.

SCARLETEEL: Operation leveraging Terraform, Kubernetes, and AWS for data theft https://sysdig.com/blog/cloud-breach-terraform-data-theft/

09/03/2023 18:42:29

The Sysdig Threat Research Team recently discovered a sophisticated cloud operation in a customer environment, dubbed SCARLETEEL.

Alerte sur des tentatives de piratage de comptes bancaires en Suisse https://www.letemps.ch/economie/alerte-tentatives-piratage-comptes-bancaires-suisse

09/03/2023 16:41:35

Le Centre national pour la cybersécurité lance un avertissement: les cybercriminels ont accès à des comptes bancaires, malgré des mesures de protection élevées, en incitant les victimes à leur fournir des informations. Raiffeisen est notamment concernée

Gang leaks Lehigh Valley Health Network cancer patient photos as part of data hack https://www.lehighvalleylive.com/business/2023/03/gang-leaks-lehigh-valley-health-network-cancer-patient-photos-as-part-of-data-hack.html

08/03/2023 22:30:34

A ransomware gang has posted photos of Lehigh Valley Health Network cancer patients on the dark web after the health network refused to pay a ransom last month following a cyberattack.

New HiatusRAT router malware covertly spies on victims - Lumen https://blog.lumen.com/new-hiatusrat-router-malware-covertly-spies-on-victims/

08/03/2023 21:38:44

Lumen Black Lotus Labs identified a new campaign involving compromised routers. HiatusRAT allows threat actors to remotely interact with the system.

A Noteworthy Threat: How Cybercriminals are Abusing OneNote https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/a-noteworthy-threat-how-cybercriminals-are-abusing-onenote-part-1/

08/03/2023 21:34:33

Threat actors are taking advantage of Microsoft OneNote's ability to embed files and use social engineering techniques, such as phishing emails and lures inside the OneNote document, to get unsuspecting users to download and open malicious files.

CVE-2023-27532 https://www.veeam.com/kb4424?s=09

08/03/2023 19:14:41

Vulnerability CVE-2023-27532 in a Veeam Backup & Replication component allows an unauthenticated user operating within the backup infrastructure network perimeter to obtain encrypted credentials stored in the configuration database. This may lead to an attacker gaining access to the backup infrastructure hosts.

Liens par page

Filtres