Recherche : [2025] - Cyberveille

Hackers Claim Massive Breach of Location Data Giant, Threaten to Leak Data https://www.404media.co/hackers-claim-massive-breach-of-location-data-giant-threaten-to-leak-data/

09/01/2025 16:40:34

Gravy Analytics has been one of the most important companies in the location data industry for years, collating smartphone location data from around the world selling some to the U.S. government. Hackers say they stole a mountain of data.

Ivanti Connect Secure VPN Targeted in New Zero-Day Exploitation https://cloud.google.com/blog/topics/threat-intelligence/ivanti-connect-secure-vpn-zero-day/?hl=en

09/01/2025 08:50:08

Zero-day exploitation of Ivanti Connect Secure VPN vulnerabilities since as far back as December 2024.

On Wednesday, Jan. 8, 2025, Ivanti disclosed two vulnerabilities, CVE-2025-0282 and CVE-2025-0283, impacting Ivanti Connect Secure (“ICS”) VPN appliances. Mandiant has identified zero-day exploitation of CVE-2025-0282 in the wild beginning mid-December 2024. CVE-2025-0282 is an unauthenticated stack-based buffer overflow. Successful exploitation could result in unauthenticated remote code execution, leading to potential downstream compromise of a victim network.

CVE-2025-0282: Ivanti Connect Secure zero-day exploited in the wild | Rapid7 Blog https://www.rapid7.com/blog/post/2025/01/08/etr-cve-2025-0282-ivanti-connect-secure-zero-day-exploited-in-the-wild/

09/01/2025 08:47:40

On Wednesday, January 8, 2025, Ivanti disclosed two CVEs affecting Ivanti Connect Secure, Policy Secure, and Neurons for ZTA gateways. CVE-2025-0282 is a stack-based buffer overflow vulnerability that allows remote, unauthenticated attackers to execute code on the target device. CVE-2025-0283 is a stack-based buffer overflow that allows local authenticated attackers to escalate privileges on the device.

"Ils nous ont contactés via une messagerie cryptée pour obtenir une rançon" : cette cyberattaque rend la vie impossible aux éleveurs https://france3-regions.francetvinfo.fr/nouvelle-aquitaine/haute-vienne/limoges/impossible-d-acceder-a-cette-page-cette-cyberattaque-qui-rend-la-vie-impossible-aux-eleveurs-du-sud-ouest-depuis-la-mi-decembre-3085180.html

08/01/2025 16:17:28

Alors que plusieurs sites internet de collectivités sont victimes de piratages en France, le secteur agricole est, lui aussi, touché. Depuis la nuit du 14 au 15 décembre, la plateforme en ligne permettant l'identification...

Casio says hackers stole personal data of 8,500 people during October ransomware attack https://techcrunch.com/2025/01/08/casio-says-hackers-stole-personal-data-of-8500-people-during-october-ransomware-attack/

08/01/2025 12:29:13

The Japanese electronics giant says it did not negotiate with the hackers responsible for the attack.

PowerSchool hack exposes student, teacher data from K-12 districts https://www.bleepingcomputer.com/news/security/powerschool-hack-exposes-student-teacher-data-from-k-12-districts/

08/01/2025 09:48:28

Education software giant PowerSchool has confirmed it suffered a cybersecurity incident that allowed a threat actor to steal the personal information of students and teachers from school districts using its PowerSchool SIS platform.

Hackers reportedly compromise Argentina’s airport security payroll system | The Record from Recorded Future News https://therecord.media/hackers-target-airport-security-payroll

07/01/2025 09:08:45

The hackers gained access to the airport security police's payroll records and deducted small amounts from employee salaries.

Chinese hackers also breached Charter and Windstream networks https://www.bleepingcomputer.com/news/security/charter-and-windstream-among-nine-us-telecoms-hacked-by-china/

07/01/2025 09:00:30

More U.S. companies have been added to the list of telecommunications firms hacked in a wave of breaches by a Chinese state-backed threat group tracked as Salt Typhoon.

How Chinese Hackers Graduated From Clumsy Corporate Thieves to Military Weapons https://www.wsj.com/tech/cybersecurity/typhoon-china-hackers-military-weapons-97d4ef95?st=gqqybq&reflink=desktopwebshare_permalink

06/01/2025 06:39:48

Massive ‘Typhoon’ cyberattacks on U.S. infrastructure and telecoms sought to lay groundwork for potential conflict with Beijing, as intruders gathered data and got in position to impede response and sow chaos

Rhode Island warns of cybercriminals leaking stolen state files as Deloitte works to restore system https://therecord.media/rhode-island-data-breach-deloitte

04/01/2025 12:14:37

Rhode Island officials said they're still analyzing the impact of a ransomware gang's breach of state health and social services systems. Some are still down.

US sanctions Chinese cyber firm linked to Flax Typhoon hacks | TechCrunch https://techcrunch.com/2025/01/03/us-sanctions-chinese-cyber-firm-linked-to-flax-typhoon-hacks/

04/01/2025 10:44:34

U.S. officials say the sanctioned Chinese firm provided botnet infrastructure for the China-backed hacking group Flax Typhoon

Finnish police detain Russian 'ghost fleet' ship crew as cable damage probe continues https://www.euronews.com/my-europe/2025/01/03/police-in-finland-say-eagle-s-crew-detained-as-estlink-2-cable-damage-probe-continues

03/01/2025 12:19:47

The Eagle S is suspected of damaging the Estlink-2 power cable which runs under the Baltic Sea between Finland and Estonia by dragging its anchor along the seabed on Christmas Day.

Police in Finland say the crew of a Russia-linked tanker suspected of damaging a power cable under the Baltic Sea have been detained indefinitely.

The Eagle S crew consists of 24 people with Finland’s Central Criminal Police imposing movement restrictions on eight.

Liens par page

Filtres