Recherche : [EN] - Cyberveille

Google Play hides app permissions in favor of developer-written descriptions https://arstechnica.com/gadgets/2022/07/google-plays-new-privacy-section-actually-hides-app-permissions/

17/07/2022 22:11:23

Let's hope nobody lies about what permissions their app uses.

From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud https://www.microsoft.com/security/blog/2022/07/12/from-cookie-theft-to-bec-attackers-use-aitm-phishing-sites-as-entry-point-to-further-financial-fraud/

17/07/2022 21:33:46

A large-scale phishing campaign that attempted to target over 10,000 organizations since September 2021 used adversary-in-the-middle (AiTM) phishing sites to steal passwords, hijack a user’s sign-in session, and skip the authentication process, even if the user had enabled multifactor authentication (MFA).

Ongoing phishing campaign can hack you even when you’re protected with MFA https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/

17/07/2022 21:30:40

Campaign that steals email has targeted at least 10,000 organizations since September.

European Central Bank head targeted in hacking attempt https://apnews.com/article/technology-angela-merkel-european-central-bank-4cd599a7502d9617a401155abf054502

17/07/2022 21:14:04

BERLIN (AP) — The European Central Bank said Tuesday that its president, Christine Lagarde, was targeted in a hacking attempt but no information was compromised. The attempt took place “recently,” the Frankfurt-based central bank for the 19 countries that use the euro said in an emailed response to a query about a report by Business Insider.

ChromeLoader: New Stubborn Malware Campaign https://unit42.paloaltonetworks.com/chromeloader-malware/

17/07/2022 08:47:41

In January 2022, a new browser hijacker/adware campaign named ChromeLoader (also known as Choziosi Loader and ChromeBack) was discovered. Despite using simple malicious advertisements, the malware became widespread, potentially leaking data from thousands of users and organizations.

The Trojan Horse Malware & Password “Cracking” Ecosystem Targeting Industrial Operators https://www.dragos.com/blog/the-trojan-horse-malware-password-cracking-ecosystem-targeting-industrial-operators/

16/07/2022 21:08:50

Learn more about Dragos's discovery of an exploit introduced through password "cracking" software that targets industrial engineers and operators.

Vice Society: a discreet but steady double extortion ransomware group https://blog.sekoia.io/vice-society-a-discreet-but-steady-double-extortion-ransomware-group/

15/07/2022 22:47:27

Vice Society is a little-known double extortion group that exfiltrates its victims' data and threatens its victims to leak their information.

How to Assess an E-voting System https://freedom-to-tinker.com/2022/06/27/how-to-assess-an-e-voting-system/

15/07/2022 22:25:29

If I can shop and bank online, why can’t I vote online? David Jefferson explained in 2011 why internet voting is so difficult to make secure, I summarized again in 2021 why internet voting is still inherently insecure, and many other experts have explained it too. Still, several countries and several U.S. states have offered e-voting to some of their citizens. In many cases they plunge forward without much consideration of whether their e-voting system is really secure, or whether it could be hacked to subvert democracy. It’s not enough just to take the software vendor’s word for it.

The US military wants to understand the most important software on Earth https://www.technologyreview.com/2022/07/14/1055894/us-military-sofware-linux-kernel-open-source/

15/07/2022 22:19:12

Open-source code runs on every computer on the planet—and keeps America’s critical infrastructure going. DARPA is worried about how well it can be trusted

A New Attack Can Unmask Anonymous Users on Any Major Browser https://www.wired.com/story/web-deanonymization-side-channel-attack-njit/

14/07/2022 21:03:17

Researchers have found a way to use the web's basic functions to identify who visits a site—without the user detecting the hack.

Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 - Microsoft Security Blog https://www.microsoft.com/security/blog/2022/07/13/uncovering-a-macos-app-sandbox-escape-vulnerability-a-deep-dive-into-cve-2022-26706/

13/07/2022 21:44:52

Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. We shared these findings with Apple, and fix for this vulnerability, now identified as CVE-2022-26706, was included in the security updates on May 16, 2022.

Europe’s PegasusGate: Countering spyware abuse https://epthinktank.eu/2022/07/07/europes-pegasusgate-countering-spyware-abuse/

13/07/2022 21:13:19

As civil society and media organisations expose EU Member States' use of the Pegasus commercial spyware, one of the most high-profile spying scandals of recent years is coming to light in Europe.

Retbleed – serious vulnerability discovered in microprocessors https://www.ncsc.admin.ch/retbleed-en

12/07/2022 21:32:11

12.07.2022 - Security researchers from the ETH Zürich have discovered a serious security vulnerability in Intel and AMD microprocessors. The vulnerability, called Retbleed, potentially allows an attacker to access any memory area. Initial countermeasures have already been defined. The NCSC has assigned the internationally valid CVE identifiers for the vulnerability of both manufacturers.

Verified Twitter accounts phished via hate speech warnings https://blog.malwarebytes.com/social-engineering/2022/07/verified-twitter-accounts-phished-via-hate-speech-warnings/

12/07/2022 18:55:28

We take a look at reports that verified Twitter accounts are being targeted by scammers with claims of hate speech.

Predatory Sparrow: Who are the hackers who say they started a fire in Iran? https://www.bbc.com/news/technology-62072480

11/07/2022 20:08:45

Experts are asking who is behind Predatory Sparrow, the group which says it started a fire in an Iranian factory.

THREAT ALERT: Raspberry Robin Worm Abuses Windows Installer and QNAP Devices https://www.cybereason.com/blog/threat-alert-raspberry-robin-worm-abuses-windows-installer-and-qnap-devices

11/07/2022 09:53:24

Raspberry Robin involves a worm that spreads over USB devices or shared folders, leveraging compromised QNAP (Network Attached Storage or NAS) devices as stagers and an old but still effective method of using “LNK” shortcut files to lure its victims...

How Conti ransomware group crippled Costa Rica https://www.ft.com/content/9895f997-5941-445c-9572-9cef66d130f5

11/07/2022 07:47:59

Nation struggles in aftermath of president’s refusal to pay to end cyber attack, even as hacking group collapsed

'I can fight with a keyboard': How one Ukrainian IT specialist exposed a notorious Russian ransomware gang https://www.cnn.com/2022/03/30/politics/ukraine-hack-russian-ransomware-gang/index.html

10/07/2022 22:19:55

As Russian artillery began raining down on his homeland last month, one Ukrainian computer researcher decided to fight back the best way he knew how -- by sabotaging one of the most formidable ransomware gangs in Russia.

Hacktivists claiming attack on Iranian steel facilities dump tranche of 'top secret documents https://www.cyberscoop.com/gonjeshke-darande-israel-hackers-iran-steel-hacktivist/

10/07/2022 22:02:04

Incident just the latest iteration of the back and forth between Israeli and Iranianian-aligned hackers.

Google Let Sberbank-Owned RuTarget Harvest User Data for Months https://www.propublica.org/article/google-russia-rutarget-sberbank-sanctions-ukraine

09/07/2022 18:43:48

The internet giant may have provided Sberbank-owned RuTarget with unique mobile phone IDs, IP addresses, location information and details about users’ interests and online activity.

Liens par page

Filtres