Researchers have disclosed details of a new security vulnerability in GitLab, an open-source DevOps software, that could potentially allow a remote, unauthenticated attacker to recover user-related information.

• Proofpoint has identified a likely nation-state sponsored phishing campaign using a possibly compromised Ukrainian armed service member’s email account to target European government personnel involved in managing the logistics of refugees fleeing Ukraine.
• The email included a malicious macro attachment which attempted to download a Lua-based malware dubbed SunSeed.
• The infection chain used in this campaign bears significant similarities to a historic campaign Proofpoint observed in July 2021, making it likely the same threat actor is behind both clusters of activity.
• Proofpoint is releasing this report in an effort to balance accuracy with responsibility to disclose actionable intelligence during a time of high-tempo conflict.

Dans un exercice d'équilibriste, l'Anssi a demandé aux entreprises de s'interroger sur l'utilisation des solutions de l'éditeur Kaspersky du fait des liens avec la Russie. Elle prône à moyen terme une diversification des outils de sécurité.

Les tensions internationales actuelles causées par l’invasion de l’Ukraine par la Russie s’accompagnent d’effets dans le cyberespace. Si les combats en Ukraine sont principalement conventionnels, l’ANSSI constate l’usage de cyberattaques dans le cadre du conflit. Dans un espace numérique sans frontières, ces cyberattaques peuvent affecter des entités françaises et il convient sans céder à la panique de l’anticiper et de s’y préparer. Aussi, afin de réduire au maximum la probabilité de tels événements et d’en limiter les effets, l’ANSSI partage des bonnes pratiques de sécurité ainsi que des éléments sur la menace et invite l’ensemble des acteurs à s’en saisir. A cette fin, ce bulletin centralise et diffuse les éléments d’intérêt cyber en lien avec le contexte actuel pour favoriser le renforcement du niveau de protection de l’ensemble des entités françaises. Il sera mis à jour régulièrement.

Activity in the digital domain may affect the war in Eastern Europe at the margins, but it will not decide it. That should tell us something about the West’s cyber posture.

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti, an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million…

A spear-phishing campaign likely coordinated by a state-backed threat actor has been targeting European government personnel providing logistics support to Ukrainian refugees.

Toyota Motor Corp said it will suspend domestic factory operations on Tuesday, losing around 13,000 cars of output, after a supplier of plastic parts and electronic components was hit by a suspected cyber attack.

A Ukrainian cyber guerrilla warfare group plans to launch digital sabotage attacks against critical Russian infrastructure such as railways and the electricity grid, to strike back at Moscow over its invasion, a hacker team coordinator told Reuters.

La société confirme des informations indiquant que ses développeurs ont été confrontés à deux jours de pannes.

Meanwhile, the hackers behind the breach are now releasing some of the stolen files on the web.

Actions to Take Today: • Set antivirus and antimalware programs to conduct regular scans. • Enable strong spam filters to prevent phishing emails from reaching end users. • Filter network traffic. • Update software. • Require multifactor authentication. Leading up to Russia’s unprovoked attack against Ukraine, threat actors deployed destructive malware against organizations in Ukraine to destroy computer systems and render them inoperable. 

ESET researchers uncover IsaacWiper, a new wiper that attacks Ukrainian organizations and HermeticWizard, a worm spreading HermeticWiper in local networks.

Dans le cadre d'un programme de l'Union européenne, des experts en cybersécurités de plusieurs États membres vont soutenir l'Ukraine.

A Ukrainian cybersecurity researcher has released a huge batch of data that came from the internal systems of the Conti ransomware gang. The researcher released the

L’Université de Neuchâtel a été touchée par une cyberattaque.

Apple's AirTags, its cheap and cheerful trackers, have proven increasingly dangerous. Unfortunately, there's no easy way of making them safer

FTX’s Sam Bankman-Fried, Chain.com CEO Deepak Thapliyal made significant donations to the humanitarian effort.

A Chinese security firm released a detailed report about what it says is malware created by Equation Group, a hacking group widely believed to be the NSA.

Google will no longer allow Russian state media outlets to run ads, following a similar decision on Saturday by the tech giant's video subsidiary, YouTube.