Recherche : [EN] - Cyberveille

He Investigates the Internet’s Most Vicious Hackers—From a Secret Location https://www.wsj.com/tech/cybersecurity/hacking-brian-krebs-snowflake-waifu-49b87fce?st=9G8m8W&reflink=desktopwebshare_permalink

13/12/2024 23:59:56

In the increasingly dangerous world of cybercrime, Brian Krebs faces threats, manipulation and the odd chess challenge

NodeLoader Used to Deliver Malware https://www.zscaler.com/blogs/security-research/nodeloader-exposed-node-js-malware-evading-detection

13/12/2024 18:13:49

A technical analysis of how a malware campaign using a game cheat lure leverages Node.js to distribute XMRig, Lumma and Phemedrone Stealer.

Citrix Denial of Service: Analysis of CVE-2024-8534 https://www.assetnote.io/resources/research/citrix-denial-of-service-analysis-of-cve-2024-8534

13/12/2024 08:28:16

An analysis of CVE-2024-8534, a memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway.

Threat Actors Push ClickFix Fake Browser Updates Using Stolen Credentials https://www.godaddy.com/resources/news/threat-actors-push-clickfix-fake-browser-updates-using-stolen-credentials

12/12/2024 12:02:49

ClickFix fake browser updates are being distributed by bogus WordPress plugins. Learn about the common indicators of compromise.

Unveiling Dark Internet Service Providers: Bulletproof Hosting | by team | Dec, 2024 | Medium https://medium.com/@knownsec404team/unveiling-dark-internet-service-providers-bulletproof-hosting-243ddb2b787d

11/12/2024 11:06:24

Bulletproof hosting services provide the infrastructure for cybercriminal activities, enabling criminals to evade legal constraints and are often used for malware, hacking attacks, fraudulent…

NATO to launch new cyber center by 2028: Official https://breakingdefense.com/2024/12/nato-to-launch-new-cyber-center-by-2028-official/

11/12/2024 11:05:55

The center, called the NATO Integrated Cyber Defense Center, will have multiple locations, but will be headquartered in Mons, Belgium.

'Operation Digital Eye' Attack Targets European IT Orgs https://www.darkreading.com/cyberattacks-data-breaches/operation-digital-eye-attack-targets-european-it-orgs

10/12/2024 12:16:03

A Chinese threat actor infiltrated several IT and security companies in a bring-your-own VS code, with an eye to carrying out a supply-chain-based espionage attack.

Compromising OpenWrt Supply Chain via Truncated SHA-256 Collision and Command Injection - Flatt Security Research https://flatt.tech/research/posts/compromising-openwrt-supply-chain-sha256-collision/

10/12/2024 10:31:54

In this article, I explained how I could compromise the sysupgrade.openwrt.org service by exploiting the command injection and the SHA-256 collision.
As I never found the hash collision attack in a real-world application, I was surprised that I could successfully exploit it by brute-forcing hashes.

Fraudulent shopping sites tied to cybercrime marketplace taken offline https://www.europol.europa.eu/media-press/newsroom/news/fraudulent-shopping-sites-tied-to-cybercrime-marketplace-taken-offline

10/12/2024 09:00:53

The investigation began in the autumn of 2022, following reports of fraudulent phone calls in which scammers impersonated bank employees to extract sensitive information, such as addresses and security answers, from victims. The stolen data was traced back to a specialised online marketplace that operated as a central hub for the trade of illegally obtained information.A central hub for cyber...

On These Apps, the Dark Promise of Mothers Sexually Abusing Children https://www.nytimes.com/2024/12/07/us/child-abuse-apple-google-apps.html

09/12/2024 20:49:11

Smartphone apps downloaded from Apple and Google can allow parents and other abusers to connect with pedophiles who pay to watch — and direct — criminal behavior.

BrazenBamboo Weaponizes FortiClient Vulnerability to Steal VPN Credentials via DEEPDATA https://www.volexity.com/blog/2024/11/15/brazenbamboo-weaponizes-forticlient-vulnerability-to-steal-vpn-credentials-via-deepdata/

09/12/2024 18:54:45

What a new threat report says about Mac malware in 2024 https://appleinsider.com/articles/24/12/04/what-a-new-threat-report-says-about-mac-malware-in-2024

09/12/2024 14:02:09

Apple's macOS has been under siege in 2024 as malware-as-a-service platforms and AI-driven threats make the year a turning point for Mac security.

Moonlock's 2024 macOS threat report https://moonlock.com/moonlock-2024-macos-threat-report

09/12/2024 14:00:04

A deep dive into macOS malware this year.

Why Phishers Love New TLDs Like .shop, .top and .xyz https://krebsonsecurity.com/2024/12/why-phishers-love-new-tlds-like-shop-top-and-xyz/

09/12/2024 13:54:53

Phishing attacks increased nearly 40 percent in the year ending August 2024, with much of that growth concentrated at a small number of new generic top-level domains (gTLDs) -- such as .shop, .top, .xyz -- that attract scammers with rock-bottom…

Zero-Day: How Attackers Use Corrupted Files to Bypass Detection https://any.run/cybersecurity-blog/corrupted-files-attack/

09/12/2024 12:13:02

See technical analysis of a zero-day attack that uses corrupted malicious files to bypass detection by advanced security systems.

Unidentified Threat Actor Utilizes Android Malware to Target High-Value Assets in South Asia https://www.cyfirma.com/research/unidentified-threat-actor-utilizes-android-malware-to-target-high-value-assets-in-south-asia/

09/12/2024 11:43:26

The team at CYFIRMA analyzed a malicious Android sample designed to target high-value assets in Southern Asia. This sample, attributed to an unknown threat actor, was generated using the Spynote Remote Administration Tool. While the specifics of the targeted asset remain confidential, it is likely that such a target would attract the interest of APT groups. However, we are restricted from disclosing further details about the actual target and its specific region. For a comprehensive analysis, please refer to the detailed report