Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 28 / 76
1513 résultats taggé 2024  ✕
Unveiling sedexp: A Stealthy Linux Malware Exploiting udev Rules https://www.aon.com/en/insights/cyber-labs/unveiling-sedexp
25/08/2024 19:50:44
QRCode
archive.org
thumbnail

Stroz Friedberg identified a stealthy malware, dubbed “sedexp,” utilizing Linux udev rules to achieve persistence and evade detection. This advanced threat, active since 2022, hides in plain sight while providing attackers with reverse shell capabilities and advanced concealment tactics.

aon EN 2024 sedexp Linux Malware udev Rules
Cyberattaque contre Swisscom:  L'attaque DDos repoussée https://www.bluewin.ch/fr/infos/economie/cyberattaque-contre-swisscom-services-de-paiement-en-panne-2337458.html
24/08/2024 23:27:17
QRCode
archive.org
thumbnail

Swisscom a été visé vendredi vers 11h30 par une cyberattaque qui a paralysé les services de paiement comme Twint. L'attaque DDos a été repoussée vers 16h00. Les experts continuaient toutefois à observer attentivement l'évolution de la situation.

bluewin FR CH 2024 Swisscom DDoS twint paralysé paiement
Microsoft Copilot Studio Vulnerability Led to Information Disclosure https://www.securityweek.com/microsoft-copilot-studio-vulnerability-led-to-information-disclosure/
24/08/2024 12:38:26
QRCode
archive.org

A vulnerability in Microsoft Copilot Studio could be exploited to access sensitive information on the internal infrastructure used by the service, Tenable reports.

The flaw, tracked as CVE-2024-38206 (CVSS score of 8.5) and described as a ‘critical’ information disclosure bug, has been fully mitigated, Microsoft said in an August 6 advisory.

securityweek EN 2024 Microsoft Copilot Studio Vulnerability information disclosure bug CVE-2024-38206
MIFARE Classic: exposing the static encrypted nonce variant... and a few hardware backdoors https://blog.quarkslab.com/mifare-classic-static-encrypted-nonce-and-backdoors.html
24/08/2024 12:34:14
QRCode
archive.org

We studied the most secure static encrypted nonce variant of "MIFARE Classic compatible" cards -- meant to resist all known card-only attacks -- and developed new attacks defeating it, uncovering a hardware backdoor in the process. And that's only the beginning...

quarkslab NFC RFID Proxmark3 MIFARE cryptography backdoor 2024 FM11RF08S Fudan Microelectronics
Major Backdoor in Millions of RFID Cards Allows Instant Cloning https://www.securityweek.com/major-backdoor-in-millions-of-rfid-cards-allows-instant-cloning/
24/08/2024 12:31:41
QRCode
archive.org

French security services firm Quarkslab has made an eye-popping discovery: a significant backdoor in millions of contactless cards made by Shanghai Fudan Microelectronics Group, a leading chip manufacturer in China.

securityweek EN 2024 RFID cards cloned Quarkslab backdoor Shanghai Fudan Microelectronics Group,
Finding Malware: Unveiling NUMOZYLOD with Google Security Operations https://www.googlecloudcommunity.com/gc/Community-Blog/Finding-Malware-Unveiling-NUMOZYLOD-with-Google-Security/ba-p/789551
24/08/2024 12:24:14
QRCode
archive.org

Welcome to the Finding Malware Series The "Finding Malware," blog series is authored to empower the Google Security Operations community to

googlecloudcommunity EN 2024 NUMOZYLOD analysis malvertising
TodoSwift Disguises Malware Download Behind Bitcoin PDF https://www.kandji.io/blog/todoswift-disguises-malware-download-behind-bitcoin-pdf
24/08/2024 12:18:51
QRCode
archive.org
thumbnail

A new piece of malware that we're calling TodoSwift downloads its malicious payload alongside a seemingly legitimate piece of content about cryptocurrency.

kandji EN 2024 TodoSwift Malware Bitcoin PDF
Cthulhu Stealer malware aimed to take macOS user data https://appleinsider.com/articles/24/08/23/evolved-and-more-powerful-macos-malware-strain-sold-cheaply-to-criminals
24/08/2024 12:17:33
QRCode
archive.org
thumbnail

Researchers have discovered another data-seizing macOS malware, with "Cthulhu Stealer" sold to online criminals for just $500 a month.

appleinsider EN 2024 Cthulhu-Stealer MaaS macos
From the Depths: Analyzing the Cthulhu Stealer Malware for macOS https://www.cadosecurity.com/blog/from-the-depths-analyzing-the-cthulhu-stealer-malware-for-macos
24/08/2024 12:13:11
QRCode
archive.org
thumbnail

Cado Security has identified a malware-as-a-service (MaaS) targeting macOS users named “Cthulhu Stealer”.

cadosecurity EN 2024 Cthulhu-Stealer macos analysis MaaS malware-as-a-service
FIN7: The Truth Doesn't Need to be so STARK https://www.team-cymru.com/post/fin7-the-truth-doesn-t-need-to-be-so-stark
24/08/2024 12:11:38
QRCode
archive.org
thumbnail

First and foremost, our thanks go to the threat research team at Silent Push and the security team at Stark Industries Solutions (referred to as “Stark” from this point forwards) for their enthusiastic cooperation in the ‘behind the scenes’ efforts of this blog post.IntroductionIn our opening statement, we also introduce the subject of this post: the cross-team and cross-organization collaborative efforts of Silent Push, Stark, and Team Cymru in taking action against a common and well-known adve

team-cymru EN 2024 FIN7 Stark-Industries-Solutions STARK PostLtd SmartApe investigation
Unmasking Styx Stealer: How a Hacker's Slip Led to an Intelligence Treasure Trove - Check Point Research https://research.checkpoint.com/2024/unmasking-styx-stealer-how-a-hackers-slip-led-to-an-intelligence-treasure-trove/
24/08/2024 12:05:52
QRCode
archive.org
thumbnail
  • Check Point Research (CPR) recently uncovered Styx Stealer, a new malware capable of stealing browser data, instant messenger sessions from Telegram and Discord, and cryptocurrency. Even though it only recently appeared, it has already been noticed in attacks, including those targeting our customers.
  • The developer of Styx Stealer was found to be linked to one of Agent Tesla threat actors, Fucosreal, who was involved in a spam campaign also targeting our customers.
  • During the debugging of Styx Stealer, the developer made a fatal error and leaked data from his computer, which allowed CPR to obtain a large amount of intelligence, including the number of clients, profit information, nicknames, phone numbers, and email addresses, as well as similar data about the actor behind the Agent Tesla campaign.
checkpoint 2024 investigation OPSEC-fail StyxStealer Telegram
Qilin ransomware caught stealing credentials stored in Google Chrome https://news.sophos.com/en-us/2024/08/22/qilin-ransomware-caught-stealing-credentials-stored-in-google-chrome/
23/08/2024 10:31:13
QRCode
archive.org
thumbnail

Familiar ransomware develops an appetite for passwords to third-party sites

sophos EN 2024 ransomware Qilin Chrome passwords
Touché par un ransomware, Schlatter Industries a relancé ses systèmes (update) | ICTjournal https://www.ictjournal.ch/news/2024-08-21/touche-par-un-ransomware-schlatter-industries-a-relance-ses-systemes-update
23/08/2024 10:27:32
QRCode
archive.org
thumbnail

Le réseau informatique de l'entreprise suisse de fabrication de machines Schlatter a été attaqué via un logici

ictjournal FR CH 2024 Suisse Schlatter ransomware
NGate Android malware relays NFC traffic to steal cash https://www.welivesecurity.com/en/eset-research/ngate-android-malware-relays-nfc-traffic-to-steal-cash/
23/08/2024 10:25:56
QRCode
archive.org
thumbnail

ESET Research uncovers Android malware that relays NFC data from victims’ payment cards, via victims’ mobile phones, to the device of a perpetrator waiting at an ATM.

ESET welivesecurity EN 2024 Android malware NFC ATM
No one’s ready for this https://www.theverge.com/2024/8/22/24225972/ai-photo-era-what-is-reality-google-pixel-9
23/08/2024 09:34:53
QRCode
archive.org
thumbnail

With AI photo editing getting easy and convincing, the world isn’t prepared for an era where photographs aren’t to be trusted.

theverge EN 2024 photo-editing AI fake trust images
Security Advisory CVE-2024-40766 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015
22/08/2024 23:34:35
QRCode
archive.org

An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash.

This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.

sonicwall EN 2024 Advisory CVE-2024-40766
Un mail frauduleux signé par Swisscom est en circulation https://www.blick.ch/fr/news/suisse/attention-aux-arnaques-un-mail-frauduleux-signe-par-swisscom-est-en-circulation-id20064138.html
22/08/2024 23:34:28
QRCode
archive.org

Les escrocs par hameçonnage sont de plus en plus sophistiqués. Actuellement, des e-mails circulent au nom de Swisscom, promettant des remboursements de factures trop élevées.

blick FR CH 2024 escrocs hameçonnage Swisscom Suisse
Les CFF ont du mal à se débarrasser d'un logiciel russe https://www.blick.ch/fr/news/suisse/par-manque-dexperience-les-cff-ont-du-mal-a-se-debarrasser-dun-logiciel-russe-id20061241.html
22/08/2024 23:32:50
QRCode
archive.org

Après que la Confédération a mis en garde contre les cyberattaques, les CFF ont décidé de remplacer leur logiciel russe Infotrans. Plus facile à dire qu'à faire: la Suisse manque de compétences pour développer son système et cela est très coûteux.

blick FR CH CFF Russie 2024 Infotrans logiciel russe
SolarWinds Trust Center Security Advisories | CVE-2024-28987 https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28987
22/08/2024 20:48:11
QRCode
archive.org

The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data.

solarwinds EN 2024 CVE-2024-28987 hardcoded credential Advisorie WHD WebHelpDesk
Windows 0-day was exploited by North Korea to install advanced rootkit https://arstechnica.com/security/2024/08/windows-0-day-was-exploited-by-north-korea-to-install-advanced-rootkit/
21/08/2024 21:01:00
QRCode
archive.org
thumbnail

FudModule rootkit burrows deep into Windows, where it can bypass key security defenses.

arstechnica EN 2024 FudModule rootkit Lazarus rootkit CVE-2024-38193,
page 28 / 76
4533 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio