Recherche : [2023] - Cyberveille

Active Exploitation of Two Zero-Day Vulnerabilities in Ivanti Connect Secure VPN https://www.volexity.com/blog/2024/01/10/active-exploitation-of-two-zero-day-vulnerabilities-in-ivanti-connect-secure-vpn/

11/01/2024 08:45:03

Volexity has uncovered active in-the-wild exploitation of two vulnerabilities allowing unauthenticated remote code execution in Ivanti Connect Secure VPN appliances. An official security advisory and knowledge base article have been released by Ivanti that includes mitigation that should be applied immediately. However, a mitigation does not remedy a past or ongoing compromise. Systems should simultaneously be thoroughly analyzed per details in this post to look for signs of a breach.

Ransomware gang takes credit for Christmas attack on global Lutheran organization https://therecord.media/world-council-churches-lutheran-world-federation-cyberattacks

09/01/2024 09:17:05

The World Council of Churches reported an incident in December, and the Lutheran World Federation said it experienced a related incident. The Rhysida gang claimed it carried out the attack on the federation.

WCC hit by ransomware attack https://oikoumene.org/news/wcc-hit-by-ransomware-attack

09/01/2024 09:16:22

The World Council of Churches (WCC) communications systems have been hacked by a ransomware group.

Compromising Google Accounts: Malwares Exploiting Undocumented OAuth2 Functionality for session hijacking https://www.cloudsek.com/blog/compromising-google-accounts-malwares-exploiting-undocumented-oauth2-functionality-for-session-hijacking

08/01/2024 16:19:25

A detailed blog on Analysis of the Global Malware Trend: Exploiting Undocumented OAuth2 Functionality to Regenerate Google Service Cookies Regardless of IP or Password Reset.

LastPass to enforce a 12-character requirement for master passwords https://www.scmagazine.com/news/lastpass-to-enforce-a-12-character-requirement-for-master-passwords?is=e4f6b16c6de31130985364bb824bcb39ef6b2c4e902e4e553f0ec11bdbefc118

08/01/2024 11:01:45

Security pros say while the 12-character requirement by LastPass is a step in the right direction, teams still need to enforce multi-factor authentication and practice continuous monitoring.

CVE-2023-27532 https://attackerkb.com/topics/ALUsuJioE5/cve-2023-27532/rapid7-analysis

08/01/2024 09:10:00

Veeam Backup & Replication is a data backup and replication solution. On March 7, 2023, Veeam published an advisory, along with patches, for https://nvd.nist.g…

ALPHV Ransomware Claims Cyberattack on US Firm Ultra Intelligence and Communications https://thecyberexpress.com/cyberattack-on-ultra-intelligence-and-communications/

07/01/2024 12:50:41

Russian-speaking BlackCat/ALPHV ransomware group has claimed to have carried out a cyberattack on Ultra Intelligence and Communications, a US-based company

Three New Malicious PyPI Packages Deploy CoinMiner on Linux Devices | FortiGuard Labs https://www.fortinet.com/blog/threat-research/malicious-pypi-packages-deploy-coinminer-on-linux-devices

05/01/2024 18:44:07

FortiGuard Labs cover the attack phases of three new PyPI packages that bear a resemblance to the culturestreak PyPI package discovered earlier this year. Learn more.

Canton de Berne: Suite à une faille de sécurité dans un système informatique: plusieurs personnes prévenues identifiées et perquisitions effectuées https://www.police.be.ch/fr/start/themen/news/medienmitteilungen.html?newsID=099d36b4-274c-49fc-98e5-7da0ea68be86

05/01/2024 10:24:51

Suite à une faille de sécurité, l’été dernier, dans l’application «MobileIron», également utilisée par la Police cantonale bernoise, des données d’utilisatrices et d’utilisateurs avaient manifestement pu être téléchargées et consultées. Une enquête a permis d’identifier plusieurs personnes prévenues. De plus amples investigations sont en cours.

Weak password and infostealer blamed for Orange Spain outage https://www.theregister.com/2024/01/04/orange_spain_outage_breach/

05/01/2024 08:36:11

No 2FA or special characters to prevent database takeover and BGP hijack

The State of Ransomware in the U.S.: Report and Statistics 2023 https://www.emsisoft.com/en/blog/44987/the-state-of-ransomware-in-the-u-s-report-and-statistics-2023/

03/01/2024 18:29:06

The U.S. was bombarded by financially-motivated ransomware attacks throughout 2023. This report looks at the numbers, the costs and the solution.

Cactus RANSOMWARE gang hit the Swedish retail and grocery provider Coop https://securityaffairs.com/156709/cyber-crime/cactus-ransomware-coop-sweden.html

03/01/2024 18:10:24

The Cactus ransomware group claims to have hacked Coop, one of the largest retail and grocery providers in Sweden.

The biggest cybersecurity and cyberattack stories of 2023 https://www.bleepingcomputer.com/news/security/the-biggest-cybersecurity-and-cyberattack-stories-of-2023/

03/01/2024 16:50:12

2023 was a big year for cybersecurity, with significant cyberattacks, data breaches, new threat groups emerging, and, of course, zero-day vulnerabilities.

La ville de Nyon se cherche un SOC https://www.ledecodeur.ch/2024/01/03/la-ville-de-nyon-se-cherche-un-soc/

03/01/2024 14:16:51

Un centre opérationnel de sécurité (SOC) est essentiel pour la surveillance continue des cybermenaces et être en mesure de répondre rapidement à un incident. La ville de Nyon a lancé

Porsche To Kill ICE-Powered Macan In Europe Over Cybersecurity Laws | Carscoops https://www.carscoops.com/2023/12/porsche-to-kill-ice-powered-macan-in-europe-over-cybersecurity-laws/

03/01/2024 14:10:02

Porsche's best-selling model will be discontinued from markets within the European Union in spring of 2024

smith (CVE-2023-32434) https://github.com/felix-pb/kfd/blob/main/writeups/smith.md

03/01/2024 13:50:10

This write-up presents an exploit for a vulnerability in the XNU kernel:

Assigned CVE-2023-32434.
Fixed in iOS 16.5.1 and macOS 13.4.1.
Reachable from the WebContent sandbox and might have been actively exploited.
*Note that this CVE fixed multiple integer overflows, so it is unclear whether or not the integer overflow used in my exploit was also used in-the-wild. Moreover, if it was, it might not have been exploited in the same way.
The exploit has been successfully tested on:
iOS 16.3, 16.3.1, 16.4 and 16.5 (iPhone 14 Pro Max)
macOS 13.1 and 13.4 (MacBook Air M2 2022)
All code snippets shown below are from xnu-8792.81.2.

D-Link D-View 8 Unauthenticated Probe-Core Server Communication https://www.tenable.com/security/research/tra-2023-43

03/01/2024 12:31:36

A security issue exists in D-Link D-View 8 v2.0.2.89 and prior that could allow an attacker to manipulate the probe inventory of the D-View service. This could result in the disclosure of info

Downfall - A Slay the Spire Fan Expansion :: Downfall (Steam Standalone) was Breached. Please read. https://steamcommunity.com/games/1865780/announcements/detail/3865841912968681604

03/01/2024 12:26:57

UPDATE 12/29 - While there is no new alerts regarding the Steam product or risk of downloads, the Discord account remains compromised. I have reports that the account is trying to DM people and either send malware to them impersonating themselves as a developer, or trying to gain sensitive information. Do not engage with this account and absolutely do not click on any links sent.

Hackers Attack UK's Nuclear Waste Services Through LinkedIn https://www.hackread.com/linkedin-hackers-attack-uk-nuclear-waste-services/

02/01/2024 16:06:42

Fortunately for Radioactive Waste Management (RWM), the first-of-its-kind hacker attack on the project was unsuccessful.

Victoria Courts Confront Unprecedented Ransomware Assault on AV Technology Network https://thecyberexpress.com/victoria-court-ransomware-attack/

02/01/2024 15:54:04

Victoria's court system fell victim to a ransomware attack allegedly orchestrated by the Qilin ransomware gang. The Victoria court ransomware

Liens par page

Filtres