Recherche : [EN] - Cyberveille

‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections https://www.wired.com/story/amd-chip-sinkclose-flaw/

09/08/2024 14:36:10

Researchers warn that a bug in AMD’s chips would allow attackers to root into some of the most privileged portions of a computer—and that it has persisted in the company’s processors for decades.

From Limited file read to full access on Jenkins (CVE-2024-23897) https://xphantom.nl/posts/crypto-attack-jenkins/

09/08/2024 14:30:26

As a red teamer, you encountered a Jenkins instance that is vulnerable to CVE-2024-23897, which allowed for limited arbitrary file read. Without credentials and with the /script endpoint inaccessible, you sought to leverage this vulnerability by revealing Hudson to decypt the credentials.

How Hackers Extracted the ‘Keys to the Kingdom’ to Clone HID Keycards https://www.wired.com/story/hid-keycard-authentication-key-vulnerability/

09/08/2024 13:13:45

A team of researchers have developed a method for extracting authentication keys out of HID encoders, which could allow hackers to clone the types of keycards used to secure offices and other areas worldwide.

ICANN approves use of .internal domain for your network https://www.theregister.com/2024/08/08/dot_internal_ratified/

09/08/2024 11:06:24

Vint Cerf revealed Google already uses the string, as do plenty of others

Treasury Sanctions Leader and Primary Member of the Cyber Army of Russia Reborn | U.S. Department of the Treasury https://home.treasury.gov/news/press-releases/jy2473

08/08/2024 13:31:12

The United States exposes the identity of and imposes sanctions on two members of the Russian government-aligned hacktivist group.WASHINGTON — Today, the United States designated Yuliya Vladimirovna Pankratova (Pankratova) and Denis Olegovich Degtyarenko (Degtyarenko), two members of the Russian hacktivist group Cyber Army of Russia Reborn (CARR) for their roles in cyber operations against U.S. critical infrastructure

Akamai Blocked 419 TB of Malicious Traffic in a 24-Hour DDoS Attack https://www.akamai.com/blog/security/akamai-blocked-419-tb-of-malicious-traffic

08/08/2024 10:49:45

On July 15, 2024, Akamai prevented one of the largest distributed denial-of-service (DDoS) cyberattacks it has ever observed against a major financial services company in Israel.

The highly sophisticated, high-volume attack lasted almost 24 hours.

The attacker deployed larger-than-usual resources, indicating a serious risk for future attacks.

Other Israeli financial institutions reportedly suffered outages and downtimes on the same day, potentially due to the same type of attack and the same aggressor.

WhatsUp Gold Pre-Auth RCE GetFileWithoutZip Primitive https://summoning.team/blog/progress-whatsup-gold-rce-cve-2024-4885/?ref=x

08/08/2024 10:36:39

I discovered an unauthenticated path traversal against the latest version of progress whatsup gold and turned it into a pre-auth RCE, following is how I did it, this is the story of CVE-2024-4885

Jenkins Security Advisory 2024-08-07 CVE-2024-43044 CVE-2024-43045 https://www.jenkins.io/security/advisory/2024-08-07/#jenkins-security-advisory-2024-08-07

08/08/2024 10:13:13

Jenkins – an open source automation server which enables developers around the world to reliably build, test, and deploy their software

Windows Update Flaws Allow Undetectable Downgrade Attacks https://www.securityweek.com/safebreach-sounds-alarm-on-windows-update-flaws-allowing-undetectable-downgrade-attacks/

08/08/2024 10:07:49

Researcher showcases hack against Microsoft Windows Update architecture, turning fixed vulnerabilities into zero-days.

Open letter to UK online service providers https://www.ofcom.org.uk/topic-and-subtopics/online-safety/illegal-and-harmful-content/news-and-updates/open-letter-to-uk-online-service-providers/

08/08/2024 06:49:29

Today we've published an open letter to online service providers operating in the UK about the increased risk of their platforms being used to stir up hatred, provoke violence and commit other offences under UK law, in the context of recent acts of violence in the UK.

INTERPOL recovers over $40 million stolen in a BEC attack https://www.bleepingcomputer.com/news/security/interpol-recovers-over-40-million-stolen-in-a-bec-attack/?ref=metacurity.com

07/08/2024 21:56:01

A global stop-payment mechanism created by INTERPOL successfully recovered over $40 million stolen in a BEC attack on a company in Singapore.

Major Payment Disruption: Ransomware Strikes Indian Banking Infrastructure https://www.cloudsek.com/blog/major-payment-disruption-ransomware-strikes-indian-banking-infrastructure

07/08/2024 10:56:43

CloudSEK's threat research team has uncovered a ransomware attack disrupting India's banking system, targeting banks and payment providers. Initiated through a misconfigured Jenkins server at Brontoo Technology Solutions, the attack is linked to the RansomEXX group.

Critical Vulnerability in Apache OFBiz Requires Immediate Patching - Infosecurity Magazine https://www.infosecurity-magazine.com/news/fla-apache-ofbiz-requires-patching/?ref=metacurity.com

07/08/2024 10:18:18

SonicWall discovered the Apache OFBiz flaw, identifying it as a critical issue enabling unauthenticated remote code execution

CrowdStrike says it isn't to blame for Delta's flight cancellations after July outage https://www.cnbc.com/2024/08/05/crowdstrike-says-it-isnt-to-blame-for-deltas-flight-cancellations-after-outage.html?ref=news.risky.biz

07/08/2024 10:16:57

Delta CEO Ed Bastian said the company plans to seek compensation from Microsoft and CrowdStrike.

Security Incident | August 2024 https://www.mobileguardian.com/security-incident-august-2024/

07/08/2024 09:03:00

Mobile Guardian experienced a security incident that involved unauthorized access to the iOS and ChromeOS devices enrolled to the Mobile Guardian platform on the 4th of August.

We have halted servers in order to prevent further disruption by the perpetrator.

This is not related to an error in configuration that occurred on the 30th of July which affected Mobile Guardian iPads on our Singapore instance only.

Hackers breached MDM firm Mobile Guardian and wiped thousands of devices https://securityaffairs.com/166710/hacking/mobile-guardian-firm-security-breach.html

07/08/2024 08:46:49

Threat actors breached the UK-based mobile device management (MDM) firm Mobile Guardian and remotely wiped thousands of devices.

Exploring Anti-Phishing Measures in Microsoft 365 https://certitude.consulting/blog/en/o365-anti-phishing-measures/

07/08/2024 07:28:47

In this post we will explore some of the anti-phishing measures employed by Microsoft 365 (formally Office 365) as well as their weaknesses. Certitude was able to identify an issue in that allows malicious actors to bypass anti-phishing measures.

Threat Actors Capitalize On ServiceNow Vulnerability https://cyble.com/blog/from-weaponization-to-victimization-fallout-from-the-servicenow-vulnerability/

06/08/2024 09:57:34

Cyble observes how Dark Web forums reveal ServiceNow users falling victim to a Remote Code Execution vulnerability, which exposes sensitive data & escalates risks across sectors.

Ransomware gang targets IT workers with new SharpRhino malware https://www.bleepingcomputer.com/news/security/hunters-international-ransomware-gang-targets-it-workers-with-new-sharprhino-malware/

06/08/2024 09:55:35

The Hunters International ransomware group is targeting IT workers with a new C# remote access trojan (RAT) called SharpRhino to breach corporate networks.

New Hunters International RAT identified by Quorum Cyber https://www.quorumcyber.com/insights/sharprhino-new-hunters-international-rat-identified-by-quorum-cyber/

06/08/2024 09:54:02

During a recent ransomware incident investigated by the Quorum Cyber Incident Response team, novel malware was identified previously unknown.

Liens par page

Filtres