InvisiMole has been collaborating with the Gamaredon APT for years.
A search online lead me to a discovery I didn’t think was possible nowadays. I realized almost immediately that critical security issues were probably involved. I found that out of the many tens of thousands of gas stations the company claimed to have installed their product in, 1,000 are remotely hackable.
When code with millions of downloads nukes user files, bad things can happen.
La bibliothèque de chiffrement web open source OpenSSL est affectée par une vulnérabilité pouvant servir à des attaques par déni de service. Les versions 1.0.2, 1.1.1 et 3.0 doivent être mises à jour dès que possible.
In what's an act of deliberate sabotage, the developer behind the popular "node-ipc" NPM package shipped a new tampered version to condemn Russia's invasion of Ukraine, raising concerns about security in the open-source and the software supply chain.
Lors d’une conférence de presse, un responsable ukrainien a, pour la première fois, donné des détails sur les conséquences de cette cyberattaque.
At the start of 2022, CrowdStrike Intelligence and CrowdStrike Services investigated an incident in which PROPHET SPIDER exploited CVE-2021-22941 — a remote code execution (RCE) vulnerability impacting Citrix ShareFile Storage Zones Controller — to compromise a Microsoft Internet Information Services (IIS) web server. The adversary exploited the vulnerability to deploy a webshell that enabled the downloading of additional tools. This incident highlights how PROPHET SPIDER continues to evolve their tradecraft while continuing to exploit known web-server vulnerabilities.
Interview | La Suisse doit s'attendre à des cyberattaques après les sanctions contre la Russie. Seot questions à Solange Ghernaouti, experte en cybersécurité.
We recently came across a stealer, called Raccoon Stealer, a name given to it by its author. Raccoon Stealer uses the Telegram infrastructure to store and update actual C&C addresses. Raccoon Stealer is a password stealer capable of stealing not just passwords, but various types of data, including: Cookies, saved logins and forms data from […]
It is unclear what type of “Cyber Security Incident” Ubisoft suffered but on Telegram LAPSUS$ hacking group responded to the news with smirking face emoji suggesting their alleged involvement.
Western intelligence agencies are investigating a cyberattack by unidentified hackers that disrupted broadband satellite internet access in Ukraine coinciding with Russia's invasion, according to three people with direct knowledge of the incident.
Vulnerabilities found in widely-used Uninterruptible Power Supplies could allow attackers to bypass security features and remotely take over or damage critical industrial, medical, and enterprise devices
They’re accused of colluding to carve up the advertising market between them
On the Effectiveness of Hardware Mitigations Against Cross-Privilege Spectre-v2 Attacks
BHI (or Spectre-BHB) is a revival of cross-privilege Spectre-v2 attacks on modern systems deploying in-hardware defenses. And we have a very neat end-to-end exploit leaking arbitrary kernel memory on modern Intel CPUs to prove it (PoC||GTFO right?).
The Danish data protection authority ('Datatilsynet') announced, on 9 March 2022, that it had published a new guide on the use of cloud services, as well as a short overview of frequently asked questions ('FAQs'). In particular, the Datatilsynet stated that the new guide is targeted at data controllers and notes the considerations which data controllers must keep in mind when using a cloud service, including an outline of the pitfalls, opportunities, and obligations that arise when using such technologies.
Document PDF
Cisco Talos has observed new cyber attacks targeting Turkey and other Asian countries we believe with high confidence are from groups operating under the MuddyWater umbrella of APT groups. U.S. Cyber Command recently connected MuddyWater to Iran's Ministry of Intelligence and Security (MOIS).
Des milliers de particuliers et d’entreprises européennes sont sans connexion depuis le 24 février. De plus en plus d’éléments pointent vers le sabotage d’un satellite, en lien avec le conflit ukrainien.
Geneva is a genetic algorithm that automatically learns how to evade nation state censors.
A new reflection/amplification distributed denial of service (DDoS) vector with a record-breaking potential amplification ratio of 4,294,967,296:1 has been abused by attackers in the wild to launch multiple high-impact DDoS attacks.
New method also stretches out DDoS durations to 14 hours.
